Tag Archive for: Skills

Microsoft Discovers State-backed Hackers From China, Russia, and Iran Are Using OpenAI Tools for Honing Skills

/in


A new study from Microsoft and OpenAI has revealed that AI tools such as ChatGPT and other Large Language Models (LLM) are being used by several hacking groups from Russia, China, Iran, and North Korea to increase hacking productivity and fraud schemes, prompting the tech giant to ban its AI tools to all state-backed hacking groups.

The study, which was reportedly branded as the first time an AI company had disclosed cybersecurity concerns from threat actors using AI, discovered five threat actors, two of whom were linked to China and one each with Russia, Iran, and North Korea.

According to reports, most hacker groups employed LLMs or OpenAI technologies to create phishing emails, automate computer programming and coding skills, and comprehend various subjects. It has also been discovered that a small group of threat actors with ties to China employ LLMs for translation and improved target communication.

The study found that Charcoal Typhoon, a threat actor associated with China, utilized artificial intelligence (AI) to facilitate communication and translation with targeted individuals or organizations, comprehend particular technologies, optimize program scripting techniques for automation, and simplify operational commands.

OpenAI Holds Its First Developer Conference

(Photo : Justin Sullivan/Getty Images)
SAN FRANCISCO, CALIFORNIA – NOVEMBER 06: Microsoft CEO Satya Nadella speaks during the OpenAI DevDay event on November 06, 2023 in San Francisco, California. OpenAI CEO Sam Altman delivered the keynote address at the first ever Open AI DevDay conference.

Salmon Typhoon, another threat actor with ties to China, is allegedly utilizing AI to translate technical papers and computing jargon, find coding mistakes, write harmful code, and better grasp various subjects related to public domain research. 

It was also discovered that the Russian state-sponsored hacker collective Forest Blizzard employed LLMs to learn more about specific satellite capabilities and scripting methods for complex computer programs. According to reports, the group has claimed victims who are essential to the Russian government, such as groups involved in the conflict between Russia and…

Source…

As-a-Service tools empower criminals with limited tech skills

/in


As-a-service attacks continue to dominate the threat landscape, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools making up the majority of malicious tools in use by attackers, according to Darktrace.

as-a-Service malware tools

Cybercriminals exploit as-a-Service tools

As-a-Service tools can provide attackers with everything from pre-made malware to templates for phishing emails, payment processing systems and even helplines to enable criminals to mount attacks with limited technical knowledge.

The most common as-a-Service tools Darktrace saw in use from July to December 2023 were:

  • Malware loaders (77% of investigated threats), which can deliver and execute other forms of malware and enable attackers to repeatedly target affected networks.
  • Cryptominers (52% of investigated threats), which use an infected device to mine for cryptocurrency.
  • Botnets (39% of investigated threats) enrol users in wider networks of infected devices, which attackers then leverage in larger-scale attacks on other targets.
  • Information-stealing malware (36% of investigated threats), malicious software like spyware or worms, designed to secretly access and collect sensitive data from a victim’s computer or network.
  • Proxy botnets (15% of investigated threats), more sophisticated botnets that use proxies to hide the true source of their activity.

Phishing threats escalate in business communications

Darktrace identified Hive ransomware as one of the major Ransomware-as-a-Service attacks at the beginning of 2023. With the dismantling of Hive by the US government in January 2023, Darktrace observed the rapid growth of a range of threats filling the void, including ScamClub, a malvertising actor notorious for spreading fake virus alerts to notable news sites, and AsyncRAT, responsible for attacking US infrastructure employees in recent months.

As businesses continue to rely on email and collaboration tools for communication, methods such as phishing continue to cause a headache for security teams. Darktrace detected 10.4 million phishing emails across its customer fleet between the 1st September and the 31st December 2023.

But the report also highlights how cybercriminals are embracing more…

Source…

DVIDS – News – Maryland Air Guard exercise skills to be ready for warfare

/in



The Maryland Air National Guard conducted a readiness exercise involving Airmen in a simulated deployed environment across Martin State Air National Guard Base from March 2-5.

The exercise, designated Operation Lucky Strike 2023, was built to test and demonstrate the 175th Wing’s ability to survive and operate in a near-peer conflict while executing unit-level critical tasks. All training activities were observed and monitored by unit subject matter experts and the inspector general’s office, which provided feedback to leaders and participants.

“Operation Lucky Strike is a full-scale readiness exercise designed to test our Airmen’s ability to ensure mission essential tasks are met in a contested, degraded, operationally limited environment including CBRN, chemical, biological, radiological and nuclear environments,” said Maryland Air National Guard Capt. Sara Nittinger, 175th Wing director of inspections. “Everything is driven by the new Air Force generation concept, AFFORGEN. It is how we prepare our Airmen for deployments, where they have to be able to demonstrate that they can accomplish their core mission essential tasks in a variety of threat levels.”

During the exercise, wing Airmen had to operate during simulated cyberattacks, power outages, hazardous material accidents, force protection events, and severe weather. The exercise also took place at multiple locations, including Aberdeen Proving Ground and Ft. Meade, testing the wing’s ability to demonstrate agile combat employment, known as ACE.

“In the future, we could be operating in a hostile combat environment that is contested or degraded against an adversary that has peer capabilities – in other words, as capable as us and in some cases maybe more capable,” said Maryland Air National Guard Col. Richard Hunt, 175th Wing vice commander. “They are going to threaten us as much as we threaten them. In order for us to survive, operate, and be effective in a high-risk combat scenario, we need to have the ability to forward deploy to conduct combat operations for a very limited…

Source…

Using real-time data platforms to plug cybersecurity skills gap

/in


How can we use real-time data platforms to improve the cybersecurity skills gap crisis in government and the public sector?

There is a crisis in cybersecurity skills, and the public sector, including government agencies, will be feeling the cumulative impact this year.

A report by Ipsos for the Department for Digital, Culture, Media and Sport last May found that many UK businesses needed more staff with the technical, incident response, and governance skills needed to manage their cyber security. Given that the government has responsibility for securing all our critical national infrastructure and attempts to attract quality cybersecurity talent into the public sector in recent years have not reduced the skills gap, action needs to be taken now to withstand the growing threat landscape.

How common are security breaches in government?

Headlines relating to government security breaches seem to litter the media frequently. In November 2022, the FT reported that the data protection regulator reprimanded the Department for Education for giving improper access to identifying information on up to 28 million children; April 2022 saw 170 email addresses of customers inadvertently copied into an email by the UK Home Office’s visa service and the previous December the Cabinet Office was fined £500,000 by the Information Commissioners Office after the postal addresses of the 2020 New Year honours recipients leaked online.

The hand of malicious insiders seems to have been at work in at least two of these incidents, which reflects the dangers that lurk internally for many government departments. It’s why having strong internal security measures in place is so important and why the visibility of suspicious activity in real-time, or as it is occurring, is essential. If government security teams can create intelligent cyber threat metrics, capture and identify active cyber threats, and minimise false positives, they are better positioned to thwart attacks.

More data can translate into more threat insights

The proliferation of data is at the heart of both the problem and the solution when it comes to cybersecurity. With more real-time data at their disposal, the better-informed…

Source…