Tue, May 02, 2017 - Page 9 News List

Cybersecurity: The coffee machine might be watching you

Artificial intelligence and machine learning can identify threats to an organization — but at the cost of employees’ privacy and whistle-blowers

By Max Opray  /  The Guardian

Illustration: Yusha

Troubled by something deeply unethical going on at work? Or maybe you are plotting to leak sensitive information on the company that just sacked you? Either way, you best think twice before making your next move because an all-seeing artificial intelligence (AI) might just be analyzing every e-mail you send, every file you upload, every room you scan into — even your coffee routine.

The latest wave of cyberdefense technology employs machine learning to monitor use of the ever-expanding number of smart household objects connected to the Internet of Things — shutting down hackers before they have broken into corporate databases or whistle-blowers before they have forwarded information to the media.

One of the leading proponents is cyberdefense company Darktrace, founded in 2013 by former British intelligence officers in Cambridge and today featuring 370 employees in 23 offices globally. The company is targeting growth in the Asia-Pacific region, where regional head Sanjay Aurora is promoting Darktrace’s Enterprise Immune System at the CeBIT Australia conference in Sydney on May 23.

In an interview ahead of the conference, Aurora told the Guardian that the Internet of Things, the interconnected everyday devices such as the smart refrigerator, offers more vulnerabilities to be hacked than ever before — but also more ways to scan for threats.

“In newspapers there is not a single day where we don’t read about an organization being breached,” he said. “At a time when even coffee machines have IP [Internet protocol] addresses, many people in security teams don’t so much as have visibility of the network.”

Where cybersecurity normally functions as a barrier to keep out previously identified threats, Aurora said Darktrace technology behaves more like a human immune system.

“Once you understand the devices and people, once you notice subtle changes within the network, you establish a pattern of life, and whether it is lateral movement or unusual activity — maybe an employee using a device they don’t normally use, or a fingerprint scanner acting unusually — the immune system notices and takes action, detecting these things in network before they become a headline,” he said.

Darktrace’s package includes a 3D topographical real-time “threat visualizer” that monitors everyday network activity and the responsive Antigena system, which can decide for itself to slow systems down to give security personnel time to stop a potential breach, cut off network access to particular individuals, or mark specific e-mails for further investigation.

“Let’s say an employee is made redundant and becomes a potential information threat, the machine will intelligently determine what is the problem, assess the mathematical threat and then decide what action is to be taken,” Aurora said.

Darktrace says its Enterprise Immune System has reported more than 30,000 serious cyberincidents in more than 2,000 deployments across the world, offering examples such as an employee who was disgruntled about their company’s Brexit plans and was caught before the person could leak the information.


Another case was put forward by Darktrace cofounder Poppy Gustafsson at the TechCrunch Disrupt conference in London last year.

Gustafsson cited the case of attackers sending a truck into the warehouse of a luxury goods manufacturer after uploading their fingerprints to the company’s system to bypass the biometric scanners.

This story has been viewed 4304 times.

Comments will be moderated. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned.

TOP top