Well, we are not even halfway through the yet, and Cyber
experts have already been coming up with what some of the top threat variants
have been so far. These were announced at
the latest RSA Conference, which was held just last week. So what has been happening? Here is the
breakdown:
1)
SEO Attacks:
This is the tool that pretty much
all businesses use to get their websites ranked high in the Google search
engine whenever a query is done. But
believe it or not, even the Cyberattackers are now starting to do this, for their
own gain. How are they doing it? Long story short, they create phony websites
of real, legitimate, and highly reputable businesses. Take for example Wal-Mart. Their website is of course Walmart.com. But anybody register a domain that is very
close to that, such as walmartt.com.
From there, a Cyberattacker can then create a very realistic looking,
but spoofed up website of the real Walmart.com.
The problem is that most customers will not recognize that extra “t” in the
domain. Thus, through Phishing emails and
other tactics, the Cyberattacker will lure them into this phony site. But instead of just relying upon that, the
Cyberattacker is now using the principles of SEO as well in order to boost
their rankings, in order to draw in more unsuspecting victims. The moral of the story here: Make sure to the best extent that you can to
make sure that you are at a real website.
Many browsers, especially those of Edge and Chrome, are doing a decent
job alerting you of a phony website before you actually go it.
2)
Malvertising:
This technojargon is a combination
of two words: Malware and
Advertising. If they can afford it, many
businesses also make use of what are known as PPC (Pay Per Click) ads to get prospects
to their website. These usually appear on
the left side of your browser. While this
can be a good tool to use depending upon your marketing budget, Cyberattacker
is also doing the very same thing, but instead, trying to get traffic to their spoofed
site.
3)
The Software Developer:
For the longest time, the software
developer and their respective teams worked in an isolated environment, away from
all of the company politics and even the Cyberattacker. But guess what? Now they have become a prime target. Why is this so? Well, a lot of the security breaches that
happen out there are due to web applications that have poorly constructed source
code that is embedded into them. To make
matters even worse, software developers often unintentionally leave backdoors
open when the project is delivered to the client. From here, the Cyberattacker can also
penetrate in, and stay in for very long periods of time going unnoticed. Also, they can move laterally, and scope out
first what they want to steal. Very often it is the PII datasets of employees
and customers, and when this is taken, it is called “Data Exfiltration”. Unfortunately, nobody realizes that is gone
until it is too late. Another criticism
for software developers is that they use open-source APIs when they construct
the source code. Nothing wrong with
this, but these APIs often remain untested and not kept up to date with the needed
patches. And the software developers
simply assume that is safe, so they never test it in a sandbox environment
first. Also, software developers are
also given higher than needed privileges, rights, and permissions to do their
work. To make things even worse, the IT
Security team does even terminate the accounts of the software developers once
they are done with their work. And guess
what? The Cyberattacker loves to go after
these privileged accounts.
4)
Artificial Intelligence:
Remember the heydays of the .com
boom? Well, this is now happening to the
AI and ML markets. Although they have
been around for quite some time, its popularity gained rapid steam earlier this
year with the release of ChatGPT. This
is the new AI tool from OpenAI. Simply put,
it is an ultra-sophisticated version of the traditional Chatbot agents. You can ask ChatGPT anything you want to, and
it will produce an answer very quickly. It
has become a very lovable tool especially for content generators (though I have
made a promise to myself to never use it for these purposes). But with the good, also comes the bad. There have been many fears and even actual
cases where ChatGPT has been used for malicious purposes by the Cyberattacker. Probably the best example of this is in using
it to write malicious lines of code which essentially becomes Malware. But apart from the technical bad stuff that
comes with ChatGPT, there are also the societal implications, such as fear of
job loss due to automation of it. Even
some of the top leaders in the business world have called out to slow down the
pace of AI development so that we can all catch up and breathe, as well as absorb
the impacts of ChatGPT. Heck, even Italy
banned the use of ChatGPT, but I think it is now back up and running
there. Another huge fear of ChatGPT is that
it will be used for Social Engineering tactics.
The best example of this are Deepfakes.
Until ChatGPT, many hackers used lower-level algorithms to build spoofed-up
images and videos. But with ChatGPT, the
algorithms have become far more sophisticated, resulting in more advanced
Deepfakes being created. Although Open AI has claimed that there are security
features built into it, they are simply not enough. Another huge fear now is if the pace of hardening
it lose pace with the Cyberattacker using it for nefarious purposes.
My Thoughts On This:
Again, the key is to be proactive in your own safety. Probably the most important takeaway is to be
extremely careful of what you post on Social Media, especially that of
Facebook. The Cyberattacker can look at your
profile, and record any sounds you make on it and feed that into an AI program,
to create a very convincing Deepfake.
As this list gets updated, I will post them!!!
No comments:
Post a Comment