'Lazy' Hacking: Attack Automation Continues to IncreaseBut No Signs Hackers Yet Have AI, Says Cybereason's Ross Rustici
Many security experts have been warning that one consequence of the rise of machine learning will be hackers gaining easier access to extremely automated and more intelligence types of attacks.
See Also: AI's Impact on SOC Maturity
Thankfully, says Ross Rustici, senior director for intelligence services at Cybereason, attackers don't appear to have yet gained full machine learning and artificial intelligence capabilities. But they are making much greater use of automation.
"We have seen rapid scripting and rapid evolution of the threat from a dwell-time perspective, and so we've been seeing bots that can do full exploitation of machines and lateral movement within under a minute, based on the scripting technique," Rustici says.
Many online attackers have long utilized automated capabilities, such as botnet-building toolkits or malware generation tools. Even so, the rise in automated takeover and lateral movement represents "the first time that we're really seeing the hackers get this lazy and this hands off to harvest as many machines as possible," Rustici says.
In a video interview at the recent Infosecurity Europe conference in London, Rustici discusses:
- The online threat landscape including increased automation;
- Changes in North Korean cyberattack tactics;
- The rise of machine learning and artificial intelligence and where its application makes the most sense.
Rustici is Senior Director for Intelligence Services at Cybereason. He previously worked for the U.S. Department of Defense as a technical lead, East Asia cyber lead and intrusion analyst, as a research analyst for the National Defense University and as a research assistant for Atlantic Council, among other roles.