Cylance’s AI based antivirus product can be gamed so that attackers can bypass the system’s machine learning algorithm and suspect code can be inserted from a file been previously marked as safe.
Security researchers at Australia-based Skylight Cyber said in a research report that they found a way to hoodwink system’s machine learning algorithm and inserted code from a benign file that’s been previously marked as safe.
Artificial intelligence has been used for preemptive defence in cyber-security. The business model has single-handedly resurrected the fortunes of Blackberry, with its Cylance system detecting probable malicious files even before their creation. The seemingly infallible system also has its weaknesses, researchers say.
"By carefully analysing the engine and model of Cylance’s AI based antivirus product, we identify a peculiar bias towards a specific game. Combining an analysis of the feature extraction process, its heavy reliance on strings, and its strong bias for this specific game, we are capable of crafting a simple and rather amusing bypass," said the research report.
"By appending a selected list of strings to a malicious file, we are capable of changing its score significantly, avoiding detection. This method proved successful for 100 percent of the top 10 Malware for May 2019, and close to 90 percent for a larger sample of 384 malware," it added.
The malware that the researchers managed to insert include WannaCry and Samsam ransomware.
The report comes a week after Blackberry launched CylanceGUARD, an upgrade on the AI system. Cylance has confirmed the issue is present on CylancePROTECT version as well.
"BlackBerry Cylance is aware that a bypass has been publicly disclosed by security researchers. We have verified (that) there is an issue with CylancePROTECT, which can be leveraged to bypass the anti-malware component of the product," said the company guidance.
"Our research and development teams have identified a solution and will release a hotfix automatically to all customers running current versions in the next few days. More information will be provided as soon as it is available," it added.
Security researchers are aware that next-gen security systems can be tricked, said Venafi VP Kevin Bocek. "This research should serve as a reminder to security teams that cyber criminals have the capability, and desire, to evade next generation AV tools. We should all expect to see similar vulnerabilities in the future."
"Ultimately, AI is not a silver bullet, it’s just the latest attempt to do the impossible – predict the future," said Gregory Webb, CEO at Bromium.
"If we place too much trust in such systems ability to know what is good and bad we will expose ourselves to untold risk – which if left unattended could create huge security blind-spots, as is the case here."