In the UK, all Internet of Things (IoT) and smart consumer devices will need to adhere to specific security requirements, under new government proposals.

The legislation aims is to help protect citizens and businesses from the threats posed by cybercriminals increasingly targeting Internet of Things devices.

By hacking IoT devices, cybercriminals can build an army of devices that can be used to conduct DDoS attacks to take down online services, while poorly secured IoT devices can also serve as an easy way for hackers to get into networks and other systems across a network.

The proposed measures from the Department for Culture, Media and Sport (DCMS) have been developed in conjunction with the UK's National Cyber Security Centre (NCSC) and come following a consultation period with information security experts, product manufacturers and retailers and others.

"Our new law will hold firms manufacturing and selling internet-connected devices to account and stop hackers threatening people's privacy and safety," said Matt Warman, minister for digital and broadband at DCMS.

They also follow on from the previously suggested voluntary best practice requirements. Still, the legislation would require that IoT devices sold in the UK must follow three particular rules to be allowed to sell products in the UK. They are:

• All consumer internet-connected device passwords must be unique and not resettable to any universal factory setting.
• Manufacturers of consumer IoT devices must provide a public point of contact so anyone can report a vulnerability, and it will be acted on promptly.
• Manufacturers of consumer IoT devices must explicitly state the minimum length of time for which the device will receive security updates at the point of sale, either in-store or online.

It is currently unclear how these rules will be enforced under any future law. While the government has said that its "ambition" is to introduce legislation in this area, and said this would be done "as soon as possible," there is no detail on when this would take place. A DCMS spokesperson said that the department would be working with retailers and manufacturers as the proposals move forward.

Many connected devices are shipped with simple, default passwordswhich in many cases can't be changed. At the same time, some IoT product manufacturers often lack a means of being contacted to report vulnerabilities – especially if that device is produced on the other side of the world.

In addition to this, it's been known for IoT products to stop receiving support from manufacturers suddenly, and by providing an exact length of time that devices will be supported will allow users to think about how secure the product will be in the long-term.

If products don't follow these rules, the new law proposes that these devices could potentially be banned from sale in the UK.

"Whilst the UK Government has previously encouraged industry to adopt a voluntary approach, it is now clear that decisive action is needed to ensure that strong cybersecurity is built into these products by design," said Warman.

"Our new law will hold firms manufacturing and selling internet-connected devices to account and stop hackers from threatening people's privacy and safety. It will mean robust security standards are built-in from the design stage and not bolted on as an afterthought," he added.

"Smart technology is increasingly central to the way we live our lives, so the development of this legislation to ensure that we are better protected is hugely welcomed," said Nicola Hudson, Policy and Communications Director at the NCSC.

"It will give shoppers increased peace of mind that the technology they are bringing into their homes is safe, and that issues such as pre-set passwords and sudden discontinuation of security updates are a thing of the past."
​
The UK isn't alone in attempting to secure the Internet of Things – ENISA, the European Union's cybersecurity agency, is also working towards legislation in this area. At the same time, the US government is also looking to regulate IoT to protect against cyber-attacks.

Cryptocurrency investors in the United States are receiving letters from the Internal Revenue Service (IRS) which are proposing backdated tax payments relating to the trade of virtual assets. 

As reported by Bloomberg, some traders are receiving notices asking for input on revised tax returns, based on estimates of profit generated by cryptocurrency-related activities.

The CP2000 notices have been sent in recent weeks, and while they do acknowledge mistakes in past tax returns might be due to cryptocurrency platforms and exchanges rather than individuals, they do signal a clampdown by the IRS on the burgeoning industry. 

In July, the IRS also sent warnings to investors to make them aware that tax may be owed on their trading activities. Some investors received demands for the disclosure of cryptocurrency trades between 2013 and 2017. 

An IRS spokesperson said that the latest batch of warning notices are sent to taxpayers when discrepancies between tax returns and information obtained from third parties are flagged. 

Aletter shared with CoinDesk estimates that an investor owes close to $4,000 in taxes and interest for potentially misreported cryptocurrency profits during the 2017 fiscal year. 

"We received information from third parties such as employers or financial institutions that doesn't match the information you reported on your tax return," the letter reads. 

Recipients can accept the changes and make any further payments required, or they can challenge the IRS' decision if they have supporting evidence. 

According to the IRS website, CP2000 receivers should respond within 30 days even if only to say they need more time. The notices are not straight bills or demands, but what the IRS calls "a proposal [that] informs you about the information we have received, and how it affects your tax."

The IRS won a landmark case against Coinbase in 2017 which forced the cryptocurrency exchange to hand over the records of 14,000 customers that purchased, sold, or obtained over $20,000 in cryptocurrency between 2013 and 2015.

The acquisition, though small, is the latest in Microsoft’s attempts to level up with Amazon. Over the last few years, the company has garnered individual partnerships with retailers, which has laid the groundwork for marketers to see it as a potential alternative to the Jeff Bezos behemoth. Still, Microsoft has a long way to go: Amazon has a substantial leg up on both advertising (which brought in $3 billion this past quarter) and cloud storage (which hit $8.38 billion in Q2 of this year). Adding PromoteHQ – which has clients that include Overstock.com, Office Depot, and Kohl’s – indicates that Microsoft is strategizing about how to expand and undercut the competition quietly.

Until now, Microsoft has had to face Google as its primary advertising competitor. The acquisition hints at Microsoft’s ambition to go beyond search. Bloomberg estimated search would bring in about $7.9 billion in annual revenue for the fiscal year 2019, a drop in the bucket compared to Google’s $120 billion in annual ad sales. Earlier this year, Microsoft announced it was changing its ads name from Bing Ads to Microsoft Ads, which also implied that it had grander horizons beyond mere web search, which Google will almost certainly always dominate. Indeed, the PromoteHQ purchase is a way for Microsoft to go beyond search in its quest to court retailers – effectively providing a platform so that brands with e-commerce sites can run ads on their own storefronts.

Microsoft over the last few years has become a quietly growing alternative to the ever-growing Amazon behemoth, something that retailers squeamish to do business with Amazon would welcome. Even though Amazon Web Services has about one-third of the cloud market share, retailers have been inking long-term contracts with competitors like Microsoft to try to chip away at the e-commerce giant’s bottom line. Kroger, for example, has signed significant agreements with both Microsoft Azure and Google Cloud. With that, the grocery chain announced that it was working with Microsoft to build out in-store technology – including a connected store experience and digital shelving that would serve shoppers personalized ads. Walmart too has reportedly told vendors it wants them to stop using AWS.

There are other examples too. Walgreens also signed a long-term deal with Microsoft, as have Walmart and Gap.

“What Microsoft has done well over the last three to five years,” said Ray Wang, principal analyst at Constellation Research, “is [work] with retailers.” But what it’s been very weak on, he said, is advertising. These incremental moves over the last few months – the Microsoft Ads rebrand, as well as acquisitions like PromoteHQ – are setting the groundwork to work with retailers on multiple fronts, including advertising. “Every retailer feels they have a gun to their head from Google, Amazon, and Facebook,” Wang said. “There’s a unique opportunity for Microsoft to be in this space.” Of course, other software giants working with large companies are likely trying to follow suit, such as Salesforce, Adobe, and Oracle,” Wang added.

All of these announcements are piecemeal, but they do add up to a more significant strategy. Retailers want to rely as little on Amazon as possible while growing their e-commerce businesses, and Microsoft has laid the groundwork to offer solutions that are direct alternatives. Meanwhile, as Microsoft continues to make individual long-term deals with big retail companies, it puts it in the position to have future clients as it increases its advertising and software offerings.
​
For retailers, forgoing Amazon could become an almost moral imperative. By doing business with them, said Wang, “you’re giving [Amazon] the ability to crush you.” Thus, if Microsoft were to continue to play to these fears – and focus on more retail-adjacent products like PromoteHQ – its business stands to grow even more.

A new security product has been launched, and it’s packed with features for a reasonable price. Authen2cateis a single-sign-on (SSO) and multi-factor authentication (MFA) service provider. Authen2cate provides a full-service, end-to-end solution that includes consulting services, implementation, integration, and ongoing maintenance and support.

Reduce Security Risk. The need for multi-factor authentication in today’s world is only becoming more and more apparent. According to The Password Exposefrom LastPass, the average employee is managing 191 passwords. Even a genius would sweat at the thought of remembering 191 unique, strong passwords from memory. This promotes the re-use of basic passwords and is a looming threat to every company. Remember, a simple eight-character alphanumeric password can be cracked in a matter of minutes.

As the internet and cloud solutions become an even more significant part of everyday life, especially in the workplace, ensuring identities can be properly authenticated and access is securely granted to only the right people, passwords alone are an outdated security measure. The National Institute of Standards and Technology (NIST)states that “MFA should be used wherever possible for any external access like VPN, Outlook Web Access or Citrix” and advised that many of the security issues they see today stem from passwords. Also, NIST recommended that businesses should incorporate Multi-Factor Authentication in their login policies, and that password management and policies are not “one-size-fits-all.” Authen2cate is designed to help with these issues. 

By implementing Authen2cate’s unified Identity and Access Management solution, users can prevent identity attacks and data compromise with an added layer of security. 

Meet Compliance Requirements. Security and privacy are essential topics in many industries: Healthcare, Government, IT, Education, and more. Most industry compliance guidelines and requirements from HIPAA, HITECH, PCI, FIPS, NIST, and others require or highly recommend added layers of security. By implementing Authen2cate’s Multi-Factor Authentication solutions, users can better prepare for audits and meet compliance standards to protect their organization.

Multi-Factor Authentication allows for added security to protect user logins and sensitive data. In today’s technical world, where everything is saved on a computer, in a server, or the cloud, it is more important than ever to protect personal information further. Should a username and password become compromised, MFA serves as a second layer of security preventing access to sensitive information.

Provisioning. One of the critical requirements of all compliance standards is not only creating access for a new user but also making sure that when a user leaves the organization, access is revoked. Authen2cate’s solution allows the administrator to seamlessly and automatically provision a new user by simply adding them to the application group in the directory. Applications like Office 365, Salesforce, Oracle, SAP, and many more take only a few minutes to deploy. When a user leaves the organization, delete them from the directory or remove them from the application group, and access is terminated for all applications they had previously been assigned.

Simple User Experience. Authen2cate's unified Identity and Access Management solution offers a seamless and straightforward experience for all users while adding another layer of security. How can Authen2cate make your life easier and more secure?

•   Single Sign-On Portal: Sign in once to your customized portal and get instant, secure access to all your apps in one central platform.

•   Mobile App: Three benefits all in one application. Implement Multi-Factor Authentication to add another layer of security to your applications. Securely reset your passwords straight from the app. And lastly, unlock your account if you completed too many failed login attempts.

Pricing. Authen2cate offers a 45-day free trial, and its subscription is $3/user/month with a minimum of 10 users.

Microsoft’s Windows 10 OS has been facing multiple problems in recent months. In the latest development, Microsoft has now released an important new Windows 10 warning to 800 million users. 

The company has identified a serious and long-running bug on its OS platform. The bug is more of a problem that was inadvertently introduced through design implementations. Microsoft has admitted to quietly switching off Registry backups in Windows 10. It has been observed that Registry backups would randomly show that backup operation has been completed despite no backup file being created. 

For users and businesses, Registry Backups are critical, as they are the last line of defense. If the Windows System Restore point fails, the registry backup is the only option for users. According to Microsoft, “Starting in Windows 10, version 1803, Windows no longer automatically backs up the system registry to the RegBack folder. If you browse to the WindowsSystem32configRegBack folder in Windows Explorer, you will still see each registry hive, but each file is 0kb in size.” 

Windows 10 1803 was released in October last year. While users flagged the issue to Microsoft, the company never admitted it. The disclosure comes just two months after Microsoft pledged to offer control, quality, and transparency to Windows 10 users. 

According to Microsoft, the company has done this to reduce the overall disk footprint size of Windows. The registry backup is usually 50 to 100 MB in size. To recover the system with a corrupt registry hive, Microsoft recommends using a system restore point. You can enable the period registry backup by manually editing the registry entry. 
​
Windows will back up the registry to the RegBack folder when the computer restarts. Windows stores the task information in the Scheduled Task Library in the Registry folder.

Microsoft and Oracle recently said they reached an agreement to make their two cloud computing services work together with high-speed links between their data centers, targeting significant business users and uniting against cloud computing leader Amazon Web Services. 

The two companies said the high-speed link between their data centers would start with facilities in the eastern United States and spread to other regions. They will also work together to let joint users login to services from either company with a single user name and get tech support from either company. 

The move comes as both Oracle and Microsoft are courting large businesses and government customers considering moving computing tasks currently handled in their own data centers to cloud providers. 

“With Oracle’s enterprise expertise, this alliance is a natural choice for us as we help our joint customers accelerate the migration of enterprise applications and databases to the public cloud,” Microsoft’s cloud chief Scott Guthrie said in a statement. 

AWS, the largest cloud computing provider, is encroaching on many of those customers, including in Oracle’s historical stronghold in the database market. 

“With this alliance, our joint customers can migrate their entire set of existing applications to the cloud without having to re-architect anything, preserving the large investments they have already made,” Don Johnson, executive vice president of Oracle’s cloud infrastructure unit, said in a statement. 

Microsoft has previously inked a deal with German software maker SAP SE and Adobe to make their services work better together. 

Ed Anderson, a Gartner research analyst, said the move was a clear “jab” at AWS, especially for Oracle. “It’s no secret that Oracle views AWS as a major competitor in the database market,” he said. 

Anderson also said there remained some unanswered questions about the deal, such as whether customers would face data transfer fees for moving large amounts of information back and forth between services. 

But overall, Anderson said the move would likely benefit Microsoft and Oracle by helping their pitch to large businesses already using services from both. 
​
“It’s a great way for both companies to be able to hitch their cloud offerings together,” Anderson said.

Regulators in the US have taken a big step toward bringing antitrust suits against American tech giants, but they face a long road ahead.

Amazon, Apple, Google, and Facebook are facing unprecedented scrutiny in their own backyard. The US Department of Justice (DoJ) and the Federal Trade Commission are preparing antitrust investigations into the companies, and plan to divvy up the work. As the news emerged, the firm’s share prices were hammered, a clear signal that Wall Street believes the Feds mean business.

Congress also plans to put the companies under the microscope. The Judiciary Committee of the House of Representatives said it's launching a wide-ranging investigation of the market power of the tech giants.

The obvious question is: why now? The European Union has been sounding the alarm about Big Tech’s super-sized influence for years – and imposing massive fines on Google in particular for anti-competitive behavior.

The most likely answer is American politics. Some prominent Democrats, including senator and presidential candidate Elizabeth Warren, have been calling loudly for tech giants to be broken up to stop them harming consumers’ interests. With a presidential election on the horizon, the Republicans likely want to be seen as tough on Big Tech, too. There’s also a widespread suspicion of Silicon Valley’s liberal tendencies. President Donald Trump has a history of trading barbs with Jeff Bezos, Amazon’s boss, and regularly rails against what he sees as social media and search companies’ anti-conservative bias.

Politics aside, there’s plenty for antitrust watchdogs to sink their teeth into. Amazon is accused of using data from its online platform to gain an unfair advantage over other sellers. The EU has already punishedGoogle's manipulation of search results to favor its businesses. Apple’s fighting a private lawsuit which alleges its 30% take on apps sold in its apps store is an abuse of monopoly power. And Facebook dominates the digital ad market together with Google.

Critics such as Warren have used sporting analogies to justify calls for breaking up the tech giants. “You can get to be the umpire in a baseball game, or you can have a team in the game, but you don’t get to be the umpire and have a team in the game,’ she tweeted earlier this year.

If any of the tech giants are found guilty of anti-competitive behavior, they’re likely to be hit with Hefty fines and other sanctions. That may not be enough to satisfy people like Warren, but trying to force through a breakup of one or more of the companies will be tough to do because:

1.Big tech firms have generally made their services available for free. US antitrust law focuses primarily on whether a monopolist has harmed consumers by driving up prices and restricting investment in a market. While firms like Facebook and Google certainly aren’t paragons when it comes to things like privacy, they’ve provided a cornucopia of free stuff to consumers and invest heavily in R&D. That doesn’t mean they can’t be sanctioned for abusing their market power to, say, manipulate search results in ways that drive up prices. But it would be hard to prove they have harmed consumers broadly in the eyes of the law.

2.They aren’t “natural monopolies” like those found in, say, the utility industry, where the cost to enter a market is so vast other companies are dissuaded from doing so, allowing incumbents to drive up prices. The challenge would-be rivals face is to overcome the “network effects” that underpin the big tech companies’ success. A service like Amazon has a magnetic attraction for buyers because they know they will find plenty of the sellers on its platform. And as more buyers roll up, even more sellers will want to join. This will undoubtedly deter competition, but it’s not illegal.

3.Big tech firms dominate data gathering and use insights to provide even more free services. The vast number of customers using their products mean Big Tech firms benefit from what’s helpful to think of as a data snowball. The more customers they attract, the more data they can harvest from them. That information is then used to tailor new services that attract even more users. This cycle is even more powerful in the era of AI, which relies on crunching vast amounts of data for its efficacy.
​
The Microsoft precedent: None of this may deter US regulators, who can draw on Microsoft’s experience in the 1990s for inspiration. The DoJ tried to split Microsoft up to stop it bundling its Internet Explorer web browser with its dominant Windows operating system. The effort failed, but the bruising court battles harmed the company’s reputation and curbed its anti-competitive instincts. History could be about to repeat itself in the internet era.

On the heels of Google buying analytics startup Looker last week for $2.6 billion, Salesforce today announced a huge piece of news in a bid to step up its own work in data visualization and tools to help enterprises make sense of the sea of data that they use and amass: Salesforce is buying Tableau for $15.7 billion in an all-stock deal.

The latter is publicly traded, and this deal will involve shares of Tableau Class A and Class B common stock getting exchanged for 1.103 shares of Salesforce common stock, the company said, and so the $15.7 billion figure is the enterprise value of the transaction, based on the average price of Salesforce’s shares as of June 7, 2019.

This is a significant jump on Tableau’s last market cap ($10.79 billion two days earlier.)

This is a massive deal for Salesforce as it continues to diversify beyond CRM software and into deeper layers of analytics to offer a 360-degree view of the customer and become a de facto data stack for the enterprise.
The company reportedly worked hard to buy LinkedIn but lost out to Microsoft. While there isn’t a whole lot in common between LinkedIn and Tableau, this deal will also help Salesforce extend its engagement (and data intelligence) for the customers that Salesforce already has — something that LinkedIn would have also helped it to do.

Even with Google’s move to buy Looker, one could argue that analytics is a big enough area that all major tech companies are getting their ducks in a row with stronger data analytics strategies and products. It’s unclear whether the two deals were made in response to each other, although it seems that Salesforce has been eyeing Tableau for years.

 “We are bringing together the world’s #1 CRM with the #1 analytics platform. Tableau helps people see and understand data, and Salesforce helps people engage and understand customers. It’s truly the best of both worlds for our customers – bringing together two critical platforms that every customer needs to understand their world,” said Marc Benioff, chairman, and co-CEO of Salesforce. “I’m thrilled to welcome Adam and his team to Salesforce.”

Tableau has about 86,000 business customers, including Charles Schwab, Verizon, Schneider Electric, Southwest and Netflix. Salesforce said Tableau would operate independently and under its own brand post-acquisition. It will also remain headquartered in Seattle, Wash., headed by CEO Adam Selipsky along with others on the current leadership team.

Indeed, later during an analyst conference call, Benioff let it drop that Seattle would become Salesforce’s official second headquarters with the closing of this deal.

That’s not to say, though, that the two will not be working together.

On the contrary, Salesforce is already talking up the possibilities of expanding what the company is already doing with its Einstein platform (launched back in 2016, Einstein is the home of all of Salesforce’s AI-based initiatives.) 

“Joining forces with Salesforce will enhance our ability to help people everywhere see and understand data,” said Selipsky. “As part of the world’s #1 CRM company, Tableau’s intuitive and powerful analytics will enable millions of more people to discover actionable insights across their entire organizations. I’m delighted that our companies share very similar cultures and a relentless focus on customer success. I look forward to working together in support of our customers and communities.”

“Salesforce’s incredible success has always been based on anticipating the needs of our customers and providing them the solutions they need to grow their businesses,” said Keith Block, co-CEO, Salesforce. “Data is the foundation of every digital transformation, and the addition of Tableau will accelerate our ability to deliver customer success by enabling a truly unified and powerful view across all of a customer’s data.”

Networks today are subject to many threats including ransomware, cryptocurrency-miner threats, or state-sponsored hackers.

In line with other security industry pros, Microsoft has confirmed in its 24th annual security intelligence report that ransomware has taken a backseat to pesky cryptocurrency miners. 

But the company also warns that supply-chain attacks are on the rise. These are where an attacker uses a supplier or business partner to spread an infection. 

Past examples include the NotPetya not-ransomware outbreakthat caused over a billion dollars in losses for global firms and the Dofoil BitTorrent attacks. 
    
"Supply-chain attacks are insidious because they take advantage of the trust that users and IT departments place in the software they use," Microsoft warns in the report. 

"The compromised software is often signed and certified by the vendor, and may give no indication that anything is wrong, which makes it significantly more difficult to detect the infection. They can damage the relationship between supply chains and their customers, whether the latter are corporate or home users.

"By poisoning software and undermining delivery or update infrastructures, supply-chain attacks can affect the integrity and security of goods and services that organizations provide."

While attacks are changing and Windows 10 built-in security is improving, the company's advice to customers remains the same. However, there are conflicting data about the best approach to staying secure.  
Microsoft recommends only using software from trusted sources, though this 'security hygiene' measure could be undermined in a supply-chain attack. 

The company also recommends "rapidly applying the latest updates to your operating systems and applications, and immediately deploying critical security updates for OS, browsers, and email."

Deploying patches quickly is generally a good idea. However, Microsoft recently revealed that vulnerabilities in its software are most likely to be exploited as a zero-daybefore the company has even had a chance to release a patch. 

However, its other tips don't present obvious security conflicts.  

"Deploy a secure email gateway that has advanced threat protection capabilities for defending against modern phishing variants," Microsoft warns, adding that businesses should "Enable host anti-malware and network defenses to get near real-time blocking responses from the cloud (if available in your solution)." 

The other important measures organizations should take include implementing access controls, and teaching employees to be suspect of messages that ask them to divulge sensitive information. 

Microsoft also recommends keeping "destruction-resistant backups of your critical systems and data" and using cloud storage services for online backups. 
​
"For data that is on premises, regularly back up important data using the 3-2-1 rule. Keep three backups of your data, on two different storage types, and at least one backup offsite," says Microsoft.

Artificial intelligence has the potential to bring a select set of advanced techniques to the table when it comes to cyber offense, researchers say.

Last week, researchers from Darktracesaid that the current threat landscape is full of everything from opportunistic attacks from teen hackers to advanced, state-sponsored assaults, and in the latter sense, attacks continue to evolve.

However, for each sophisticated attack currently in use, there is the potential for further development through the future use of AI.

Within the report, the cybersecurity firm documented three active threats in the wild which have been detected within the past 12 months. Analysis of these attacks – and a little imagination – has led the team to create scenarios using AI which could one day become reality.

"We expect AI-driven malware to start mimicking behavior that is usually attributed to human operators by leveraging contextualization," said Max Heinemeyer, Director of Threat Hunting at Darktrace. "But we also anticipate the opposite; advanced human attacker groups utilizing AI-driven implants to improve their attacks and enable them to scale better."

Trickbot. The first attack relates to an employee at a law firm who fell victim to a phishing campaign leading to a Trickbot infection.

Trickbot is a financial Trojan which uses the Windows vulnerability EternalBluein order to target banks and other institutions. The malware continues to evolve and is currently equipped with injectors, obfuscation, data-stealing modules, and locking mechanisms.

In this example, Trickbot was able to infect a further 20 devices on the network, leading to a costly clean-up process. Empire Powershell modules were also uncovered which are typically used in remote, keyboard-based infiltration post-infection.

AI's Future Role.Darktrace believes that in the future, malware bolstered through artificial intelligence will be able to self-propagate and use every vulnerability on offer to compromise a network.

"Imagine a worm-style attack, like WannaCry, which, instead of relying on one form of lateral movement (e.g., the EternalBlue exploit), could understand the target environment and choose lateral movement techniques accordingly," the company says.

If chosen vulnerabilities are patched, for example, the malware could then switch to brute-force attacks, keylogging, and other techniques which have proven to be successful in the past in similar target environments.

As the AI could sit, learn, and 'decide' on an attack technique, no traditional command-and-control (C2) servers would be necessary.

AI's Future Role.It is possible that AI could be used to further adapt to its environment. In the same manner, as before, contextualization can be used to blend in, but AI could also be used to mimic trusted system elements, improving stealth.

"Instead of guessing during which times normal business operations are conducted, it will learn it," the report suggests. "Rather than guessing if an environment is using mostly Windows machines or Linux machines, or if Twitter or Instagram would be a better channel, it will be able to gain an understanding of what communication is dominant in the target's network and blend in with it."

Take It Slow. In the final example, Darktrace uncovered malware from a medical technology company. What made the findings special was that data was being stolen at such a slow pace and in tiny packages that it avoided triggering data volume thresholds in security tools.

Multiple connections were made to an external IP address, but each connection contained less than 1MB. Despite the small packets, it did not take long before over 15GB of information was stolen.

By fading into the background of daily network activity, the attackers behind the data breach were able to steal patient names, addresses, and medical histories.

AI's Future Role. AI could not only provide a conduit for incredibly fast attacks but also "low and slow" assaults. It can also be used as a tool to learn what data transfer rates would flag suspicion to security solutions.

Instead of relying on a hard-coded threshold, for example, AI-driven malware would be able to dynamically adapt data theft rates and times to exfiltrate information without detection.
​
"Defensive cyber AI is the only chance to prepare for the next paradigm shift in the threat landscape when AI-driven malware becomes a reality," the company added. "Once the genie is out of the bottle, it cannot be put back in again."