Security

Gmail is bringing in AI security for where humans fail

Google is fighting cyber with cyber by using machine learning to stop hackers.

gsuite-social-securityannoucement-0530-li-r4.png

Gmail is introducing new machine learning to prevent people from falling for phishing attacks.

Google

People often fall for disguised phishing attacks. Google is hoping its machines won't be tricked as easily.

With more than 1 billion active users on Gmail every day, its a massive job to protect them all from cyberattacks via email. Google estimates 50 to 70 percent of messages in Gmail's inboxes are spam, many of which are carefully crafted to deceive people. So the company is tapping artificial intelligence to step in where humans are failing, it announced Wednesday. 

Anyone can fall victim to a phishing attack. Just look at the spear-phishing tactics against Hillary Clinton's campaign chairman John Podesta during the 2016 presidential election.  Podesta's Gmail account suffered a breach after a fake email from the URL "accounts.googlemail.com" prompted him to change his password.

Human error led to the avoidable hack when a campaign aide wrote "this is a legitimate email" in an embarrassing typo. He knew the email was a phishing attack, and meant to write "illegitimate," the aide told The New York Times.

Gmail is hoping to prevent phishing with machine learning, like its early phishing detection. If an email looks suspicious and heads to a person's inbox, Gmail will delay it and analyze the message to make sure it's not a phishing attempt.

"As we find new patterns, our models adapt more quickly than manual systems ever could, and get better with time," said Andy Wen, Gmail's counter abuse technology product manager, in a blog post.

Google said the delay would account for less than 0.05 percent of emails. Considering Gmail's scale, even a small percentage means it will affect millions of people. The massive Google Docs phishing attack only affected 0.1 percent of Gmail's users, but it meant at least 1 million people were still briefly breached before Google shut down the OAuth hack.

The automated malware search uses machine learning from Google's Safe Browsing, which warns people when they're heading onto an insecure website or a page with malware. In Gmail, it will warn about phishy URLs and links that lead to cyberattacks.

The Sans Institute estimates that 95 percent of cyberattacks starting with spear phishing, in which a specific individual is targeted. Google hopes it's automated system will close off that breaking-in point. 

Google is one of the top three spoofed companies in phishing attempts, according to Ironscales, which specializes in anti-email phishing. The company looked at more than 8,500 phishing attacks over the last year, and found that for every five malware-infested emails that spam filters pick up, there are about 20 spear phishing attacks that sneak past.

Thanks to the millions of spam emails that get sent through Gmail, Google has been able to build artificial intelligence that quickly recognizes malware and ransomware messages and blocks them automatically. Think of it like how your immune system gets stronger with germs that it's seen before and recognizes.

Gmail will also be adding in warnings for companies when staffers are about to send emails to people outside the company. The feature hopes to prevent accidentally CC'ing strangers on work-sensitive emails. Gmail's warnings also use machine learning and understand who you frequently email, so the alerts won't pop up before every message.

This last feature is only available for Gmail's enterprise customers. Administrators will have the option to turn off this warning, as well as the early phishing detection, but a Google spokeswoman said that would be "highly discouraged."

Logging Out: Welcome to the crossroads of online life and the afterlife.

Virtual reality 101: CNET tells you everything you need to know about VR.