It started when a senior manager of a local financial services firm opened a phishing email that looked legit.
The email contained specific and personal details, including his recent travel plans and meetings, and names of people he knew.
But after clicking on an attachment in the email, his computer was infected with malware that could have cost the company millions of dollars in financial losses and permanently sullied its reputation.
Luckily, however, he was saved by an artificial intelligence (AI) self-learning software that managed to stop the attack.
This is just one of the examples of how AI programs are being used to counter cyber attacks, as spooked businesses realising traditional security measures simply won’t cut it are buying these programs to defend themselves from hackers.
In the case of the Singapore firm, the AI used belonged to cybersecurity company Darktrace, and was a a self-learning algorithm developed by mathematicians that learns what typical usage patterns are for an organisation and automatically counters unusual activity.
Darktrace told Business Insider via a report that hackers had identified the senior manager before launching a “highly targeted and calculated” phishing email.
The attackers were based in South Korea, the company said.
When the senior manager clicked on an attachment in the email, the hackers gained access to his computer and used his access permissions to scan company systems.
Doing this, they found a device with outdated security software, and remotely took over administrative control. This would have allowed them to perform banking transactions, send out malicious emails to clients, and steal confidential information.
Fortunately, the AI detected the unusual network traffic – since it was being directed to the hackers’ command centre in South Korea – and stopped the malware before significant damage was done.
This year, the AI also saved other companies in finance and tech from massive data breaches, Darktrace said. This mostly involved stopping cyber-attacks that had slipped past regular security measures.
In once case, an office CCTV camera in a Japanese investment consultancy had been hacked – allowing hackers to view footage of sensitive market information discussed in the boardroom and the CEO’s office.
Another case involved hackers hijacking the computer of an employee in a Hong Kong-based company and using it to send out malicious emails to thousands of Russian email addresses, requesting for bank account details. This would have resulted in the company’s IP address getting shut down.
In many of these cases, hackers were thwarted because the robot could respond at “machine-speed” – giving security officers time to investigate and follow up.
“As we move into an era of machine-on-machine battles, autonomous response will be vital in averting a headline-grabbing crisis,” Darktrace said.
The company said that fast-moving attacks could damage businesses in seconds, while stealthy attacks could remain undiscovered for months or years – and the speed and volume of these attacks often left traditional cybersecurity approaches “overwhelmed”.