As the world is increasingly going digital and ransomware attacks are on the rise, it is now AI versus AI in the cybersecurity domain. It is machine versus machine – literally.

This was the clear message delivered by cybersecurity experts during the second day of the 6th CSIS Cybersecurity Innovation Series Conference in Dubai on Wednesday.

“Attackers are becoming smarter every day, using advanced technology and artificial intelligence (AI). We are using AI to self-secure ourselves, and cybercriminals are using AI to break into organisations’ systems. So, it is AI versus AI,” said Neeraj Sharma, Senior Product Manager, Enterprise Business Group, Huawei UAE.

“There is a big focus among cybercriminals on getting larger firms and infrastructure because the amount of ransom they expect is much higher, hence, they’re taking that risk. They target double extortion. They not only want to encrypt data but they also threaten to release data on the dark web.

Attackers are using social engineering like fake jobs. It is becoming interesting, so we have to be a couple of steps ahead of them,” Sharma said during the panel discussion on the topic of “Ransomware response: Lessons learned and best practices.”

He further elaborated that ransomware services are7 being used just like cloud service to attack firms.

“Ransomware as a service is like a model where criminals subscribe to a service. They don’t need to invest and might not have a technical understanding. They take it as a service and attack prospective organisations. He doesn’t need to learn and gets everything ready. The cryptocurrency, dark web and strong encryption make a triangle for attackers. That is scary. This is something we need to be careful about,” he said.

Earlier in the day, Dr Mohamed Al-Kuwaiti, Head of Cybersecurity, UAE Government, delivered a keynote speech where he also highlighted the threat posed by AI and ChatGPT to the public and private sector entities.

Akhtar Ali, Head of IT Section, Fujairah Natural Resources Corporation, added that the most common type of cyberattacks are file crypto ware, lock ransomware so that people will not be able to log into the system, and mobile ransomware, where they infect the device.

“We need to have comprehensive cybersecurity. Awareness is key, and if employees are not aware, then it is a matter of concern. All incoming and outgoing traffic should be monitored. Don’t give extra access to users, only what is required. Backup is also very important in case of ransomware attacks as it is the last line of defence against cyberattacks,” Ali said during the panel discussion.

Since ransomware has been continuously evolving and it is a challenge to prevent attacks, Zain Khan, Head of Information Security Compliance & Governance, Nawah Energy Company, called for multiple layers of protection against attacks.

Copyright © 2022 Khaleej Times. All Rights Reserved. Provided by SyndiGate Media Inc. (Syndigate.info).