This week's roundup of data issues includes: RSA 2017 and discussion over AI investment to tackle cyber security threats; Talking doll causing trouble in Germany. Read more...

USA

RSA 2017 and discussion over AI investment to tackle cyber security threats

With the introduction of AI, like any new technology there has been discussion over its capabilities and potential. With the number of high profile cyber-attacks seen of late, thought has turned to AI and how this could be utilised to counteract the cybercriminals and their crimeware. Currently cyberspace is awash with bots and botnets which are used for a variety of cybercrime from sending out viruses, phishing to Denial of Service (DOS) to ID theft and fraud. Botnets, also called 'zombie armies' are a system of interconnected computers. These systems are often taken over by hackers using malware which cause the computers to be easily controlled. The bigger the net of computers, the more computer power the hacker has, and thus large scale viruses or cyber-attacks can be launched against a given target. The term 'bots' simply refers to web robots, a form of malware that hide on a victim's computer and are controlled by a hacker.

It is thought that AI could be utilised to take down the bots and botnets by either finding them or using the machine learning programme to download the botnets capabilities and determine its weaknesses.

Arguments for and against using AI came to the forefront at the recent RSA 2017 event. On one side Susan Landau, professor of cybersecurity policy and professor of computer science at Worcester Polytechnic Institute argued that:

"The real problem is that what AI and machine learning is great at is lots of data and dealing with it effectively and what we're dealing with, with the serious attacks are anomalous situations and AI does not look like it's going to be useful there,"

Whilst others such as Adi Shamir, Borman professor of computer science at the Weizmann Institute counteracted this with:

"I doubt it would be so helpful for new zero days because this requires more ingenuity and originality. But when you talk about finding deviations from normal behavior, I think that AI systems are going to be very useful... So I'm optimistic about AI being useful in defense, but not in offense."

It will be interesting to see what will be developed from AI and how effective this will be against cyber-attacks in the long run.

As reported by SC Magazine, further information can be found here

EU

Talking doll causing trouble in Germany

German parents have been advised to destroy a talking children's doll called Cayla.

The German Federal Network Agency – the Bundesnetzagentur issued the advice on the grounds that the doll operates an insecure Bluetooth device which can be easily hacked. Concerns about the doll were first raised in 2015 and it has now been demonstrated that hackers can access the dolls inbuilt microphone and eavesdrop on conversations.

Germany has notoriously strict anti-surveillance laws (one such being section 90 of the Telecommunications Act) and citizens can face up to two years imprisonment for breaching them.

Jochen Homann, Bundesnetzagentur President, issued the following statement:

"Items that conceal cameras or microphones and that are capable of transmitting a signal, and therefore can transmit data without detection, compromise people's privacy. This applies in particular to children's toys. The Cayla doll has been banned in Germany. This is also to protect the most vulnerable in our society."

As reported by the BBC, further information can be found here

To view the press release from the Bundesnetzagentu please click here

Helena Brown

Helena Brown

Partner, Commercial and Data Protection & Head of Data
Edinburgh, UK

View profile

Related Insights

All Insights
Data Protection - March 2024 - Infographic Teaser 26 Mar 24

Data Diaries - March 2024
Technology 15 Mar 24

The Saudi National Cybersecurity Authority Publishes New Regime for the Regulation of Cybersecurity Service Providers
Data - wire 12 Mar 24

The executive regulations to the Oman personal data protection law - What you should know.