Rise of Machine Unlearning, attacks on healthcare to grow in 2022, warns Kaspersky

With data regulators mounting pressure on companies to respect the data privacy of citizens, the use of new technologies such as Machine Unlearning to remove data from already trained algorithms is likely to grow in 2022, security researchers at cybersecurity firm Kaspersky believe.  

Machine Unlearning is new process through which a machine learning model is made to forget data points used to train it.

Machine Learning (ML) algorithms rely on large volumes of data on users and their behaviour to train themselves.  

As the application of ML grows, there is a lot more attention on how they use data and whether they pose any privacy concerns to citizens. Even though the data fed into the ML systems is usually anonymised, privacy advocates still have doubts about it.  

Researchers at Kaspersky warn, “The governments and users are calling for more transparency in general when it comes to ML algorithms. In the coming year, expect more discussions and regulations surrounding the decisions being made by automated systems.”  

Though some privacy laws allow customers to request companies to delete their data, these rules do not extend to ML systems. However, this can change soon. In 2020, the UK government in one of its drafts on the AI framework suggested that companies should delete any files containing personal data as soon as they are no longer required.  

Many experts believe removing data from ML models can be tricky and can only be done by retraining the model on the data that is available. 

Researchers at Kaspersky also warned that attacks on healthcare will continue to rise in 2022 as more healthcare companies will move their databases and customer data online and provide digital treatment to patients.  

According to the 2021 identify breach report by Constella Intelligence, the total volume of data exposed in the healthcare sector due to data breaches increased by 51% as compared to 2019.  

“Expect attackers to search for vulnerabilities they can exploit in new wearable devices and medical applications being developed or creating fraudulent apps that users may mistakenly download,” researchers added.  

Further, researchers said that cyberattacks in 2022 will be disruptive “in more devastating ways.” Attackers are also expected to use malware for a short lifecycle to achieve peak effectiveness and then switch to a new build to avoid detection. Attackers will also avoid using a malicious infrastructure to launch an attack.  

“Research into some recent Advanced Persistent Threat (APT) activities showed that some campaigns’ Command and Control servers may only be active for a couple of hours during the relevant phase of the operation,” they noted.