Taiwan is preparing to share the details of millions of Chinese hacks with private companies to help train artificial intelligence software to predict and prevent future cyber attacks.
Jyan Hong-wei, director of Taiwan’s department of cyber security, said companies would be able to access data from years of attacks on government computers by state-backed hackers in China.
“Traditionally, our thinking was that attack data from the government services network backbone was too sensitive to share. But the value of this data is immense and everyone in the industry very much needs it so they can find patterns from the data and develop better tools,” said Mr Jyan.
The decision will thrill cyber security companies, who want to use machine learning to train computers to detect and repel increasingly automated attacks.
“So far, it has been humans writing the code for cyber attacks, but sooner or later we will see software training other software, making the attackers more capable and much faster. We are in an AI hacking arms race,” said Mr Jyan.
A senior executive at Microsoft, who asked not to be named, said technology companies had long been trying to persuade Taiwan to open up its data.
“It would be extremely valuable for our predictive threat analysis, but the government has been shying away from sharing this so far,” said the executive.
Michael Sentonas, vice-president at CrowdStrike, a cyber security company, said traditional approaches to cyber attacks, based on detecting intruders through their software signatures and matching of code patterns, were no longer good enough.
“ Machine learning has been a huge benefit for the defensive side over the past two to three years as processing power is growing and we can take large data sets of malicious software and run them,” said Mr Sentonas. “That opens a huge opportunity for predictive protection, showing historical patterns.”
Taiwan has been on the receiving end of growing aggression from Chinese hackers for some time. CrowdStrike called China “the most prolific nation-state threat actor” during the first half of this year.
Although Taiwan has never been ruled by the People’s Republic of China, Beijing has claimed it as part of its territory since the Kuomintang, China’s former ruling party, fled to the island after losing the Chinese civil war in 1949.
Taiwan functions as a sovereign state but Beijing opposes its international recognition and threatens to annex the island if it formally declares independence.
“Taiwan has been a place to watch what China is up to [in cyber warfare],” said Ben Read, head of the cyber espionage analysis team at cyber security group FireEye. “They want to know a lot about Taiwan and don’t have any of the diplomatic constraints that apply to other countries.”
Mr Jyan said that in data exchanges with other countries’ cyber security authorities, Taiwan could often trace malware back much further and find many more iterations because Chinese attackers had been testing tools on Taiwan before taking them global.
According to cyber security experts and government officials, Chinese hacker groups have increasingly divided their labour, with different groups specialising in certain targets but often sharing their attack tools.
Mr Jyan said the government intended to come up with an initial decision by the end of the year on how data from the government services network backbone needed to be filtered to reduce security risks without reducing its relevance.
“We will probably end up deciding that certain information can be widely shared, while other pieces can only be passed on to a certain party mandated by us on a contractual basis and which signs a non-disclosure agreement,” he said.
- Fortnite Spectator Mode Test at Private Epic Games Event 9 views | posted on January 25, 2019 | under Gaming
- Kingdom Hearts 3 is confusing, complex and ultimately wonderful for newcomers 9 views | posted on January 25, 2019 | under Breaking News
- Why women are outperforming men at the extremes of endurance 8 views | posted on January 26, 2019 | under Finance
- Asset managers count the cost of the big squeeze on fees 7 views | posted on February 1, 2019 | under Finance
- Here are 588 women in the UK who could speak at your tech event | Career 7 views | posted on January 25, 2019 | under Breaking News