Recently, Microsoft published a fascinating blog post. In the blog post, they said they were experimenting with “novel approaches” when it comes to harnessing the power of AI to spot threats on the threat landscape before they become a problem.

In particular, the company is focused on stopping ransomware attacks while they’re still in their earliest stages.

To get even more fine-grained than that, they are specifically targeting human-operated ransomware campaigns. They note that there are certain indicators in common where human-operated ransomware campaigns are concerned, and these commonalities can be used to stop future attacks.

The example that Microsoft gives in their blog post is that of a hacker who has stolen the network credentials of a company.  They will first log in to test those credentials, and once inside, will almost certainly move about inside the network in ways that the proper owner of those credentials would not.

This creates specific data points that the AI can be on the alert for.

Broadly speaking, these fall into three categories:  Time based, Graph based, and device-based.

An example of a time-based data point would be if the hacker logged in to test the credentials at 3:00 in the morning and the owner of those credentials historically logs in at 8am.

Graph-based patterns are the graphical representation of physical moves across a network space, plotted against expected moves.

And device-based data points are exactly what they sound like.  The AI would expect that the owner of the stolen credentials would log in from his or her workstation and not a laptop hidden behind layers of proxies, which is suspicious in and of itself.

It’s a great idea, though Microsoft is quick to point out that it is still very much in its infancy.  Even so, it’s easy to see how this could become an indispensable tool.

Related Posts - TKS Blog

TKS Newsletter - 2024 December
Here's our December 2024 Newsletter Read the full PDF version here: The TKS Sentinel - December Issue In this month's edition, we discuss: Ransomware Threats PDF Hijacking ...
Read more
voice technology options
Harnessing the Power of Voice Technology
Voice technology is quickly becoming one of the most valuable tools for businesses seeking to improve customer interactions, streamline operations, and cut costs. With...
Read more
TKS Newsletter - 2024 November
Here's our November 2024 Newsletter Read the full PDF version here: The TKS Sentinel - November Issue In this month's edition, we discuss: Dark Web/Work Laptop ActiveX Controls ...
Read more
tips for troubleshooting computer issues
6 Tips To Troubleshoot Network Issues
Identifying The Source - Fast A business network is the lifeblood of operations. The digital artery pumps data through your organization. It enables everything from email...
Read more

Used with permission from Article Aggregator