Microsoft hopes crowdsourced A.I. algorithms will help avoid the next global cyberattack

Help Windows fix itself.
Microsoft cybersecurity challenge

If you’ve developed an artificial intelligence tool capable of predicting the next ransomware outbreak, Microsoft wants to hear about it. And they’re willing to pay.

More than 300 data scientists, security practitioners and academics are involved in an initiative to help Microsoft determine which Windows machines are the most vulnerable to malicious software. The competition challenges participants to assess the probability a device will be hit with malware based on different factors about the machine, ranging from the firewall configuration to the antivirus software and CPU.

Microsoft announced the competition on Dec. 13, giving participants three months to develop an algorithm that can predict whether a Windows 10 or Windows XP computer, for example, is likely to be infected with the next major virus, organizers said. The competition offers a glimpse at how cybersecurity will blend with artificial intelligence and machine learning, as major companies invest in experiments that could help them avoid another cyberattack on the scale of WannaCry or NotPetya.

“We’re looking at artifacts from the computers that have been infected in the past and predicting ahead of time which computers are likely to fall victim to the same kinds of campaigns,” said Brendan Saltaformaggio, an assistant professor of electrical and computer engineering at the Georgia Institute of Technology, which is helping organize the competition along with Northeastern University and Microsoft’s Windows Defender research team.


“Cybersecurity has largely been a reactive field where there’s an attack and we try to figure out how it happened,” he said. “Bringing in A.I. will give us the ability to inoculate against these attacks before they occur.”

Researchers will be provided with 9.4 GB of anonymized data culled from Windows Defender, Microsoft’s antivirus tool. Data includes browser information, the operating system in use and a machine’s geolocation, among other details. Teams that predict attacks with the highest accuracy will be awarded a combined total of $25,000 in prizes.

Participants making random guesses might be able to predict attacks with a 50 percent accuracy rate, according to Mansour Ahmadi, a post-doctoral research associate at Northeastern University. The highest scorers in this competition had nearly achieved 70 percent within five days, he said.

Such figures provide hope that researchers will hit at least a 80 percent success rate within three months, Ahmadi said.

It looks like a safe investment, too. A U.S. government assessment determined the 2017 NotPetya virus cost global businesses some $10 billion in what was perhaps the most expensive cyberattack ever, according to Wired magazine. The WannaCry ransomware outbreak, which spread via a vulnerability in Windows operating systems, is estimated to have cost between $4 billion and $8 billion.


“With things like ransomware remediation, it’s very expensive, so if we can prevent that we can save a lot of money,” said Ahmadi. “If we can detect early symptoms, we can avoid more expensive procedures.”

Jeff Stone

Written by Jeff Stone

Jeff Stone is the editor-in-chief of CyberScoop, with a special interest in cybercrime, disinformation and the U.S. justice system. He previously worked as an editor at the Wall Street Journal, and covered technology policy for sites including the Christian Science Monitor and the International Business Times.

Latest Podcasts