Korea Midland Power Engages Darktrace AI

Korea Midland Power Engages Darktrace AI

August 1, 2019

As public energy company Korea Midland Power (KOMIPO) signs on AI cyber security provider Darktrace across its six power generation facilities in South Korea, we ask Darktrace Managing Director APAC Sanjay Aurora to unpack how artificial intelligence is being deployed by cyber defenders and attackers alike.

By Joanne Leila Smith

As a major power generation company in South Korea, KOMIPO Chief of Information Security Lim Kil-hwan says its digital assets and critical operations need to be defended from growing, sophisticated and fast-moving cyber-threats. The KOMIPO Data Centre, located in the province of Boryeong currently monitors all network activity behind 9% of Korea’s energy production.

“KOMIPO is a key source of energy that keeps the country running. Our operations must be carried out flawlessly. Securing our data around the clock is therefore a crucial business priority. Darktrace’s self-learning AI constantly monitors our digital infrastructure and takes intelligent, preventive action to stop any cyber-threats from escalating into a crisis. Darktrace is the most critical tool we leverage to ensure that KOMIPO remains a leading power generation company and a resilient provider of national infrastructure,” says Lim.

The critical tool Lim is referring to is Darktrace’s Autonomous Response technology. According to Darktrace, its self-learning AI is modeled on the human immune system and is currently used by over 3,000 organisations. Darktrace Managing Director APAC Sanjay Aurora claims they are the only enterprise AI capable of identifying and neutralising threats to organisations in real time; i.e. containing the threat on behalf of humans before it can do any damage.

We asked Darktrace Managing Director APAC Sanjay Aurora to unpack what this means.

“Throughout our day-to-day lives, the human body is constantly under attack by new viruses and bacteria. While our skin helps prevent some of these from getting inside, it is not a sufficient defence system on its own. Our immune system is essential to our well-being, by understanding what is a threat to our systems and taking swift, precise action to contain it once it is already inside. And perhaps most critical to its ability to successfully do this is an inherent understanding of ‘self’ – what is me, and what is not me. Darktrace’s technology works in a similar fashion. It uses unsupervised machine learning and AI to learn a sense of ‘self’ for the entire digital business, including cloud, IoT, corporate networks, and industrial systems. It develops an evolving ‘pattern of life’ for every user and device, and from this identifies abnormal behaviour indicative of a threat. And like digital antibodies, when a cyber-attack emerges within the business, the AI takes autonomous action to neutralise the threat before it can escalate into a crisis, says Aurora.

According to Aurora, its autonomous response tech is a simile for antibodies. As the human body immediately works to contain viruses within the human body, Darktrace claims it operates in the same way by autonomously responding to cyber-threats within mere seconds of the attack emerging on the network.

“Rooted in [our] nuanced understanding of normal activity for the entire organisation, Darktrace AI autonomous response only restricts the anomalous behaviour indicative of a threat, allowing normal business operations to continue uninterrupted. In an age where attacks strike at machine speeds, far outpacing human security teams’ ability to keep up; autonomous response is the most crucial tool in staying one step ahead of attackers,” says Aurora.

Since its launch for general availability in 2017, Darktrace says its autonomous response technology has been quickly deployed by organisations across all industries.

Aurora shares a quote from recent client, the International Baccalaureate, “No other security tool on the market comes close to Darktrace’s autonomous response. The sheer volume of data that Darktrace actively defends would take a team of 50 to 60 security professionals to do manually. Moreover, the speed and precision with which Darktrace identifies threatening activity exceeds any human capability”.

We asked Aurora why Darktrace is eyeing APAC as a market for expansion; is it more vulnerable to attack than other markets?

“Cyber defence is a global challenge. It has definitively become one of the largest risks to organisations not just in Australia, but around the world. Attacks are increasingly becoming widespread and indiscriminate – any company that houses sensitive data is a potential target. It’s for this reason that we see corporations of all sizes, in Australia and beyond, arming up with cyber AI to help fight back against an evolving adversary,” says Aurora.

According to Aurora, artificial intelligence is part of the evolution of tactics deployed by cyber criminals too.

“Cyber-criminals are becoming increasingly sophisticated, launching widespread attacks at machine speeds. We are witnessing early signs of attackers using AI to learn about the infected host’s environment. For example, cyber-criminals can determine if the machine is being used by a real human or if it is a honeypot or malware analysis environment. Based on the analysis, the malware can then determine what the next course of action is. Cyber-criminals could also easily begin to use AI to learn about the infected host’s behaviours and then mimic them to avoid detection and stealthily slip into networks,” says Aurora.

With many organisations undergoing digital transformation, particularly in the lead up to the highly anticipated release of 5G, the complexity and rate of change for business proves just as much a challenge for defenders and attackers alike.

“Ultimately, digital transformation is happening at such a pace that AI, especially in the area of cyber security, is being recognised as a ‘must have’ in enabling companies to stay ahead of unpredictable threats. Humans alone cannot detect the subtle, unusual behaviours indicative of today’s stealthy attacker, or at least, not before it is too late – networks are simply too big and too complex. There is therefore, a phenomenal demand for AI to cut through the noise and identify genuine threats to empower human professionals,” says Aurora.


Leave a Reply

Your email address will not be published. Required fields are marked *