Microsoft Deploys AI to Fight Cybercrime
Microsoft has unveiled 11 new AI-powered cybersecurity “agents” designed to tackle the increasing complexity of cyber threats. The company aims to enhance its defenses against a surge in hacking attempts orchestrated by criminals, fraudsters, and state-sponsored actors.
Vasu Jakkal, vice president of security at Microsoft, stated, “We are facing unprecedented complexity when it comes to the threat landscape.”
These AI agents will be integrated into Microsoft’s Copilot suite of AI tools. Their primary function will be to support the IT and cybersecurity teams of Microsoft customers rather than individual Windows users. The agents will be responsible for tasks such as identifying and filtering suspicious emails, blocking hacking attempts, and gathering intelligence on the origin of attacks.
With approximately 70% of the world’s computers running Windows software, combined with the widespread use of Microsoft’s cloud computing infrastructure by businesses, the company has long been a prime target for cyberattacks.
“Last year we tracked 30 billion phishing emails,” Jakkal said. “There’s no way any human can keep up with the volume.”
In recent years, the emergence of readily available malware programs on the dark web and the potential for AI to write new malware and automate attacks has led to a “gig economy” for cybercriminals, estimated to be worth $9.2 trillion (£7.1 trillion), according to Jakkal. The company has observed a five-fold increase in the number of organized hacking groups, both state-backed and criminal.
However, others in the field have expressed concerns about the deployment of autonomous AI agents. Meredith Whittaker, CEO of the messaging app Signal, told Sky News last month, “Whether you call it an agent, whether you call it a bot, whether you call it something else, it can only know what’s in the data it has access to, which means there is a hunger for your private data and there’s a real temptation to do privacy invading forms of AI.”
Microsoft says the deployment of multiple cybersecurity agents ensures each AI has a clearly defined role and can only access data relevant to its assigned task. The company is also applying a “zero trust framework” to its AI tools, meaning that it will constantly assess whether the agents are adhering to their programmed rules.
The rollout of this new AI cybersecurity software will be closely monitored, given Microsoft’s dominance in the tech industry.
This move comes after a major incident last July, when a coding error in a software application caused cybersecurity firm CrowdStrike to crash approximately 8.5 million Microsoft Windows computers worldwide. This incident, the largest outage in computing history, impacted airports, hospitals, rail networks, and thousands of businesses, Sky News included.
