Researchers Easily Trick Cylance’s AI-Based Antivirus Into Thinking Malware Is ‘Goodware’
Security researchers with Skylight Cyber have found a surprisingly easy way to let malware bypass Cylance’s AI-based anti-malware solution. The research shows that while artificial intelligence holds great potential for cybersecurity, AI-driven security offerings can be far from bulletproof. In order to deceive Cylance’s algorithm, all the researchers had to do was append some strings taken from a non-malicious file to a malicious one.
Skylight Cyber CEO Adi Ashkenazy thinks the method “is a world-first, proven global attack on the ML [machine learning] mechanism of a security company.” He adds that after all the AI hype, the attack “is a humbling example of how [AI] provides a new attack surface that was not possible with legacy [antivirus software].”