How will Shape Intelligence fit into F5 Networks? Please talk about the merger and some key takeaways for customers from this.
Data scientists and engineers in the Shape Intelligence Center analyze billions of transactions that pass through Shape Security devices every day in order to extract intelligence, such as new attack tools, malware, compromised devices, and monetization schemes that target its customers. F5, powers applications from development through their entire lifecycle across any multi-cloud environment, in order to deliver differentiated, high-performing, and secure digital experiences for enterprises. Together, Shape and F5 will have a greatly expanded ability to gather and share intelligence that will help all customers make well-informed decisions about the very real threats that face their organizations.
How does Shape’s platform work, in a nutshell?
Shape leverages the fact that criminals use and access web and mobile applications differently than customers. They lie about device and browser attributes, they type differently, they handle their devices differently, they move their mouse or touch the screen differently, they navigate workflows differently, etc. No matter how subtle, Shape identifies these differences. Shape uses hardened JavaScript (for web applications) and an SDK (for mobile applications) to collect proprietary signals, deploys human-assisted AI/ML across the collected signals (both in real time and retrospectively), and then mitigates the malicious traffic as a managed service with guaranteed outcomes.
How is AI being used by cyber criminals and why should organizations be concerned?
AI and ML are among the most widely misunderstood and misused phrases in cyber security today (blockchain is probably a close third). To complicate matters, what is even considered AI has changed. For example, the use of OCR to solve CAPTCHAs was originally an area of AI but it has become so commonplace today, and AI has evolved so considerably, that many people don’t even consider it AI anymore. But of course it is, especially when using an ML model. Also, simulation and passing Turing tests should of course be considered an AI goal, which is exactly what cyber criminals are doing in the case of large-scale fraud and abuse. As a third example, cyber criminals will use AI to generate entirely synthetic identities, which appear to be real humans with real faces, but who don’t actually exist. Over time, these “humans” take out significant lines of credit and then vanish from the face of the earth.
While there are many examples of how cyber criminals could use AI and ML, cyber criminals don’t typically use AI or ML unless they’re forced to in order to circumvent some countermeasure, and sadly, traditional countermeasures in widespread use today can be defeated without using AI or ML. Organizations should be concerned because their current countermeasures are failing more than they realize, and AI and ML, which are already available to cyber criminals, will defeat most organizations’ future countermeasures.
Which industries are more vulnerable to AI-enabled cyber threats? What can the businesses do to eradicate them?
Any organization that offers its customers something of value is vulnerable. So, all of them. This is not a DIY project. Organizations must collect and analyze signals in real time, deploy countermeasures using attributes attackers cannot easily spoof or change, conduct constant retrospective analysis to detect attackers who retool, and rapidly deploy new countermeasures as new threats emerge. This process never ends. Organizations that lack the resources to do this effectively—which is most of them—must partner with a vendor who specializes in AI- and ML-supported cyber security. Presently—and this is important—any AI and ML component must be human-assisted. AI and ML are simply not ready to make unilateral and unsupervised decisions that impact your customers. So either the organization needs to have some spare carbon units, or the organization should select a vendor that offers protection as a managed service.
