How can machine learning prevent another malware attack?

By:Vandita Jadeja 2017-05-19

WannaCry, the malware which had a huge impact on 100 countries and across 10000 organizations may be in wane, but it is now time to gear up against such attacks. The hackers demanded money or a loss of data, the entire situation was eventually controlled, but it shows that the hackers are much ahead of the security experts across the Countries. The answer to avoiding another WannaCry lies in stepping up with the latest technology that can automate the functions of a quick detection of malware. 

WannaCry also goes by the names of WannaCrypt, WCrypt, WCRY, WannaDecrypt0r or WanaCrypt0r 2.0. It is a malware which is designed to prevent any access to the system until a particular sum of money is paid in the form of bitcoins. It spreads through the Server Message Block and takes advantage of the machines that support this protocol, but do not have the security patch from Microsoft. 
According to the system experts, ransomware could be downloaded when users visit compromised websites, some ransomware could be delivered as an attachment from the spammed emails, or downloaded through advertisements and from malicious pages. Once downloaded, it can either lock the screen of the computer or encrypt the files. The only problem with ransomware is that, even if the users pay the ransom, there is no such guarantee that they will be able to decrypt the files. It has been predicted that the global annual cyber crime costs will increase from $3 trillion in 2015 to $6 trillion by 2021. This includes all the costs related to cyber attacks and this problem will only increase when billions of devices are connected in the coming years. 
The most common form of malware detection is by looking for a Hashtag sign in a database. Another method is where a security expert looks for suspicious strings in the file. Usually, malware can be examined when the program is executed. The process of malware detection can be automated with machine learning. Machine learning allows systems to learn from the available set of data without having the same to be differently programmed. Machine learning can take the advantage of the existing data to determine the patterns and then make use of the patterns to adjust their actions. This could provide the key to detection of ransomware attacks before it spreads across systems. This could also provide an opportunity to the organization to prepare and react against the malware. Further, it should be noted that certain ransomware, like Cerber comes with an ability to avoid detection through the machine learning security solutions. For example, Cerber, has the ability to identify the environment it is running in and check for anti virus products and high end security solutions. 
In order to avoid malware like Cerber, a layered anti-malware approach should be followed, which will identify suspicious files and provide a strong safeguard against the type of malicious activities. Machine learning could help in the detection, but it is equally important to look for solutions that follow other approaches as well. 

Comments