Acronis: ‘Cybercriminals are leveraging AI to attack AI-based cybersecurity solutions’

‘Legacy systems put regional oil industry at high cyberattack risk’

Acronis, a global leader in cyber protection and cloud security, exhibited its advanced solutions at GITEX Global 2023 – the world’s largest tech and startup event – held at Dubai World Trade Centre from October 16-20, 2023.

In an exclusive interview with ‘Middle East News 247’ at the sprawling tech show, James Slaby, Director of Cyber Protection at Acronis, emphasised cyber resilience, the Middle East’s unique challenges in safeguarding industrial assets from cyberattacks, and how automation can benefit MSPs.

Excerpts from the interview:

How does AI specifically impact cybersecurity in today’s context?

AI is a significant factor in the current landscape of cybersecurity. Acronis has been using AI in its cybersecurity products for nearly seven years, with machine learning and heuristics playing a crucial role in our anti-ransomware solutions.

We continue to enhance our AI capabilities to automate functions and combat cyber threats more intelligently.

AI has not only enhanced the capabilities of defenders but has also provided new tools for cybercriminals. For example, generative AI tools like ChatGPT have made phishing emails more convincing and challenging to detect.

Cybercriminals now use AI to write malware, analyse applications for vulnerabilities, and create code to exploit them, making their attacks more sophisticated and scalable. Therefore, AI has both defensive and offensive implications in cybersecurity.

It is crucial to emphasise the importance of building cyber resilience, not just focusing on defence but also on the ability to recover quickly from attacks.

This requires a holistic approach to effectively deal with AI-enabled cyber threats, and Acronis is committed to supporting businesses in defence and recovery.

Are there unique cybersecurity concerns in the Middle East region compared to the rest of the world?

One niche example is related to the oil industry. This sector heavily relies on operational technology (OT) and industrial control systems (ICS).

These technologies are often built on outdated platforms, making them challenging to protect and restore in the event of cybersecurity issues.

The unique challenge here is the coexistence of general-purpose IT platforms (like Windows and Linux) alongside specialised OT and ICS systems. Acronis has successfully provided solutions to quickly restore the computers controlling these systems in the Middle East due to the concentration of such industries in the region.

What are Acronis’s main parameters regarding its R&D to stay ahead of cyber threats?

Staying ahead of cyber threats is a continuous challenge. We constantly refine our approach to detection, prevention, and recovery. One fundamental principle is shifting from signature-based to behaviour-based detection, as cybercriminals frequently modify malware to evade detection.

We detect over 270,000 new malware samples daily, making identifying threats by their behaviour essential.

Another aspect is evolving towards endpoint detection and response (EDR), which involves correlating sensor data across an organisation to identify stealthy threats and provide remediation recommendations.

We continually improve our ability to detect, stop, and recover from threats, even without specific knowledge of future threats.

What is Acronis showcasing at GITEX Global 2023?

Acronis is showcasing the Acronis Cyber Protect and the Acronis Cyber Protect Cloud platforms. These are our two platforms: one for our business customers and the other for our managed service provider (MSP) partners.

The two platforms combine cybersecurity, data protection, and endpoint security.

Businesses use our Cyber Protect platform to manage their backup, disaster recovery, cybersecurity functions, and endpoint management for their customers.

On the other hand, our MSP partners use our Cyber Protect Cloud platform to deliver specific capabilities to small businesses in terms of SaaS.

We also provide integration into other solutions to address vertical markets.

What are your customers’ pain points?

Most customers are primarily concerned with reducing their business risk. They want to be able to operate effectively in their respective industries. Whether in manufacturing, healthcare, retail, education, or any other sector, maintaining highly available systems, data protection, and compliance with industry-specific regulations are top priorities.

Our customers seek solutions to alleviate these concerns, allowing them to focus on their core business activities.

What advice do you have for MSPs in the Middle East region?

As elsewhere, MSPs in the Middle East region should embrace technology to automate routine tasks and enhance efficiency. Automation and AI can be powerful tools in focusing their staff on activities that require human expertise, such as building client relationships and solving complex cybersecurity and data protection challenges.

A practical example is automating vulnerability scanning and patch management, which can be labour-intensive and error-prone when done manually.

By applying AI and automation to these areas, MSPs can free up their staff to focus on high-value tasks, benefiting their clients and their teams.

Is the scenario now good AI versus bad AI?

While we have not reached a scenario of nation-state AI versus nation-state AI in a full-scale cyber war, we are nevertheless witnessing AI being used in cyberattacks and cybersecurity.

Cybercriminals are leveraging AI to attack AI-based cybersecurity solutions, particularly on a smaller scale. One emerging trend is using adversarial AI to deceive and weaken AI models used for security.

For instance, adversarial AI could attempt to mislead an endpoint detection system’s machine learning routines, making it ignore specific threats. While this is a small-scale example, it illustrates the potential for AI to target AI in the context of cybersecurity.

However, we are not yet facing a situation like Skynet versus humanity, which would require the advent of true general AI.

Acronis celebrates its 20th anniversary this year. What are your thoughts on this milestone?

Acronis has come a long way in two decades. I had little experience with software companies, let alone backup solutions, before I joined Acronis. However, I soon realised the complexity and importance of data protection. Being in this industry for 20 years has allowed us to benefit our MSP partners and business customers significantly.

I am grateful that Acronis recognised the importance of cybersecurity seven years ago and embarked on an exciting journey in this dynamic field.

We have continuously expanded our capabilities, from endpoint security to URL filtering, email security, data loss prevention (DLP), endpoint detection and response (EDR), and more.

It’s been thrilling to be a part of this journey and help our partners offer their clients a broader range of services while supporting our business customers directly.

During all five days of GITEX Global 2023, James Slaby conducted 15-minute cybersecurity theme sessions daily at the Acronis exhibitor stand on:

• Fighting ChatGPT-enhanced cyber threats
• Building cyber resilience
• Qualifying for cyber insurance
• Building an incident response plan
• Protecting Microsoft 365 and Google Workspace

Featured image: James Slaby addresses the Acronis #CyberFit Summit 2022 in Miami, Florida. Image: Arnold Pinto