There can be no doubt, artificial intelligence (AI) helps defend government and business systems from cyberattacks, but conversely, AI systems can be used to augment attacks against government and corporate, even SMB systems. For TechRepublic and ZDNet, I'm Dan Patterson and it's a pleasure today to speak with Mark Gazit, the CEO of ThetaRay. Mark, thanks a lot for your time today.
One of the biggest targets for cybercriminals, and cybercriminals deploying AI solutions, is the financial service industries. I wonder if you could help us understand how financial crime is being transformed by technology and artificial intelligence.
Gazit: Sure. So Dan, thank you very much for inviting me and I have to say it's an exciting topic, but also a bit dangerous for us as human beings and you're absolutely right, the world of financial crime has changed. And let's start with the fact that people today will not come to a branch of the bank and trying to shoot in there anymore. They can, it probably happens in Hollywood movies, but it's not very effective. Today it's much more convenient to establish a service somewhere outside the United States and to make an automatic AI-based program run on the server that will hack into bank accounts and will half a dollar from a bank account. Nobody will complain, especially if you call it I-tune transaction or stock transaction, and then you use it automatically, you do it 20 or 30 million times in a row, so in one month 20 to 30 million dollars goes to somebody else's bank account, and then it just disconnect the link, disappear, and a bank will maybe discover it after one year.
And this is just one example of the new breed of cybercrime. Another one is allegedly North Korea used to steal 81 million dollars from the bank of Bangladesh using SWIFT Network. Again, using what they call advanced persistent attack or in other words, a machine that will use some sort of not very sophisticated AI that will try again and again and again and then until it will find a bridge, hack into this bridge, and steal money.
Patterson: That, the point you just made, particularly about attacks against the SWIFT Network is perhaps not widely known, but the SWIFT Network is an incredibly important communications channel within financial institutions. Can you explain a little bit about how that works and the vulnerabilities involved?
Gazit: Absolutely and it is one example of the fact that the financial network is vulnerable, and then later on I can tell you how we solve this problem, but think about the fact that there are many banks in the world that not necessarily know how to speak with each other. Sometimes there's different languages, different currencies, they don't know about accounts. So there is one that they call correspondent banking network that connects all the banks, so basically, when you transfer money from one bank to another, especially international transfers, the money doesn't go straight from your bank to somebody else's bank in Saudi Arabia or Israel or some other place.
It goes through the network called SWIFT Network, which on one hand is a very convenient solution, it's like a moderator, that allows everybody to connect with each other, but on the other hand this solution was developed before the internet existed. And today, when everything is connected, when everything is accessible by digital means, when everything is a cyberworld, this network and the fact that all the banks are connected became a huge vulnerability.
Patterson: How are attacks becoming more sophisticated? You mentioned a moment ago attack can target consumers and maybe swipe some money from their bank account, but what about the attacks targeting banks or corporate banking on a larger scale, how are these becoming more sophisticated and harder to prevent?
Gazit: So first of all, let's look at the banks and let's look at the detection solutions that they currently have. They're all based on rules or ongoing expertise. And banks developed a lot of solutions to identify suspicious transactions. Just as an example. But it's all based on the experience bankers have with fighting with normal type of crime. For example when we talk about money laundering, which is a type of fraud that not only allows bad guys to steal money, but to use this money for things like human trafficking or financing terror. So historically, it was clear, there was a rule that if somebody comes with a suitcase full of cash of one million dollars, somebody has to report about it.
But even in that case the world has changed totally, let me give you one example that we discovered with one of our customers. Very large international bank. The way in that case money was laundered is they took 250 accounts and they transfer money to those accounts, and then put a computer running artificial intelligence powered software that started to move money between the accounts. Sometimes they were calling it "present to my dad" or "tuition for my son" or "buying a car" and it's like a huge washing machine that was washing the money inside the bank, all done automatically. And then when they started to move money out of the bank, nobody could identify what was the true source of those transactions and it's only possible because everything is connected. Those servers were not in the United States, they actually were outside of the United States connected to those accounts and so this is one example how existing solutions couldn't identify it.
SEE: Infographic: Almost half of companies say cybersecurity readiness has improved in the past year (Tech Pro Research)
Another one that is pretty common unfortunately, one of the most practical "ways to finance terror" is to make hundreds of thousands of people contribute only 100, 200, 300 euros. That happened in Europe. All the existing systems missed it, because it's a lot of micro transactions, but obviously then there were millions of dollars that were used to finance terrorist acts and last but not least, which people don't really realize and I think we can make another ... An entire hour discussing it is ATM networks. You know, people think about ATM as some sort of financial device, but actually it's IoT, Internet of Things device. Same as connected camera, or connected thermostat. With one difference, if hackers hack into the ATM, they can steal real money. When they hack into a thermostat, maybe they can change the temperature in your house, which is not very interesting for criminals.
And what they found is a way to hack into the ATM, bypass the computer and send signals straight to the motor. It's called dispenser. And also shadow on the camera. And then imagine that you sit somewhere outside the United States. Each time you press a button, a note comes out of the ATM somewhere in Broadway, sounds like science fiction, or one billion dollars allegedly have been stolen this way. So just another example how cybersecurity used to steal real money.
Patterson: And cybercriminals are moving as fast or faster than law enforcement can and companies can become wise to how these types of schemes work with machine learning and artificial intelligence it only increases the speed and abilities of cyberattacks. So Mark, I wonder if you could leave us with some advice and ideas about how financial institutions can defend against sophisticated machine learning based cyberattacks?
Gazit: So lucky for all of us there are solutions and the same ways hackers or bad guys can utilize artificial intelligence and you're right, they move faster, they don't have issues with integration, they don't have issues with financing and they don't have to follow any rules, but on the other hand, there are more good guys. And artificial intelligence is used to defend financial institutions as well. For example our own solution is based on what you call unsupervised or intuitive AI, it will basically look constantly at all the transactions that are happening in the bank and like human being will try to understand what's normal, what's legal, and what's not. And then with very high precision will identify those transactions that are suspicious and notify bankers very fast.
Now this is something that we as human beings cannot do, but luckily for us, artificial intelligence allows us to build those digital guards that will allow us to guard ourselves against those attacks. Not all the banks understand the problem, but I have to say that each and every bank that was hit with some sort of cyberattack, stealing real money, definitely understands the need of the artificial intelligence they deployed and luckily it's working very well.
- Machine learning: The smart person's guide (TechRepublic)
- How machine learning can be used to catch a hacker (TechRepublic)
- Cyberwar: A guide to the frightening future of online conflict (ZDNet)
- Research: Defenses, response plans, and greatest concerns about cybersecurity in an IoT and mobile world (Tech Pro Research)
- Cybersecurity in an IoT and Mobile World (ZDNet)
Dan Patterson has nothing to disclose. He does not hold investments in the technology companies he covers.
Dan is a Senior Writer for TechRepublic. He covers cybersecurity and the intersection of technology, politics and government.