Non-malware attacks are a bigger threat than malware attacks, according to a new report by Carbon Black. Polling more than 400 cybersecurity researchers, 93 per cent agreed that non-malware attacks are a huge issue. Almost two thirds (64 per cent) of respondents said they noticed an increase in non-malware attacks in the last year. They are leveraging native system tools to conduct nefarious actions.
The report also claims AI is currently in its ‘nascent stages’, and not yet capable of replacing humans in cybersecurity. Almost nine in ten (87 per cent) said it will take more than three years before they start trusting AI to lead cybersecurity decisions.
Three quarters (74 per cent) believe AI-driven solutions are still flawed, and 70 per cent are confident machine learning cybersecurity solutions can still be (easily – 30 per cent) bypassed by attackers.
“Based on how cybersecurity researchers perceive current AI-driven security solutions, cybersecurity is still very much a ‘human vs. human’ battle, even with the increased levels of automation seen on both the offensive and defensive sides of the battlefield,” said Carbon Black Co-founder and Chief Technology Officer, Michael Viscuso.
“And, the fault with machine learning exists in how much emphasis organisations may be placing on it and how they are using it. Static, analysis-based approaches relying exclusively on files have historically been popular, but they have not proven sufficient for reliably detecting new attacks. Rather, the most resilient ML approaches involve dynamic analysis - evaluating programmes based on the actions they take.”
Image source: Shutterstock/alexskopje