Saturday, April 29, 2023

What Is Happening On The Cyber Threat Front In 2023???

 


Well, we are not even halfway through the yet, and Cyber experts have already been coming up with what some of the top threat variants have been so far.  These were announced at the latest RSA Conference, which was held just last week.  So what has been happening? Here is the breakdown:

1)     SEO Attacks:

This is the tool that pretty much all businesses use to get their websites ranked high in the Google search engine whenever a query is done.  But believe it or not, even the Cyberattackers are now starting to do this, for their own gain.  How are they doing it?  Long story short, they create phony websites of real, legitimate, and highly reputable businesses.  Take for example Wal-Mart.  Their website is of course Walmart.com.  But anybody register a domain that is very close to that, such as walmartt.com.  From there, a Cyberattacker can then create a very realistic looking, but spoofed up website of the real Walmart.com.  The problem is that most customers will not recognize that extra “t” in the domain.  Thus, through Phishing emails and other tactics, the Cyberattacker will lure them into this phony site.  But instead of just relying upon that, the Cyberattacker is now using the principles of SEO as well in order to boost their rankings, in order to draw in more unsuspecting victims.  The moral of the story here:  Make sure to the best extent that you can to make sure that you are at a real website.  Many browsers, especially those of Edge and Chrome, are doing a decent job alerting you of a phony website before you actually go it.

2)     Malvertising:

This technojargon is a combination of two words:  Malware and Advertising.  If they can afford it, many businesses also make use of what are known as PPC (Pay Per Click) ads to get prospects to their website.  These usually appear on the left side of your browser.  While this can be a good tool to use depending upon your marketing budget, Cyberattacker is also doing the very same thing, but instead, trying to get traffic to their spoofed site.

3)     The Software Developer:

For the longest time, the software developer and their respective teams worked in an isolated environment, away from all of the company politics and even the Cyberattacker.  But guess what?  Now they have become a prime target.  Why is this so?  Well, a lot of the security breaches that happen out there are due to web applications that have poorly constructed source code that is embedded into them.  To make matters even worse, software developers often unintentionally leave backdoors open when the project is delivered to the client.  From here, the Cyberattacker can also penetrate in, and stay in for very long periods of time going unnoticed.  Also, they can move laterally, and scope out first what they want to steal. Very often it is the PII datasets of employees and customers, and when this is taken, it is called “Data Exfiltration”.  Unfortunately, nobody realizes that is gone until it is too late.  Another criticism for software developers is that they use open-source APIs when they construct the source code.  Nothing wrong with this, but these APIs often remain untested and not kept up to date with the needed patches.  And the software developers simply assume that is safe, so they never test it in a sandbox environment first.  Also, software developers are also given higher than needed privileges, rights, and permissions to do their work.  To make things even worse, the IT Security team does even terminate the accounts of the software developers once they are done with their work.  And guess what?  The Cyberattacker loves to go after these privileged accounts.

4)     Artificial Intelligence:

Remember the heydays of the .com boom?  Well, this is now happening to the AI and ML markets.  Although they have been around for quite some time, its popularity gained rapid steam earlier this year with the release of ChatGPT.  This is the new AI tool from OpenAI.  Simply put, it is an ultra-sophisticated version of the traditional Chatbot agents.  You can ask ChatGPT anything you want to, and it will produce an answer very quickly.  It has become a very lovable tool especially for content generators (though I have made a promise to myself to never use it for these purposes).  But with the good, also comes the bad.  There have been many fears and even actual cases where ChatGPT has been used for malicious purposes by the Cyberattacker.  Probably the best example of this is in using it to write malicious lines of code which essentially becomes Malware.  But apart from the technical bad stuff that comes with ChatGPT, there are also the societal implications, such as fear of job loss due to automation of it.  Even some of the top leaders in the business world have called out to slow down the pace of AI development so that we can all catch up and breathe, as well as absorb the impacts of ChatGPT.  Heck, even Italy banned the use of ChatGPT, but I think it is now back up and running there.  Another huge fear of ChatGPT is that it will be used for Social Engineering tactics.  The best example of this are Deepfakes.  Until ChatGPT, many hackers used lower-level algorithms to build spoofed-up images and videos.  But with ChatGPT, the algorithms have become far more sophisticated, resulting in more advanced Deepfakes being created. Although Open AI has claimed that there are security features built into it, they are simply not enough.  Another huge fear now is if the pace of hardening it lose pace with the Cyberattacker using it for nefarious purposes.

My Thoughts On This:

Again, the key is to be proactive in your own safety.  Probably the most important takeaway is to be extremely careful of what you post on Social Media, especially that of Facebook.  The Cyberattacker can look at your profile, and record any sounds you make on it and feed that into an AI program, to create a very convincing Deepfake.

As this list gets updated, I will post them!!!

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...