One of the most high-profile uses of AI this year occurred at the Olympic Games in Tokyo, when Darktrace AI identified a malicious Raspberry Pi IoT device that an intruder had planted into the office of a national sporting body directly involved in the Olympics. The solution detected the device port scanning nearby devices, blocked the connections, and supplied human analysts with insights into the scanning activity so they could investigate further.
“Darktrace was able to weed out that there was something new in the environment that was displaying interesting behavior,” Darktrace’s chief information security officer (CISO) Mike Beck said. Beck noted there was a distinct change in behavior in terms of the communication profiles that exist inside that environment.
When considering the amount of data the national body was processing in the run-up to the Olympics, it would have been impossible for a human analyst to spot such an attack at the same speed as the AI, Beck said.
“In 2021, and going forward, there is too much digital data. That is the raw reality,” Beck said. “You have to be using intelligent AI to find these attacks, and if you don’t, there’s going to be a long period of dwell time, and those attackers are going to have free rein.”