The video conferencing equipment in a boardroom where high-level executives met had been infiltrated by hackers, but no one knew it.
The hackers were strategic, surreptitiously recording clips of audio and sending them to an external server in tiny files during office hours, so as not to be detected.
It could have been a disastrous breach for the company had it not been for a cyber security startup using artificial intelligence to recognize cyber vulnerabilities.
Darktrace, the U.K.-based startup that spotted the boardroom breach, is one of the many companies promising a unique way to tackle the issue of cyber security in our increasingly technological, and therefore vulnerable, world. (Darktrace would not name the company that had experienced the breach, only referring to it as an international sports manufacturer.)
According to the company, Darktrace applies artificial intelligence (AI) as a cyber defense in a way that legacy systems cannot, with the ability to detect attacks in their earliest stages. In the case of the breach in the sports manufacturer’s boardroom, Darktrace was able to spot that there was something abnormal happening, despite the leaks being such tiny files.
With more and more connected devices being added to company networks, it has become increasingly important to protect networks and spot vulnerabilities, says David Masson, Darktrace’s Canada manager.
“There are lots of vulnerabilities out there, but currently the biggest one we are facing is a lack of visibility on networks,” Masson said in an interview with Yahoo Finance Canada.
“With the Internet of Things, which in many ways has seen a massive explosion of vulnerabilities on networks on thousands and thousands of connected devices, it’s really important for organizations to know exactly what they have, where is it and how it’s working.”
In late September, Darktrace announced that it had raised $50 million in its latest funding round, bringing the company’s valuation to $1.65 billion. In the last 12 months, the company has opened eight new offices around the world and there are currently three offices in Canada: Ottawa, Toronto and Vancouver. One of the smallest companies Darktrace works with, according to Masson, is a New York-based hedge fund with five people and few devices while its largest clients is one of the world’s largest international banks that has hundreds of thousands of people and more devices on the network.
Cyber security is a rapidly growing industry, and one that is becoming more crucial as some of the world’s biggest companies grapple with high-profile breaches. Facebook has recently stepped up its efforts to acquire a major cyber security firm, according to a report from The Information, after 30 million users were affected by a recent hack.
According to a survey conducted by Statistics Canada on how cyber crime affected Canadian companies in 2017, businesses across the country spent $14 billion to prevent, detect and recover from cyber security-related incidents. Approximately $8 billion was spent on salaries for employees and contractors who worked on cyber security, $4 billion in cyber security software and another $2 billion on prevention and recovery. Last year, 21 per cent of the Canadian businesses surveyed reported that they were affected by a cyber security breach. Large businesses were twice as likely than small businesses to fall victim to a cyber attack.
Justin Fier, Darktrace’s director for cyber intelligence and analysis, says in many cases the culprit isn’t a nefarious third party trying to hack into a business.
“Employees breaking rules tend to be patient zero in a large portion of the highly publicized cyber breaches out there,” Fier said.
But still, he says the most significant vulnerability is a lack of knowledge about a company’s network.
“The biggest theme I see across pretty much every industry with every client I work with is a lack of visibility, because trying to apply legacy security approaches to today’s network doesn’t really work,” Fier said.
“In today’s day and age, the mandate of the security team is to protect everything with an IP address. Every stereo system, TV, thermostat, every connected devices.”
Using artificial intelligence can help companies track control systems without disrupting the network, and very little human effort, Fier says. It’s also critical to match the machine-level pace that hackers are using when they deploy attacks, Masson added.
“If you use AI, you put the advantage back into the hands of defenders because they can move at the same speed, find threats, and stop them in real time,” Masson said.
“This is about using AI to do the heavy lifting in terms of finding a threat and stopping it, and freeing up your human resources to actually concentrate on the things you need to do.”