UPDATE: BlackBerry Cylance issued the following statement.
BlackBerry Cylance is aware that a bypass has been publicly disclosed by security researchers. We have verified there is an issue with CylancePROTECT which can be leveraged to bypass the anti-malware component of the product.
Our research and development teams have identified a solution and will release a hotfix automatically to all customers running current versions in the next few days.
More information will be provided as soon as it is available.
Security researchers in Australia claim to have tricked BlackBerry’s AI-based Cylance Protect into failing to detect dangerous forms of malware.
Using a “global bypass method”, involving simply taking strings from a non-malicious file and appending them to a malicious one, researchers at Skylight Cyber were able to get the system to identify malware as “goodware”.
“AI applications in security are clear and potentially useful. However AI-based products offer a new and unique attack surface,”
“Namely, if you could truly understand how a certain model works, and the type of features it uses to reach a decision, you would have the potential to fool it consistently, creating a universal bypass.”
According to the researchers, they identified “a peculiar bias towards a specific game” after conducting an analysis of the system.
“Combining an analysis of the feature extraction process, its heavy reliance on strings, and its strong bias for this specific game, we are capable of crafting a simple and rather amusing bypass,”
They added that by appending a selected list of strings to a malicious file, they could change its score significantly to avoid detection:
“This method proved successful for 100 per cent of the top 10 Malware for May 2019, and close to 90 per cent for a larger sample of 384 malware.”
To test their method, the researchers uploaded a list of the top 10 malware, published by the Center for Internet Security. The “staggering” results show that negative scores were turned to positive, meaning some of the most dangerous forms of malware were able to escape detection.
They didn’t just run the files against the static Cylance program – they executed the malicious files on a virtual machine with Cylance PROTECT running on it, to see if it would catch the malicious files in action.
The theory was that even if the product was tricked by the strings, the malicious action of the file would still be detected by Cylance, but it wasn’t.
They concluded:
“We are always amused to see the shock on people’s faces when you tell them that the new security toy they spent millions of dollars buying and integrating can be bypassed.
“The same goes for new silver bullets, like AI-based security. We are anything but surprised with the results, and we are confident that the same type of process can be applied to other pure AI vendors to achieve similar results.”
Full technical details are available here.