Google has announced at the RSA security that they have increased their ability to catch malicious emails on Gmail by ten percent. While ten percent sounds smaller than what may be touted as a huge improvement, it is monumental in the fight against malware sent through email. The breakthrough is particularly impressive because of the way that they have been catching the malicious attachments. Google has invested deeply in their artificial intelligence and it has paid off as it is now more capable than ever at catching what is “one of the oldest tricks in the book” in email attacks according to Lily Hay Newman writing for WIRED.
The growth Google has seen using its new AI is tremendous. Google touts that “63 percent of the malicious documents it blocks each day are different than the ones its systems flagged the day before”. Google also notes that the majority of the malicious documents sent over Gmail are Microsoft Office documents. This is especially important because Google’s improved AI is particularly strong at detecting said documents, driving the amount caught from 53 percent to 63 percent. The program searches for “red flags” common in malicious attachments, and examines macros which are commonly used to trigger malware in documents. Elie Burzstein, Google’s security lead, told WIRED that the ten percent increase will help the more vulnerable targets using Gmail. These vulnerable targets tend to be nonprofits and transportation and other “critical infrastructure” companies. Any gains in protecting these sectors means that their crucial day-to-day operations are less likely to be interrupted. Google knows that the AI is not perfect, and that it can’t detect all types of malware in Gmail, but they are working to improve its capabilities.
Burzstein mentions later in the article that it is easier than ever to send malicious documents over email. Kits that can be used to build malicious documents that purposely avoid antivirus detection are available on “online criminal forums, ranging in price from about $400 to $5,000”. This relatively low entry-price will bar very few criminals who truly want to do damage to users. While AI is never perfect, the techniques used in deep learning algorithms allow for artificial intelligence to strengthen over time. Deep learning leans on massive amounts of data, and skilled programmers, to learn over time what to look for in emails. The more data that Google has to work with, the more potential there is for the AI to increase its numbers year-over-year. While WIRED does not ask how Google goes about collecting, there is a deep need for curbing these attacks and with Google being one of the largest email providers in the world its wonderful to see that they are using new technologies with their users in mind.
Source Article: https://www.wired.com/story/gmail-catching-more-malicious-attachments-deep-learning/
Social Structures & Algorithms 