Technology Tips

July 25, 2022

Microsoft Believes AI Can Help Prevent Ransomware In The Future

Written By Securafy Team

Recently, Microsoft published a fascinating blog post. In the blog post, they said they were experimenting with "novel approaches" when it comes to harnessing the power of AI to spot threats on the threat landscape before they become a problem.

In particular, the company is focused on stopping ransomware attacks while they're still in their earliest stages.

To get even more fine-grained than that, they are specifically targeting human-operated ransomware campaigns. They note that there are certain indicators in common where human-operated ransomware campaigns are concerned, and these commonalities can be used to stop future attacks.

The example that Microsoft gives in their blog post is that of a hacker who has stolen the network credentials of a company.  They will first log in to test those credentials, and once inside, will almost certainly move about inside the network in ways that the proper owner of those credentials would not.

This creates specific data points that the AI can be on the alert for.

Broadly speaking, these fall into three categories:  Time based, Graph based, and device-based.

An example of a time-based data point would be if the hacker logged in to test the credentials at 3:00 in the morning and the owner of those credentials historically logs in at 8am.

Graph-based patterns are the graphical representation of physical moves across a network space, plotted against expected moves.

And device-based data points are exactly what they sound like.  The AI would expect that the owner of the stolen credentials would log in from his or her workstation and not a laptop hidden behind layers of proxies, which is suspicious in and of itself.

It's a great idea, though Microsoft is quick to point out that it is still very much in its infancy.  Even so, it's easy to see how this could become an indispensable tool.

Picture of Securafy Team
About The Author
Our team at Securafy brings you the best tech tips, from how-to guides and troubleshooting advice to software reviews and productivity hacks. We're all about empowering businesses with the tools and knowledge they need to thrive in the digital world. Follow our posts to stay equipped with practical insights that make tech work for you.

Join the Conversation

Subscribe to our newsletter

Sign up for our FREE "Cyber Security Tip of the Week!" and always stay one step ahead of hackers and cyber-attacks.