Tag Archives: Hackers

A Cybersecurity and Artificial Intelligence Forecast for 2020

24 Dec

cybersecurity

  •    Malware developers already use a variety of techniques to evade sandboxes.
  •    In 2020, we believe that new malware–using AI-models to evade sandboxes–will be born.
  •    The focus of the global hacker community will shift to emphasize ransomware and cryptojacking.

Our focus is on using deep learning to advance the standards in malware detection (and we see a lot of good happening in that regard) so we bring a unique perspective to these two areas.

And not to brag, but when the question came up last year we provided a modest forecast that turned out to be fairly accurate. Here’s a quick recap:

-We said that AI would be a key component to the delivery and management of 5G wireless services, which is in-line with what the industry is now saying about its roll-out.

-Our bet was behind the emergence of AI-as-a-Service. It’s comforting to know that Microsoft CEO Satya Nadella agrees, and sees a $77 billion market by 2025, according to Motley Fool.

-Last year we predicted the emergence of more sophisticated learning techniques, advancing the capabilities and efficacy of machine learning and deep learning algorithms, and that has been happening.

-We’ll even take credit for our prediction that AI in all its forms would see greater commercialization and consumerization, even though that one was probably self-evident in hindsight. Development and improvement in products like smart assistants, smartphones, autonomous vehicles, medical devices and more will continue apace now that AI is mainstream.

So what can we expect for 2020? We’re going to keep our forecast in the realm of cybersecurity and AI this year, looking at both the threat landscape and the emergence of innovative defenses. Here are five trends we see developing in the new year.

Cybercrime will focus on ransomware and cryptojacking

The focus of the global hacker community will shift to emphasize ransomware and cryptojacking. Ransomware has proven to be a lucrative source of income for hackers, and as associated malware and delivery techniques become more effective, that is only going to embolden them. Most hackers launch attacks from locations beyond the reach of U.S. authorities, and they collect payments in the form of cryptocurrency to minimize the risk factor of their illicit endeavors. And as cryptocurrency becomes more mainstream, we foresee a sharp increase in attacks intended to hijack computing resources to power the computations necessary to “mine” coins. What we’re seeing in Blue Hexagon Labs research is that cryptojacking attacks appear to have an inverse relationship to ransomware attacks. This is likely driven by hacker motivations; as the value of cryptocurrency increases, it may be more lucrative (and easier) to focus on cryptojacking than ransomware.

Malware-as-a-Service becomes increasingly sophisticated

Criminal hackers are innovators and entrepreneurial (even if they are evil, self-centered, and destructive innovators and entrepreneurs). As such, they are keen on minimizing cost and risk, and one way they are doing that is by productizing their tools and skills. As a result, Malware-as-a-Service hacking groups are now selling kits and automated services on dark web marketplaces. In March of this year, we wrote about Gandcrab ransomware-as-a-service. We will see these services increase in sophistication in the coming year–for example, the ability to select customizations such as the type of obfuscation or evasion techniques, and the way the malware is delivered. This will make it easier for anyone to get in on the malware game, creating a force multiplier effect that will increase the number of threats enterprises will face in the years to come.

First malware using AI-Models to evade sandboxes will be born in 2020

Malware developers already use a variety of techniques to evade sandboxes. A recent article explained that “Cerber ransomware runs 28 processes to check if it is really running in a target environment, refusing to detonate if it finds debuggers installed to detect malware, the presence of virtual machines (a basic “tell” for traditional sandboxes), or loaded modules, file paths, etc., known to be used by different traditional sandboxing vendors.”

In 2020, we believe that new malware–using AI-models to evade sandboxes–will be born. This has already been investigated in academia. Instead of using rules to determine whether the “features” and “processes” indicate the sample is in a sandbox, malware authors will instead use AI, effectively creating malware that can more accurately analyze its environment to determine if it is running in a sandbox, making it more effective at evasion. As a result of these malware author innovations and existing limitations, the sandbox will become ineffective as a means to detect unknown malware.  Correspondingly, cybersecurity defenders’ adoption of AI-powered malware defenses will increase.

The rollout of 5G networks will bring new attack vectors

The infrastructure needed to roll out and manage new 5G networks requires a more complex, software-defined architecture than older communication networks. This new architecture means services will operate within a more complex environment with a broader attack surface that requires more security diligence on the part of the service providers. In addition, the advent of 5G networks will enable more endpoint devices that will require security at the network edge. Hackers, in particular, nation-state threat actors, will work hard to find and exploit weaknesses in this architecture to intercept traffic, disrupt services, and deliver payloads to endpoints and networks.

Privacy regulations drive more spending in cybersecurity

The European Union’s General Data Protection Regulation (GDPR) has inspired a number of privacy regulations, including the new California Consumer Privacy Act (CCPA). In the CCPA, California has created a combined privacy and breach disclosure law that goes into effect on January 1, 2020. The office of the California attorney general recommends NIST (800-53 or CSF) or ISO 27001 as their standards for implementation, and uses CIS Controls for security program guidance. That means an emphasis on malware detection and prevention, and with data breach violations reaching hundreds of millions of dollars in the EU and U.S., we predict CCPA and the recent history of enforcement will drive a significant increase in cybersecurity spending.

Even though the overall theme of these predictions suggests increasing threats and risks to the enterprise, we do see cause for optimism. Our experience with the application of deep learning to meet the challenges of threat detection and prevention give us hope that, as our efforts and those of other innovators continue and build momentum, we are confident that 2020 will be regarded as the year our industry finally turned the tide against hackers.

Source: https://www.globaltrademag.com/a-cybersecurity-and-artificial-intelligence-forecast-for-2020/
24 12 19

Combating Unwarranted Phone Surveillance with Biometrics and Voice Control

1 Mar

Amidst the introduction of a new mobile tracking bill, targeting the existence of warrants— there has been a sudden rise in the number of frightened consumers. Most handset owners are dealing with skepticism, concerning lack of mobile security and other malicious activities.

In this post, we will be talking about the possible security loopholes in the existing arena in addition to certain methodologies or rather technologies for combating the same. Before we move any further into this post, it is fitting enough to understand how phone surveillance works, regardless of the legalities associated with the same.

Decoding Mobile Tracking

Phone Surveillance

In simpler terms, mobile tracking is an undesirable act of sabotaging someone’s privacy. While many government organizations have already resorted to these methods for averting security threats, more often than not phone surveillance is an unwarranted and unauthorized affair— leading to catastrophic outcomes.

Existent of Consumer Spyware

When it comes to malware targeting mobile tracking, consumer spyware is the latest fad. This is one of the most effective techniques— used by fraudulent organizations for getting inside the handset of any user. Usually, this form of malware comes as a mobile application or a separate, downloadable entity. Once allowed access, the spyware easy takes control of images, data, phone log and everything that’s inside the device.

The worst part about consumer spyware is that it can be installed within a few seconds and starts working in the background. While physical access to the handset is required, a skilled hacker can easily install the bug without the owner even noticing the instantaneous sabotage. That said, malicious applications can also embed the spyware with minimal hassles.

Lastly, consumer spyware can even access the phone audio and microphone, allowing hackers gain complete access to every word spoken.

This form of malware is mostly used by firms with nefarious intentions who look to sell over the acquired details to other parties for financial perks.

‘Stingrays’

stingrays and Phone Surveillance

While malicious applications and malware can be detected by being vigilant, there are certain newly devised techniques which are nearly impossible to identify. Stingrays are the newest techniques used by hackers for getting unwarranted access to any mobile. These entities sit on the mobile towers or act as authorized establishments— luring users into addressing them as legit ones. Mobile users, unknowingly, send data via these towers and allow malicious sources right into the device.

Safeguarding Handsets with Biometrics

Biometrics are some of the more desirable techniques, targeting mobile safety and privacy. While the existing solutions are great, we are expecting a more granular approach towards secured devices. The concept of biometric protection has already been taken seriously by several authorities— across the globe— integrated with global bank statements and other confidential documents. Some of the developing nations have also identified the importance of biometric solutions— integrating the likes of national cards and associated details with the respective handsets.

However, the amalgamation of identity card biometrics with mobile solutions need to be country-specific as different nations have different rules regarding their ID segregations. We have country-specific biometric-spruced ID proofs for the developed and even developing nations— biding the likes of retina scans, fingerprints and even digital signage with the smartphones.

biometrics and Phone Surveillance

This is a more granular approach towards biometric solutions and is expected to curb the inadvertent growth of unwarranted phone surveillance.

Certain AI empowered smartphones are also being considered for amalgamating biometrics with voice and other kinds of authentication schemes.

Combating Fraud with Voice Control

Although getting access to the phone mic isn’t as hard as it seems, consumer spyware can still be kept at bay via authorized voice control. While accessing any electronic device via voice seems to be a far-fetched idea, it seems scientists have already established certain measures leading to the same.

Quite recently, scientists have developed a low-cost chip which could change the way we handle our electronic gadgets— especially the mobiles.

Closing in on the chip, it is a great tool for automatic voice recognition— featuring a low-power console, courtesy the adaptable form factor. If used in a cellphone, the existing chip requires a mere 1W to get activated. Moreover, the usage pattern actually determines the amount of power needed to keep the chip activated.

When it comes to safety, the existing chip can sit on any given cellphone and prevent unauthorized access. This feature is one aspect of looking at Internet of Things for mobiles— instrumental in safeguarding the same from unwarranted surveillance.

The reason why we are upbeat for voice recognition as a pillar of safety is that speech input, in years to come, is expected to be a natural interface for more intelligent devices— making hacking a less-visited arena.

In the upcoming years, voice recognition chips are expected to make use of neural architecture and other aspects of human intelligence— making safety an obvious concept and not a selective one. However, power consumption remains to be one of the major limitations. At present one chip works on a single neural node of a given network— passing 32 increments of 10-milliseconds each.

Bottom-Line

Unethical tracking isn’t going to stop with the introduction of voice recognition techniques and biometrics. However, perfect application of the same seems to have lowered down the instances and we can just be hopeful of a more transparent future. There has been a lot of work going on in the field of speech recognition for every smartphone and we might soon see a pathbreaking innovation in the concerned field.

That said, biometrics have found their way into our lives, documents and even smartphones and their usage has also skyrocketed. There were times when users hardly made use of a fingerprint scanner but the current scenario suggests that iPhone’s Touch ID is used at least 84 times a day— on an average. This shows users are slowly adopting technology as their weapon towards safety and privacy.

Source: http://fundesco.net/combating-unwarranted-phone-surveillance-with-biometrics-and-voice-control/

Is someone watching you online? The security risks of the Internet of Things

21 Mar

The range and number of “things” connected to the internet is truly astounding, including security cameras, ovens, alarm systems, baby monitors and cars. They’re are all going online, so they can be remotely monitored and controlled over the internet.

Internet of Things (IoT) devices typically incorporate sensors, switches and logging capabilities that collect and transmit data across the internet.

Some devices may be used for monitoring, using the internet to provide real-time status updates. Devices like air conditioners or door locks allow you to interact and control them remotely.

Most people have a limited understanding of the security and privacy implications of IoT devices. Manufacturers who are first-to-market are rewarded for developing cheap devices and new features with little regard for security or privacy.

At the heart of all IoT devices is the embedded firmware. This is the operating system that provides the controls and functions to the device.

Our previous research on internet device firmware demonstrated that even the largest manufacturers of broadband routers frequently used insecure and vulnerable firmware components.

IoT risks are compounded by their highly connected and accessible nature. So, in addition to suffering from similar concerns as broadband routers, IoT devices need to be protected against a wider range of active and passive threats.

Active IoT threats

Poorly secured smart devices are a serious threat to the security of your network, whether that’s at home or at work. Because IoT devices are often connected to your network, they are situated where they can access and monitor other network equipment.

This connectivity could allow attackers to use a compromised IoT device to bypass your network security settings and launch attacks against other network equipment as if it was “from the inside”.

Many network-connected devices employ default passwords and have limited security controls, so anyone who can find an insecure device online can access it. Recently, security researchers even managed to hack a car, which relied on readily accessible (and predictable) Vehicle Identification Numbers (VINs) as its only security.

There are many security threats to the Internet of Things.
Author provided

Hackers have exploited insecure default configurations for decades. Ten years ago, when internet-connected (IP) security cameras became common, attackers used Google to scan for keywords contained in the camera’s management interface.

Sadly, device security hasn’t improved much in ten years. There are search engines that can allow people to easily locate (and possibly exploit) a wide range of internet-connected devices.

Many IoT devices are already easily compromised.

Passive threats

In contrast to active threats, passive threats emerge from manufacturers collecting and storing private user data. Because IoT devices are merely glorified network sensors, they rely on manufacturer servers to do processing and analysis.

So end users may freely share everything from credit information to intimate personal details. Your IoT devices may end up knowing more about your personal life than you do.

Devices like the Fitbit may even collect data to be used to assess insurance claims.

With manufacturers collecting so much data, we all need to understand the long-term risks and threats. Indefinite data storage by third parties is a significant concern. The extent of the issues associated with data collection is only just coming to light.

Concentrated private user data on network servers also presents an attractive target for cyber criminals. By compromising just a single manufacturer’s devices, a hacker could gain access to millions of people’s details in one attack.

What can you do?

Sadly, we are at the mercy of manufacturers. History shows that their interests are not always aligned with ours. Their task is to get new and exciting equipment to market as cheaply and quickly as possible.

IoT devices often lack transparency. Most devices can be used only with the manufacturer’s own software. However, little information is provided about what data is collected or how it is stored and secured.

But, if you must have the latest gadgets with new and shiny features, here’s some homework to do first:

  • Ask yourself whether the benefits outweigh the privacy and security risks.
  • Find out who makes the device. Are they well known and do they provide good support?
  • Do they have an easy-to-understand privacy statement? And how do they use or protect your data?
  • Where possible, look for a device with an open platform, which doesn’t lock you in to only one service. Being able to upload data to a server of your choice gives you flexibility.
  • If you’ve already bought an IoT device, search Google for “is [your device name] secure?” to find out what security researchers and users have already experienced.

All of us need to understand the nature of the data we are sharing. While IoT devices promise benefits, they introduce risks with respect to our privacy and security.

Source: http://3583bytesready.net/tag/internet-of-things/

4G LTE could spur DDoS, mobile data theft

3 Oct

Hackers can leverage high speed and data capacity of LTE networks to perpetrate distributed denial-of-service attacks on networks, and also target data on mobile devices.

The rise of 4G LTE networks can bring about security incidents such as distributed denial-of-service (DDoS) attacks on corporate and home networks, and data theft on mobile devices, industry watchers say.

According to Michela Menting, cybersecurity senior analyst at ABI Research, hackers can leverage the high speed and increased data capacity of LTE networks, and fast processing capabilities of smartphones to perpetuate DDoS attacks.

Most nations are susceptible to this as they increasingly wire up with LTE networks and smartphone adoption is increasing rapidly worldwide, she observed.

Elaborating, she noted LTE networks use Internet Protocol (IP) based communication in their transport network and base stations. Their core network point of entrance being through femtocells, a base station which acts as a wireless access point for a home or business, she pointed out.

While femtocells are popular among operators because they are a less expensive alternative to upgrade, they also require the exposure of public IP addresses of security gateways to enable communication between the end-user device and the core network, she noted. An increase in femtocell deployment could lead to more exposure to IP-based threats such as denial-of-service attacks, she said.

“Consequently, increasingly aggressive network attacks against subscriber identity management, routing and roaming, can be expected,” she added.

Mobile devices, data potentially more vulnerable Another observer Patrick Lum, senior consultant at Verizon’s risk group, noted hackers can design malware which create botnets, or centrally controlled networks of compromised systems, and they can be used for the purposes of sending spam or participating in DDoS attacks.

With LTE operating as an IP network and providing higher bandwidth, mobile phones will be a “lucrative” target for hackers looking to expand their existing botnets, Lum explained.

This will also result in a significant increase in new IPs, which could lead to hackers to create phishing attacks which can lead to data theft and loss since many users tend to store sensitive data on their mobile phones, he said.

Femtocells will be deployed wherever people and businesses need them, such as inside homes, shopping centers, airports and hospitals, Menting warned. This means it will be much easier for hackers to “wreak havoc” in specifically targeted areas, she said.

Those that provide online services such as e-commerce and Internet banking are more at risk compared to those with just a Web page, because any disruption in the online service will inevitably lead to a loss in revenue or fines from authorities, he said.

Partner telcos, ISPs, have internal DDoS plan Telcos and internet service providers (ISPs) will have to limit and mitigate threats as they happen, and continuously work to patch vulnerabilities once they are exposed, Menting suggested.

Companies can also have agreements and with the hosting provider or the ISPs providing the network service, Lim added.

“These external parties often have the ability to filter or block DDoS attacks within their own network environment before the attack reaches the victim’s networks,” he said.

Internally, companies must devise a DDoS response plan with key processes and procedures for IT personnel to follow in case of a potential attack, he said. Adequate preparation will enable companies to anticipate DDOS attacks or identifying risk, which will go a long way in preventing significant data or revenue loss for a company, he said.

Source: http://www.zdnet.com/4g-lte-could-spur-ddos-mobile-data-theft-7000005106/

%d bloggers like this: