Microsoft turns to AI to make Windows 10 more secure
With cyber attacks becoming more and more sophisticated, Microsoft has decided to use AI (artificial intelligence) to make the future versions of Windows 10 more secure. After the WannaCry ransomware which hit 200,000 PCs in over 150 countries in May, another ransomware called Petya surfaced in Eastern Europe early this week and went on to affect 2,000 computers in 12 countries.
In a blog post by Rob Lefferts, head of enterprise and security program management, Microsoft announced that it will be adding new features to the Windows Defender Advanced Threat Protection (ATP). Windows Defender ATP is an anti-virus service for enterprise users.
The Defender anti-virus will now use AI to identify threats, while a new browser-focused Defender Application Guard and an AI-backed Exploit Guard will be added to the Defender family. These features will be available in the fall edition of the Windows 10 Creators update for enterprise users only.
The new anti-virus will come with built-in AI tools, designed to harness intelligence generated from Microsoft Intelligence Security Graph to identify malware and create digital signature for them before they can affect more users. The digital signature of a new virus will be used to identify devices which have also been affected by it. To protect the user, the virus will be isolated from the rest of the device in a virtual space on cloud.
Intelligence Security Graph is an online database which gathers trillions of signals from millions of devices and Microsoft’s cloud services such as Azure and Office.
Securing the web browser
The second line of defence comes from Defender Application Guard, which is designed to prevent hackers from getting into a local machine and from there into the rest of the enterprise network. Its primary objective is to identify threats coming through web browser and contain them before they could proliferate. So if a user click on a link on a browser and accidentally downloads a malware, Defender Application Guard will immediately isolate it so it won’t harm the device and the network it is connected to. Microsoft claims almost 90% of all cyber attacks occur through browsers.
Reducing the risk
The Defender Exploit Guard is another tool which will use AI to prevent hackers from exploiting vulnerabilities. These attacks are known as zero day attacks and they occur when a vulnerability is detected by a hacker and a malware is developed and released to exploit it before Microsoft could come up with a patch to fix it. Defender Exploit Guard will make it harder for hackers to detect or exploit these vulnerabilities. For this, it will rely on Microsoft Intelligent Security Graph.