It sounds like the stuff of fiction: shady, unseen cybercriminals target organisations using points of vulnerability so bizarre and mundane it's almost impossible to imagine them as a risk: coffee machines, refrigerators ... even, in one case, a fish tank.
In the age of the so-called 'internet of things' – with scores of devices offering a point of entry to an organisation's networks – defending against cyberattacks has moved beyond the traditional 'gatekeeper' role, which relied on passwords, firewalls and human interaction.
Instead, artificial intelligence is required to monitor and plug vulnerabilities across an organisation. At the forefront of this trend is US-British startup Darktrace, a five-year-old company already valued at some $825 million. It's already attracted big-name investors including Asia's Softbank, Samsung Venture Investment Corp as well as KKR and Summit Partners.
“Every connectable device is a weak-point," Sanjay Aurora, managing director for Asia Pacific at Darktrace, told FinanceAsia on the sidelines of the Great Festival of Innovation in Hong Kong. "Your new coffee machine, your mobile phone, the organisations fridge – they all are potential gateways to your network and the more traditional cyber-security systems are ill-equipped to handle the sheer volume of data that is being generated.”
Cybersecurity is a particular concern for Asia's fast-growing companies, many of which are at the vanguard of adopting connected technology as the region's economy develops at breakneck speed.
“Anything with an IP address is a network and these are usually the vulnerable points of entry,” Aurora stressed.
“Last year someone hacked into a computer connected fish tank at a North American casino and used that access point to penetrate the network and send out data,” Aurora added.
This was one of nine innovative threats highlighted in Darktrace's 2017 annual report on innovative hacks. Aurora says this could only be the beginning as more people and more devices get connected every day.
Darktrace, founded in Cambridge, UK, in 2013, uses machine learning and AI algorithms to monitor behaviour over networks to detect and respond to cyber threats in real time.
The company said it had signed more than $200 million of contracts since 2015.
And its reach is growing; it has deployed its Enterprise Immune System in more than 1,000 organisations across Asia Pacific and Japan, CEO Nicole Eagan told a conference in Hong Kong on April 20.
“It’s exciting to see so many organisations in the [region] and across the world enhance their cyber resilience with AI” Eagan.
By utilising AI, “organisations are detecting and autonomously responding to threats before they have a chance to do damage” she added.
Growing threat
According to Cybersecurity Ventures, a leading researcher and publisher covering the global cyber economy, cybercrime damage will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015.
In 2017 alone, the WannaCry virus severely disrupted the UK’s National Health Service (NHS) and millions of computers worldwide, as hackers deployed it to demand a ransom for the return of encrypted files.
As well as bringing in big-name investors, Darktrace has recruited from the traditional security world. Its board of advisors includes a former director general of British intelligence agency MI5, Lord Evans of Weardale, and Alan Wade, a former chief intelligence officer for the US Central Intelligence Agency (CIA).
Two veterans from the world of espionage teaming up to help young pioneers of artificial intelligence tackle crime? Sounds like the perfect pitch for a prime-time detective show. As long as they keep an eye on the fish tanks ...