Revealed: the Australian companies using AI to beat cyber hackers
Microsoft has quietly unleashed its AI Copilot for security to help a select group of Australian companies gain an edge over cyber criminals and fend off attacks.
Microsoft is quietly unleashing its artificial intelligence Copilot on Australian companies, in an effort to bolster their cyber defences as a “moment of opportunity” emerges to gain the upper hand on attackers.
The Australian can reveal that AustralianSuper, Powerlink and TAL Insurance have been using Microsoft Copilot for Security as part of the tech titan’s early access program since last December.
The platform – which was launched globally this month – harnesses Microsoft’s global threat intelligence – which includes up to 78 trillion daily threat signals a day – to allow companies the ability to “move and respond at machine speed and scale” to cyber criminals.
The Australian Signals Directorate (ASD) has warned of a new threat known as ‘living off the land’ - a technique in which cyber attackers “camouflage activity” by use legitimate software to infiltrate company systems, making detection difficult.
The ASD says it has observed hackers People’s Republic of China and Russian Federation state-sponsored hackers, using the method to “compromise and maintain persistent access to critical infrastructure organizations”.
Microsoft has been stepping up its investment on AI and cybersecurity in Australia, announcing late last year it would spend $5bn on building nine new data centres. Is also working with the ASD to bolster the nation’s cyber defences by developing a MACS, which stands for Microsoft-Australian Signals Directorate Cyber Shield.
AustralianSuper chief technology officer Mike Backeberg said AI played a “critical role” in combating the global cybersecurity skills shortage.
“For every four members of our cyber defence team who use Security Copilot, we believe the technology effectively adds a fifth colleague to their ranks,” Mr Backeberg said.
But his colleague, chief information security officer Mike Dunn said it did not negate the need for human staff. “We are using Copilot for Security to augment our cyber defence capability”.
“AI is helping to speed up event correlation across the suite of Microsoft tools, and find productivity benefits and time savings in generating event and incident reporting, while providing an opportunity to enhance our team’s effectiveness by summarising security incidents with recommendations and additional context,” Mr Dunn said.
Powerlink general manager of business IT and technology delivery Mark Pozdena agreed. “Cybersecurity talent remains one of the biggest challenges when it comes to effectively defending against cyber threats”.
“By using natural language prompts, our analysts can initiate and perform tasks more accurately and immediately than what was historically possible and as an added bonus – assist in the development of their skills in the long-term,” Mr Pozdena said.
Sandra Joyce, who oversees global intelligence at Mandiant – a Google-owned cybersecurity firm – says defenders have a brief window to gain an advantage in fending off attacks, with hackers yet to embrace AI fully.
“We’re a long way from AI versus AI. When I look at the threat actors, what we’ve seen is a pattern where they’re still experimenting (with AI),” Ms Joyce said.
“We have seen AI being used to generate fake images or voice or text, which is obviously closer to fraud and we’ve seen that steadily being used but that’s not new. Conversely, we are doing a lot with AI on the defence side.
“We’re using it right now. We’re reversing malware faster, We are summarising a vast amount of content to make sure that we’re looking at the right things. So we’re really developing quite a bit of capability in this space. And I think that we’re in this moment of opportunity, where defenders actually have quite a bit of an advantage.”
Mark Anderson, Microsoft’s national chief security officer for Australia and New Zealand, said since launching the AI cybersecurity copilot it has made analysts 22 per cent faster in detecting threats.
“I don’t think you’ll ever read a report that says ‘hey cyber attacks are on the decrease’,” Mr Anderson said.
“They’re constantly on the increase.”
While we are getting better at securing systems, Mr Anderson said high profile attacks on Optus, Medibank, Latitude Financial and port operator DP World, had served as a “wake up call” for many businesses to bolster their cyber defences.
Microsoft has been a victim itself after Russian-sponsored hackers broke into its system. It disclosed in January that the group – which it identified as Midnight Blizzard – extracted information from a small percentage of employee email accounts, including members of its senior leadership team and employees in its cybersecurity and legal teams.
Mr Anderson said the attack was a reminder that “nobody is immune” and also a pivotal moment for the company to deal with legacy systems. Midnight Blizzard hacked into Microsoft using password spray attacks that successfully compromised a legacy, non-production test tenant account that did not have multifactor authentication enabled.
“We all know that every business in the country and on the planet has the issue of legacy technology in their organisation. For us that was a moment where we went ‘we need to address legacy like a lot of people’,” Mr Anderson said.
“People don’t normally touch legacy because the word legacy means it’s been around a long time. Sometimes you’ve no longer got the right system owners. Sometimes people don’t want to touch it because they don’t know what it does, and they don’t know they don’t feel confident enough to go and turn the thing off because they might stop part of the business.
“But for us, that was a moment where we went ‘we have to accept the idea that a small amount of internal – internal to Microsoft not impacting customers – a small amount of internal business disruption is actually better than the risk that those types of systems pose to us because of that pivotal moment. It’s not kids in basements. We are talking serious players now.”
Microsoft chief executive Satya Nadella said: “Frankly, the cybersecurity threat landscape has never been more challenging or more complicated”.
“Today, cyberattacks cost the world $US6 trillion ($9.16 trillion) annually, and that number is projected to rise to 10 trillion by 2025. And as digital technology becomes more pervasive, it’s a place where all of us will need to do some of our very best work.”
More Coverage
Telstra and CBA’s breakthrough on bogus accounts
The nation’s largest bank and telco say they’re already in talks to license the technology to Telstra’s largest competitors Optus and TPG and that the major banks are also interested in using it.
We need climate investors
As coal-fired power station shut down, Australia needs to attract foreign investors to support the shift to cleaner energy