STE WILLIAMS

All you brilliant kids who use your fine brains to do idiotic things like, say, hack TalkTalk and the EtherDelta exchange, do yourself a favor: when you wind up in jail, warn your parents not  to “help” you by transferring your stolen cryptocurrency.

That’s what happened to TalkTalk and (alleged) EtherDelta hacker Elliott Gunton, whose parents have both been handed suspended sentences after admitting to having removed some of his ill-gotten cryptocurrency from a hardware wallet.

It was a “misguided” attempt to help him, according to what Judge Stephen Holt told mom and dad, Carlie Gunton and Jason Gunton, on Wednesday. The Eastern Daily Press – a local paper in the Guntons’ hometown of Norwich, in the English county of Norfolk – quoted the judge:

You misguidedly tried to help your son and what you did didn’t help him at all, and I’m sure it’s something you’re regretful about.

History of a youthful, repeat offender

Elliott Gunton, now 20, was convicted in 2016 at the age of 16 for his role in attacking the UK broadband and telecom giant TalkTalk.

In 2017, the UK’s Information Commissioner’s Office (ICO) fined TalkTalk £400,000 for security failings that led to the attack and which allowed customer data to be accessed “with ease”. The attacker accessed the personal information of more than 150,000 customers, including the sensitive financial data of more than 15,000 people (sensitive data that TalkTalk’s CEO, bizarrely enough, had said that the company wasn’t required to encrypt).

In April 2018, police made a routine visit to ensure that Gunton was complying with a Sexual Harm Prevention Order imposed by the court in 2016. They seized his computer, and they found that he was selling people’s stolen personal data for crooks to use for criminal use, such as mobile phone numbers that could be used to intercept calls and texts.

Gunton confessed to five counts, including computer misuse and money laundering, and was jailed for 20 months, released due to time spent on remand, ordered to pay back £407,359, and given a three and a half year community order, which restricted his internet and software use.

Last month, Gunton was again indicted, this time for allegedly hacking cryptocurrency exchange EtherDelta in December 2017, changing the site’s DNS settings, and redirecting traffic to a clone where he and fellow indictee Anthony Tyler Nashatka, of New York, allegedly logged user credentials and then stole customer funds.

According to the BBC, Norfolk police traced and seized £275,000 (USD $339K) worth of cryptocurrency, including Bitcoin, under Gunton’s control.

The indictment against Gunton and Nashatka was filed on 13 August in San Francisco. Gunton was sentenced three days later to 20 months in prison in the UK for selling personal data on the dark web in exchange for cryptocurrency, following his arrest in 2018.

The two are facing five counts each in the US, with maximum prison penalties of up to 20 years, up to three years of supervised release, and a fine of up to $250,000, though maximum sentences are rarely handed out.

Just when you think your crimes are done exploding in your face…

So, about that ill-gotten cryptocurrency.

On Wednesday, as the Eastern Daily Press reports, prosecutor Kevin Barry said that Gunton’s parents would regularly visit Elliott in prison while he was on remand – in other words, in custody, awaiting trial.

Barry said that after one of those visits, in August 2018, police discovered that cryptocurrency was missing from the seized hardware wallet by someone using Jason Gunton’s laptop – £200,000 worth of cryptocurrency (USD $246.82K) had been transferred out.

Not all of the money in the wallet had been determined to have come from crimes, but tens of thousands of pounds of it did.

Police visited both homes of Elliott’s separated parents, and when they searched Carlie Gunton’s recycling bin, they found a scrap of paper with the 24-word password to the hardware wallet written on it.

Barry told the court that Carlie and Jason Gunton hadn’t been looking to profit off the cryptocurrency. Rather, they wanted to help their son, who didn’t know what they were up to. It was his dad who transferred the money, and it was his mom who gave him the password to get at it.

Her story is kind of muddled, the prosecution said. Did her son give her the password during a visit? She keeps changing her account, they said.

Judge Holt told the parents that Elliott is “extremely angry” at what they’d done, given the consequences for him. Namely, he’s been denied bail.

It will be tough for them to visit Elliott in US prison

Carlie Gunton admitted to transferring criminal property. She’s been given a three-month prison sentence suspended for one year. Jason Gunton admitted to the same charge along with perverting the course of justice and was handed a five-month prison sentence, also suspended for one year. Both were ordered to pay £600 costs.

Unfortunately, their error in judgement has left them both with prison sentences and criminal records. As pointed out by Carlie’s lawyer, Matthew McNiff, there’s a “real possibility” that Elliott will be transferred to the US to face charges, and his mother is going to have a tough time getting a visa in order to visit him, given her conviction.

A final bit of past crimes blowing up in a criminal’s face: last week, UK police auctioned off the criminally gotten cryptocurrency they seized from Gunton. It was a first for UK police, and they raised £300,000 ($369,000) – more than market value.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/MB5WHC5qb-0/

A UK class action privacy lawsuit against Google can go ahead, according to the UK Court of Appeal. The suit claims up to £3bn ($3.9bn) in damages based on Google’s manipulation of Apple’s Safari browser in 2011-12.

In 2010, Apple included anti-tracking technology in Safari that would stop advertising companies from inserting cookies into the browser.

Google developed a workaround, enabling it to put cookies from its DoubleClick advertising technology into users’ browsers anyway. Safari’s anti-tracking technology at the time made an exception for sites that users interacted with, so Google included code in advertisements that made it look as though the user was filling out a form.

This technique enabled the company to place cookies in Safari. Those small files could tell when the user visited a site participating in the DoubleClick advertising program, how long they spent on the site, what pages they visited, and in some cases even their rough geographic location.

The complaint calls this data ‘browser generated information’ or BGI, and says that over time it allowed Google to draw more conclusions about people, helping it to understand things like their sexual orientation, religious views, and political leanings. The company used this data to segment people into customer groups, which it used to target them with advertisements from its customers. So in other words, Google bypassed Apple’s technology protections to carry on its advertising operations as usual.

Google has already paid fines for these actions in the US. It stumped up $22.5m in FTC fines in 2012, and another $17m to 37 US states the following year. The company made those payments without admitting liability, though.

Three UK claimants sued the advertising behemoth in 2015 in a case led by Judith Vidal-Hall. Google settled with them. However, in ruling on the case, the court found that BGI could arguably constitute personal data, and that the complainants could potentially claim damages under section 13 of the UK Data Protection Act.

‘Safari workaround’ lawsuit

That encouraged another lawsuit in 2017 by former Which? executive director Richard Lloyd. This was a class action lawsuit, representing 5.4 million people allegedly affected by Google’s actions as described by the lawsuit’s public awareness website Google You Owe Us.

In October 2018, the High Court blocked the case from proceeding any further. It argued that while it found Google’s actions “wrongful, and a breach of duty”, it didn’t agree that complainants in a class action suit all shared a common interest. Neither did it agree that they could claim to have suffered ‘damage’ as defined under the DPA.

On 16 July 2018, Lloyd proceeded to the appeals court which handed down its judgement on 2 October. The court decided that personal data has value, and that losing control over personal data can be considered damage under the DPA after all.

So now, the group has the freedom to continue with its case. A simple piece of browser hackery on Google’s part almost a decade ago continues to haunt it.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/fsGgtlXfCI8/

A researcher has released details of a WhatsApp remote code execution (RCE) flaw it is claimed could be used to compromise not only the app but the mobile device the app is running on.

Reported to Facebook some weeks ago by a researcher called ‘Awakened’, the critical issue (CVE-2019-11932) affects users of the Android versions of the app, specifically versions 8.1 and 9.0 although not, apparently, version 8.0 (Apple’s iOS doesn’t appear to be affected).

It’s described as a double-free memory vulnerability in a WhatsApp image preview library called libpl_droidsonroids_gif.so, and some aspects of how it might execute remain unclear.

The researcher says an attack would involve first sending a malicious GIF image using any channel, that is by email, a rival messaging app, or sent direct through WhatsApp itself.

If WhatsApp is being used, and the attacker (or hapless intermediary) is on the contacts list of the user as a friend, apparently this GIF would download to the device automatically.

Execution would happen when the recipient subsequently opens the WhatsApp Gallery even if no file is selected or sent. Writes Awakened:

Since WhatsApp shows previews of every media (including the GIF file received), it will trigger the double-free bug and our RCE exploit.

To back this up, Awakened has released a video showing the sequence of events running on WhatsApp v2.19.203.

This shows the exploit giving an attacker full reverse shell with root and complete access to all the files on that device, its SD Card, and what appears to be the WhatsApp message database.

As mobile vulnerabilities go, this one looks like the keys to the castle. TNW’s report quotes someone from Facebook as responding:

It was reported and quickly addressed last month. We have no reason to believe this affected any users though of course we are always working to provide the latest security features to our users.

The company has also claimed that the exploit requires the user to have sent a malicious GIF themselves – something Awakened disputes. Having studied the video proof of concept, it looks more likely that Awakened is correct.

Time to worry?

Assuming users running affected Android versions have updated recently – this should happen automatically via the Play Store – the answer is no.

The WhatsApp version that patched the bug is 2.19.244, which appeared in early September.

More bothersome is that such a thing is possible at all. App exploits giving attackers control over a mobile device aren’t exactly thick on the ground even if WhatsApp itself has suffered the odd security flaw in recent times.

These include May’s report of a zero-day vulnerability that an “advanced cyber actor” had been exploiting to spy on a select group of WhatsApp users.

An even better fit might be a flaw discovered in October 2018 by Google that could have been used to compromise a user’s Android or iPhone device simply by getting them to answer a call.

Many of WhatsApp’s 1.5 billion users choose the software due to its privacy and security. These flaws a reminder that the feature list doesn’t include invulnerability.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/fPnnKlP45pM/

October is National Cybersecurity Awareness Month (NCSAM) and this year’s theme of ‘Own IT. Secure. IT. Protect IT.’ aims to encourage personal accountability for security. Computer security is a broad and complex subject but the truth is that criminals like low-hanging fruit and getting the basics right affords you an awful lot of protection.

Naked Security asked me to come up with an easy to follow guide that will help you get the security basics right if you’re buying a new laptop.

1. Have a plan for your data

Ah, the thrill of buying a new laptop. It’s so much faster than your last one! It can do all these great new things! It has so much more space! New lid space for stickers!

Well, it’s thrilling if it was planned, that is.

Often enough we end up buying a new laptop in something of an emergency situation, when the old one is finally so slow that it’s unusable or has a catastrophic failure. When the old laptop’s breakdown is a bit sudden, you might be caught trying to do data rescue on a fried computer, which is a frustrating and time-consuming situation at best.

Spare future-you a lot of grief by making sure you keep your data freshly backed up in at least one place, separate from your old laptop. This can include cloud-synced backups via services like DropBox, Carbonite, or iCloud, or physical periodic backups onto an external hard drive. Mac users can do this on a schedule via Time Machine, and Windows 10 offers its own automatic backup option under “Backup and Restore” in the Control Panel. Additionally, many external hard drive makers bundle their own backup software with the hard drives they make.

So yes, back it all up, in one place, so you know you have everything that you need without the time pressure and frustration of trying to dig it all out from a dead or dying hard drive.

Backing up your data on your old machine will make moving to a new one heaps easier. Many operating systems will offer to import data for you from your backup sources while you’re setting up your new machine, streamlining the set up process even more. But to take advantage of that, you’ll need good backups, so make sure you have them.

2. Apply available updates immediately

The moment you’ve passed the setup and login screens, go straight to your Control Panel for Windows or System Preferences for Mac and check for operating system (OS) updates.

It’s very likely that your OS is a little bit out of date just from sitting on a shelf for a while, and that means it’s missing crucial security updates. You wouldn’t want your brand-new laptop sitting vulnerable to security issues, especially when there’s already a fix available. So yes, before you install anything or start downloading your backed-up data, get your operating system updated first. (After all, OS updates often require restarting your machine, so it’s best to get that out of the way.)

Once your OS is up to date, you can start installing the programs you want and need. As you install each one do the same process as with your OS: Check the software is up to date.

Usually there’s an option in the program preferences to check for updates, run that once just to be sure that you have the latest version. Fresh downloads are likely to be the latest, greatest version of the software anyway, but applications copied from backups of your previous laptop may not be. A good place to start is with your web browsers, since you’re likely to be using them to find and download other bits of software.

3. Make sure auto-updates are turned on

For your operating system and for all your programs, if you have the option, turn on auto-updates. If you can’t find the auto-update section, it’s usually in the preferences or settings of the program, sometimes nested into a “security” tab.

Turning on auto-updates takes the bulk of the maintenance work out of keeping your software patched against nasty vulnerabilities, which in turn secures your data. It’s an easy win for your security.

4. Get a security program in place

New threats seem to surface with alarming frequency, and you should protect your new investment from whatever nastiness might come its way. Making sure your software is patched is an important step, but you should also make sure your entire machine has security software installed to protect your privacy, and keep your data safe from ransomware and other threats.

Some operating systems come with basic security protections already in place, but many security programs go beyond those basics and offer more robust protection from a wider variety of threats. (Sophos Home provides advanced protection for both PCs and Macs).

5. Install a password manager

Now that you’ve secured your operating system and your applications, give your credentials the same treatment. We recommend password managers to everyone as they make it incredibly easy to have unique, robust passwords for all of your applications and web services without needing to remember them. Some password managers work nicely within a browser extension, others tend to run as a “vault” program on your machine outside of the browser. Many password managers do both.

Ultimately your preference for whether a password manager should be cloud-based local only will dictate what kind of manager you’ll end up using, if you haven’t chosen one yet. We’ve written up several pieces on password managers if you need help deciding, but if you already use one, take this moment in your laptop set up process to remember to get yours up and running.

6. Dump the bloatware

When I’m setting up a new machine, this is one of the first steps I take. But it’s a step I often see people skipping altogether. I’m here to plead: Don’t!

If you’ve purchased a laptop from a major manufacturer, chances are they’ve shipped your shiny new machine with a whole bunch of new software. It’s likely that you won’t use half of it, and you probably already know which programs you’ll never touch.

Scrape those barnacles off your brand new machine and just uninstall these unwanted pre-installed programs (which is colloquially called “bloatware”). Every unused, unnoticed application is potential source of security vulnerabilities, and, hey, they take up space that you could use for applications or data you actually want.

And with that, you’re truly ready to start customizing your new laptop to your heart’s content. I’m curious to hear: What steps would you include in a new laptop set up? Let me know in the comments.

7. Give everyone their own account

If you aren’t the only person who will be using the laptop, don’t be tempted to share your username and password around. Create a separate account for each person who will be using the computer and make sure they have the access they need to do the things they need to do and nothing more (remember, administrator accounts are for administering, not browsing or checking email).

Doing this stops you from accidentally deleting each others’ data (or poking around in it) and allows everyone to configure the computer in the way they like it.

If your laptop is a Mac and you want to give your children access to it, read our guide to setting up a Mac for young children.

More NCSAM Activities

During NCSAM, Sophos is running a National Cybersecurity Awaraness Month webcast series. Every Wednesday in October you can hear from experts talking about the latest ransomware attacks, the importance of a modern threat detection and response program, phishing, and how to protect your network from encrypted threats.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/wJ2SUrOxfL0/

A new Naked Security podcast is now available.

This week host Anna Brading is joined by Sophos experts Mark Stockley and Greg Iddon.

We discuss the realities of user education in honour of National Cybersecurity Awareness Month [1’04”], Greg shares SophosLabs’ latest research into ‘Fleeceware’ [9’27”], Mark explains how Chrome brought Hollywood to a standstill [18’54] and Anna discusses why sextortion emails just won’t die [33’54].

Listen now!

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/o7v2auWGZeI/

TalkTalk will start charging £50 a year for its legacy email accounts unless you sign up as a broadband customer of the breach-scarred telco. And if you don’t pay, it’ll delete your account.

Presumably sick of ex-customers with ancient Tiscali and TalkTalk Mail addresses talking to The Register about why TalkTalk customer service is so painfully slow to shut them down when things go wrong, the company will kill off their accounts too.

“We need to start charging for TalkTalk Mail if customers no longer have broadband with us,” stated an email from the company to holders of Tiscali mailboxes.

From 20 November all your legacy Tiscali mailboxes will be shut down unless you pay £5 a month or £50 a year, said the email, seen by The Register.

Unfortunately, if you choose not to sign up for TalkTalk Mail Plus, from 20/11/2019 you’ll lose the vast majority of TalkTalk Mail features. For example, you’ll only be able to sign in at www.talktalk.co.uk/mail to check your emails. A few months after 20/11/2019, we will start closing down mailboxes that aren’t registered to a TalkTalk Broadband account or signed up for TalkTalk Mail Plus.

This is Talktalk’s response to The Register‘s reporting of what happens when legacy customers ask for their old mailboxes to be closed, usually after criminals and spammers force their way in. It’s rather cynical, though the provision of a free email address years after one stops being a paying customer is rather generous in this day and age.

TalkTalk deactivates hundreds of email accounts after legacy spam scare

READ MORE

When we asked what was going on here, a TalkTalk rep told us: “Our broadband customers can benefit from a wide range of perks including webmail, calling and privacy features at no additional cost. While TalkTalk Mail remains free for our broadband customers, all other users will now be required to pay a small fee. These users can save £2.50 a month with TalkTalk Mail compared to BT.”

Consider this your six weeks’ notice that you’re going to lose your ancient email address… unless you start paying through the nose for it.

Way back in 2010, Tiscali actually ranked second in the UK behind BT on broadband subscribers, before a 2009 merger with TalkTalk. Its corporate parent killed the brand the following year.

We’ve asked TalkTalk to clarify exactly which email addresses, suffixes and domains face the axe and will update when we hear back. ®

Sponsored:
What next after Netezza?

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2019/10/04/talktalk_kills_tiscali_legacy_email_addresses/

Infamous card-skimming malware Magecart is still out there – and the latest campaign has affected at least 17,000 domains so far, according to threat intel biz RiskIQ.

Head researcher Yonathan Klijnsma told The Register there are still around 15 active Magecart-employing cybercrime groups that RiskIQ is aware of.

With the average Magecart breach lasting 22 days, RiskIQ said, the threat posed by the malware is still strong.

American PC parts reseller Newegg was compromised by Magecart in September last year thanks to just 15 lines of Javascript inserted into payment card processing pages.

It’s never good when ‘Magecart’ and ‘bulletproof’ appear in the same sentence, but here we are

READ MORE

Similarly, Magecart was used to compromise British Airways last year as well, leveraging custom, targeted infrastructure to swipe the credit and debit card details of 380,000 people.

On top of that, according to RiskIQ’s latest report, around 17 per cent of malware-laden ads examined by the firm also contained Magecart skimmers. Shopping platforms such as Magento and Opencart are said to be the “lifeblood” of Magecart-using crooks, allowing them an easily compromisable attack vector.

So far the threat intel firm has detected 573 command-and-control domains, with more than 9,000 hosts “observed loading [command-and-control] domains”.

Terry Bishop, RiskIQ’s EMEA tech director, also told The Register that in one instance of a Magecart infection, it took an hour between the infection (as detected by file changes on the targeted server) and the initial exfiltration of customer data. However, in more complex cases, the criminals infiltrate enterprise infrastructure and spend weeks mapping it out and planning their next moves.

Klijnsma added that tracking some of the threat actors using Magecard was sometimes easier thanks to their reuse of recognisable code and other fingerprintable techniques. ®

Sponsored:
What next after Netezza?

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2019/10/04/magecart/

The winning captions for September’s cartoon contest are nothing to yawn about.

We hemmed. We hawed. By gosh, we even slept on it. Then with eyes wide open, the editors here at The Edge and Dark Reading voted on their favorite proposed cartoon captions for September’s contest.

And the winner is … “acampbell,” who scored a $25 Amazon gift card for the caption you see above. 

Second place, and a $10 Amazon gift card, goes to Bruce Lightsey, database manager at the Mississippi Department of Information Technology Services. His clever caption: “I’m getting comfortable with the smart home concept – how about you?”

Big thanks to all for participating! But there’s no time to rest … our October contest is now underway!

The Edge is Dark Reading’s home for features, threat data and in-depth perspectives on cybersecurity. View Full Bio

Article source: https://www.darkreading.com/edge/theedge/time-to-put-this-toon-to-bed/b/d-id/1335957?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

From lengthy email signatures to employees’ social media posts, we look at the many ways organizations make it easier for attackers to break in.

(Image: Yakobchuk Olena – stock.adobe.com)

Most of your employees likely know better than to send a password via email or open a strange attachment from someone they don’t know. But do they know better than to post photos of their badges on social media or include details about internal software in job descriptions?

“I see this all the time, and this is what makes my job as a simulated attacker so much easier,” says Stephanie Carruthers, global social engineering expert at IBM’s X-Force Red, who goes by “Snow.”

To be sure, there are many ways organizations and their employees unknowingly give cybercriminals a helping hand. Some of the errors are subtle, involving email signatures and out-of-office messages, points out Chris Hadnagy, founder and CEO of Social-Engineer. Others are bolder, involving social media. 

“You would think in 2019 we wouldn’t see this,” he says, explaining how even photos from office holiday parties can expose sensitive details. “There’s so much I can tell from these pictures.” Attackers looking to break in can learn plenty with simple Internet research, and oftentimes, the people sharing helpful information aren’t aware they’re doing anything wrong.

Here, security experts share the most common and consequential ways organizations unknowingly leave themselves vulnerable to cybercrime. Did they leave anything off the list? Feel free to weigh in and share your additions in the Comments section, below.

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “Why Clouds Keep Leaking Data.”

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance Technology, where she covered financial … View Full Bio

Article source: https://www.darkreading.com/vulnerabilities---threats/8-ways-businesses-unknowingly-help-hackers/d/d-id/1335956?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Cyberecurity incidents expected to rise by nearly 70% and cost $5 trillion annually by 2024.

These days, the use of artificial intelligence (AI) is becoming increasingly commonplace. Companies and governments use facial recognition technology to verify our identities; virtually every smartphone on the market has mapping and translation apps; and machine learning is an indispensable tool in diverse fields including conservation, healthcare, and agriculture.

As the power, influence, and reach of AI spreads, many international observers are scrutinizing the dual nature of AI technology. They’re considering not only AI’s positive transformative effects on human society and development — think of medical AI applications that help diagnose cancer early — but also its downsides, particularly in terms of the global security threats to which it can expose us all.

AI as a Weapon
As AI gets better and more sophisticated, it also enables cybercriminals to use deep learning and AI to breach security systems (just as cybersecurity experts use the same technology tools to detect suspicious online behavior). Deepfakes — using AI to superimpose one person’s face or voice over another in a video, for example — and other advanced AI-based methods will probably play a larger role in social media cybercrime and social engineering. It sounds scary, and it’s not science fiction.

In one noteworthy recent example of a deepfake that generated headlines in The Wall Street Journal, criminals employed AI-based software to replicate a CEO’s voice to command a cash transfer of €220,000 (approximately $243,000). Cybercrime experts called it a rare case of hacking that leveraged artificial intelligence.

In that scam, the head of a UK-based energy company thought he was on the phone with his boss, the chief executive of the firm’s German parent firm, who directed him to send the money to a Hungarian supplier. The German “caller” claimed the request was urgent and ordered the unwitting UK executive to initiate the transfer within the hour.

The IoT is a Bonanza for Cybercriminals
That’s just one instance of how AI has huge potential to transform how crime, and cybercrime in particular, is conducted. Using AI, bad actors will be able to refine their ability to launch attacks and discover new targets, such as by altering the signaling system in driverless cars. The growing ubiquity of the Internet of Things (IoT) is a particular gold mine for cybercriminals. There’s also increasing convergence of operational IT and corporate IT; which means that the production lines, warehouses, conveyor belts, and cooling systems of tomorrow will be even more exposed to an unprecedented volume of cyber threats. Even pumps at gas stations could be controlled or taken offline from afar by hackers.

Like any connected device that’s improperly secured (or not secured at all), it’s possible that Internet-connected gas pumps and other smart devices could be co-opted into botnets for use in distributed denial-of-service attacks, with bad guys recruiting them in their efforts to overload online services.

But it’s not only companies that are vulnerable. Cyberattacks on critical infrastructure can lead to widespread blackouts that can cripple a major city, an entire region, or a country for days or weeks, which makes such attacks a massively destructive weapon for malicious nation-states. North Korea is infamous for cyber warfare capabilities including sabotage, exploitation, and data theft. According to the United Nations, the country has racked up roughly $2 billion via “widespread and increasingly sophisticated” cyberattacks to bankroll its weapons of mass destruction programs.

Damages to Exceed $5 Trillion by 2024
Because of the general trend toward corporate digitization and the growing volume of everyday activities that require online services, society is becoming ever more vulnerable to cyberattacks. Juniper Research recently reported that the price tag of security breaches will rise from $3 trillion each year to over $5 trillion in 2024, an average annual growth of 11%. As government regulation gets stricter, this growth will be driven mainly by increasingly higher fines for data breaches as well as business losses incurred by enterprises that rely on digital services.

According to Jupiter’s report, the cost per breach will steadily rise in the future. The levels of data disclosed certainly will make headlines, but they won’t directly impact breach costs, as most fines and lost business are not directly related to breach sizes.

AI-Based Attacks Require AI-Based Defenses
As cyberattacks become more increasingly devious and hard to detect, companies need to give their defense strategies some serious second or third thoughts. AI can constantly improve itself and change parameters and signatures automatically in response to any defense it’s up against. Given the global shortage of IT and cybersecurity talent, merely putting more brilliant and ingenious noses to the grindstone won’t solve the problem. The only way to battle a machine is with another machine.

On the plus side, AI has the potential to expand the reach for spotting and defending against cyberattacks, some of which have had worldwide impact. When it comes to detecting anomalies in traffic patterns or modeling user behavior, AI really shines. It can eliminate human error and dramatically reduce complexity. For example, Google stopped 99% of incoming spam using its machine learning technology. Some observers say AI may become a useful tool to link attacks to their perpetrators — whether it’s a criminal act by a lone actor or a security breach by a rogue state.

In the cybersecurity world, the bad guys are picking up the pace. As a result, the corporate sector must pay attention to AI’s potential as a first line of defense. Doing so is the only way to understand the threats and respond to the consequences of cybercrime.

Related Content:

• Cybercriminal’s Black Market Pricing Guide
• Cybercriminals Impersonate Chief Exec’s Voice with AI Software
• How Cybercriminals Exploit Simple Human Mistakes
• Cybercrime-as-a-Service: No End in Sight

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “How the City of Angels Is Tackling Cyber Devilry.”

Marc Wilczek is a columnist and recognized thought leader, geared toward helping organizations drive their digital agenda and achieve higher levels of innovation and productivity through technology. Over the past 20 years, he has held various senior leadership roles across … View Full Bio

Article source: https://www.darkreading.com/risk/cybercrime-ais-growing-threat-/a/d-id/1335924?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple