You are here: Home » Technology » News » Others
Business Standard

Developing nations 'ideal testing ground' for hackers

Hackers want to evade detection before deploying skills against a state with advanced defenses

Sheera Frenkel | NYT  |  San Francisco 

Photo: Shutterstock
Photo: Shutterstock

The attack had the hallmarks of something researchers had dreaded for years: using (AI) that could lead to a new digital arms race in which AI-driven defenses battled AI-driven offenses while humans watched from the sidelines.

But what was not as widely predicted was that one of the earliest instances of that sort of was found in India, not in a sophisticated British banking system or a government network in the United States. Security researchers are increasingly looking in countries outside the West to discover the newest, most-creative and potentially most dangerous types of being deployed.

As developing economies rush to go online, they provide a fertile testing ground for trying their skills in an environment where they can evade detection before deploying them against a company or state that has more advanced defenses.

The cyberattack in used that could learn as it was spreading, and altered its methods to stay in the system for as long as possible. Those were “early indicators” of AI, according to the company Essentially, the could figure out its surroundings and mimic the behaviour of the system’s users, though said the firm had found the program before it could do any damage. “is a place where newer AI attacks might be seen for the first time, simply because it is an ideal testing ground for those sorts of attacks,” said Nicole Eagan, the chief executive of

At times, these attacks are simply targeting more susceptible victims. While companies in the United States will often employ half a dozen security firms’ products as defensive measures, a similar company elsewhere may have just one line of defence — if any.

In the case of attacks carried out by a nation-state, companies in the United States can hope to receive a warning or assistance from the federal government, while companies elsewhere will often be left to fend for themselves.

experts now speculate that a February 2016 attack on the central bank of Bangladesh, believed to have been carried out by linked to North Korea, was a precursor to similar attacks on banks in Vietnam and Ecuador.

That managed to steal $81 million from the Bank generated headlines because of the size of the heist. But what interested experts was that attackers had taken advantage of a previously unexplored weakness in the bank’s computers by undermining its accounts on Swift, the international money transfer system that banks use to move billions of dollars among themselves each day. It was an unprecedented form of cyberattack. But since then, the firm Symantec has found the method used against banks in 31 countries.

The discovered by researchers stopped short of being a full-fledged AI-driven piece of software. It did, however, learn while it was in the system, trying to copy the actions of the network in order to blend in.

“What was concerning was that this attack, once it got into the network, used AI techniques, like trying to learn the behaviours of employees on the network, to remain undetected for as long as possible,” Eagan said.

She said she saw a future in which countries raced against one another to hire people skilled in developing complex algorithms that could be used to run such

Eagan’s company, which has headquarters in Cambridge, England, and San Francisco, has increasingly found hacking incidents in since it expanded there.

©2017 The New York Times News Service