Tony Glover
InfoSecurity Europe 2024 – Was It All Worth It?
As the stands were being packed away on the show floor at the end of the InfoSecurity Europe 2024 conference in London this week (June 4-6), it was time for exhibitors and attendees to take stock of the three-day event. The mood among exhibitors as they packed everything away in cardboard boxes was distinctly upbeat compared to last year’s event, which was still overshadowed by two long years of lockdown. “It was great to be among people two years post-pandemic and to be able to see the whites of their eyes and the smiles on their faces. In an industry as serious as cybersecurity, it is also important to have face-to-face moments of levity and bonhomie,” said Matt Butterworth, senior account manager at data erasure specialist Blancco Technologies. Neal Smyth, of managed cloud and cybersecurity company Ekco, commented: “Our presentation was oversubscribed with standing-room only. As well as generating leads, we had more customers coming to the stand this year. For example, a representative of a government department simply turned up and asked us to tender. I also hear that other exhibitors were seeing more potential customers attending InfoSecurity this year.”
Deepfakes dominate InfoSecurity Europe 2024
InfoSecurity Europe, widely acknowledged as the chief global challenger to RSA in the US, kicked off with a Keynote speech and panel discussion on “Mapping the Deepfake Landscape.” Broadcaster and researcher Henry Adjer quoted numerous examples of the increasing sophistication of malicious deepfakes. The most interesting example of a deepfake was a false image purporting to show an explosion near the Pentagon shared by multiple verified Twitter accounts last year, resulting in a brief dip in the value of the New York Stock Exchange. “Threat actors are starting to explore the possibility of using deepfakes to move share prices with fake podcasts and video interviews with company C-suite executives of listed companies. Even if the fake is quickly spotted and squashed and the company’s shares are only impacted for 10 minutes, the threat actor can make a huge profit by speculating on the movement of a specific stock,” says Tim Grieveson, senior vice president of global cyber risk at cybersecurity firm BitSight, which in 2021 received £250 million funding from financial services giant Moody’s.
FBI takes down BreachForums -again!
The US Federal Bureau of Investigation (FBI) is investigating the criminal hacking forum BreachForums after taking down its website last week. This follows the announcement in February of the seizure of the LockBit ransomware gang’s extortion website. “From June 2023 until May 2024, BreachForums (hosted at breachforums.st/.cx/.is/.vc and run by ShinyHunters) was operating as a clear-net marketplace for cybercriminals to buy, sell, and trade contraband, including stolen access devices, means of identification, hacking tools, breached databases, and other illegal services,” says an FBI advisory.
Cyber gangs hold healthcare ransom
Cybercriminal groups have now completely abandoned any pretense that theirs are basically victimless crimes by attacking the healthcare sector with increasing ruthlessness. Healthcare, once said to be off limits to ‘responsible’ cyber criminals, is now the subject of an urgent warning from the Cybersecurity Coordination Center (HC3) of the US Department of Health and Human Services. “HC3 has recently observed threat actors employing advanced social engineering tactics to target IT help desks in the health sector and gain initial access to target organizations,” the warning states. Tactics include contacting an organization’s IT help desk with phone calls from a familiar area code and claiming to be an employee in a financial role.
Joe Biden to cripple China’s car industry
US President Joe Biden has dealt a potentially devastating blow to China’s tottering economy by accusing China’s auto industry of posing a serious cyber risk to US national security. An impassioned speech from the President concerning the cyber threat posed by China comes only weeks after a similar warning from the US Federal Bureau of Investigation (FBI) concerning China’s plans to launch a cyber-attack on US national infrastructure. “China is determined to dominate the future of the auto market, including by using unfair practices. China’s policies could flood our market with its vehicles, posing risks to our national security. I’m not going to let that happen on my watch,” promises the President.
Gen Z’ers ditch smartphone services
Silicon Valley has a new problem - a generation that is turning off its digital lifestyle and ditching its smartphones. Gen Z, young people born between 1997 and 2012, have given Silicon Valley’s meticulously planned digital future for humanity a firm thumbs down. Fifty percent of Gen Z’ers are interested in taking a break from their smartphones, while only 20 percent of Boomers, people born from 1946 to 1964, want a break, according to a survey from web-hosting company Squarespace. Last year, smartphone sales shipments dipped by around 70 million units, hitting the lowest shipment level in a decade, driven by falling sales in North America and China. At the same time, the new generation is buying old-school flip phones, nicknamed ‘dumbphones’, in preference to the latest Apple smartphones. According to market researcher Counterpoint Research: “Feature phones in the US market have made a resurgence as Gen Z and millennials are advocating for digital detoxes due to the mental health concerns brought on by smartphones and social media…Given the relatively cheap price point of feature phones ($20-$50 with a prepaid carrier and $50-$100 unlocked), more people are trying out these devices and sharing their experiences on social media.”.
Corruption allegations overshadow EU cyber rulings
The European Union (EU) has adopted its first Cybersecurity Certificate scheme to boost cybersecurity in products and services sold within the EU states, amid ongoing investigations of alleged corruption in Brussels. The European Cybersecurity Scheme on Common Criteria (EUCC) drafted by the European Union Agency for Cybersecurity (ENISA) was adopted on Wednesday as the first scheme within the EU cybersecurity certification framework. ENISA is also already developing two additional cybersecurity certification schemes: EUCS on cloud services and EU5G on 5G security. But the announcement coincided with another press release published by the EU on the same day. On Wednesday, Jan 31st, 2024, the Committee on Civil Liberties also endorsed the draft negotiating mandate for stronger rules against corrupt decision-makers across all levels in the EU. Members of the European Parliament (MEPs) amended the draft anti-corruption provisions to cover “any person entrusted with tasks of public interest or in charge of a public service”, with top EU decision-makers, European Commissioners, the President of the European Council and MEPs to be added to the category of “high-level officials” who will now be subjected to more severe rules than in the past.
Geopolitical tensions fuel botnet boom
Recent weeks have seen an exponential rise in malicious botnets performing reconnaissance scanning to scout out victims. According to researchers at cybersecurity firm Netscout, the number of potentially compromised devices rose from around 10,000 to roughly 144,000 over December, with no sign of the trend letting up. “The trend continued into the new year, with the largest spikes occurring on January 5 and 6, eclipsing one million distinct devices. The levels reached an unprecedented 1,294,416 on the 5th,” reports Netscout. The Netscout researchers say that this increased malicious scanning has been isolated to five key countries: The United States, China, Vietnam, Taiwan, and Russia. All have seen a rise in attackers using cheap or free cloud and hosting servers to create botnet launch pads.
‘Hacktivists’ target environmental services
Politically-motivated hacking, known as ‘hacktivism’, is now on the rise across large sections of the globe. Politically motivated groups are increasingly attacking their enemies with primitive but effective distributed denial-of-service (DDoS) attacks, which involve overwhelming the target’s servers with vast volumes of internet traffic. But, according to cybersecurity firm Cloudflare’s DDoS Threat Report, the organizations being targeted most are environmental agencies pursuing green agendas such as Net Zero. While Cloudflare reported an overall increase of 117 percent in DDoS attacks around Black Friday and the holiday season, DDoS attacks on environmental agencies have soared over sixty-thousand-fold over the same period.
FNF hack exposes 1.3m customer details
US real estate financial services fat cat, Fidelity National Financial (FNF), has revealed details of a cybersecurity breach that occurred in November, exposing the details of 1.3 million customers. An updated filing to the US Securities and Exchange Commission (SEC) claims the attack, which occurred on November 19, 2023, was detected early on and successfully contained. But despite FNF’s best efforts, over a million customers will wonder if the threat actors behind the breach also believe that their attack has been successfully “contained.” The nature of their target suggests otherwise. A Fortune 500 company, FNF is one of the largest companies of its kind in the US, with an annual revenue of over $10 billion, a market capitalization of $13.3 billion, and a staff of over 23,000 people.
Blockchains lose $1.8 billion to cybercrime
Web 3.0, the blockchain version of the traditional internet that hosts decentralized blockchain crypto-currencies, lost over US$1.8 billion in 2023 to cybercrime. Newly released findings from cybersecurity firm Certik’s latest Hack3D Annual Report cast a pall over the US Securities and Exchange Commission (SEC)’s much-anticipated approval of up to a dozen Bitcoin ETFs (exchange-traded funds) on Wednesday. It will also cast a long shadow over the hoped-for institutional acceptance of crypto-currencies by influential financial entities, including Swift, the Hong Kong Monetary Authority, and the Australia and New Zealand Banking Group (ANZ). In the second half of last year, the SEC scrutinized a series of proposals, notably extending review periods for Bitcoin ETF applications from major firms like BlackRock, ARK, and Fidelity.
Nuclear facility reportedly hacked by Russia and China
In what is an urgent and stark warning to nuclear facilities around the world, UK nuclear facility Sellafield, formerly called Windscale, is reported to have been hacked by groups linked to China and Russia. The 70-year-old sprawling six-square-kilometre facility, located on the North-West coast of England, holds the planet's largest store of plutonium as a result of processing nuclear waste from decades of atomic power generation and weapons programs. The UK authorities do not know exactly when the hack originally occurred, according to The Guardian newspaper, although breaches are said to have been detected as long ago as 2015, when sleeper malware, used to attack systems remotely and at will over a long period, was found to have been embedded. In what amounts to a national scandal for the UK, it is still not yet known if the malware has actually been eradicated.
Storm gathers over the cloud
News of the mass exploitation of ownCloud customers as a result of a zero-day vulnerability follows revelations earlier this month of a critical security vulnerability in Microsoft’s Azure cloud platform. Reports of gaping security flaws in cloud services come at a bad time for cloud service providers in general and Microsoft in particular. The Seattle-based computing giant is currently doing its utmost to persuade the US, UK, and Australian governments that its Azure Government Cloud is the best way for the AUKUS trio to securely update cross-border information and enhance mutual collaboration. This might prove problematic for Microsoft, whose Azure platform was recently proven to have a critical vulnerability, and some of whose government clients suffered a series of serious breaches earlier this year.
AI “overrated and overhyped” say cybercriminals
The verdict on artificial intelligence (AI) from the real experts is finally in; professional cybercriminal fraternities have judged AI to be “overrated, overhyped and redundant,” according to fresh research from cybersecurity firm Sophos. It has, hitherto, been accepted wisdom in the cybersecurity industry that cybercriminals, free from any regulatory authority or moral scruples, were among the first to harness the awesome power of AI to create bespoke and virtually unstoppable malware. However, having infiltrated the Dark Web forums where top professional cybercriminals discuss their trade, Sophos reports that the cybercrime sector has thoroughly tested the capabilities of AI and found it wanting.
Ransomware gang turns SEC informant
When a top mob boss turns his co-criminals over to the authorities, the US Federal Bureau of Information labels him a ‘stool pigeon.’ Similarly, the AlphaV ransomware gang is turning informer, not on its rivals but on its victims. In what is a likely portent of things to come, the gang has had the nerve to inform on MeridianLink (MLNK) to the United States Securities and Exchange Commission (SEC) for being slow to report a ransomware attack that they themselves had initiated earlier in the month.