cyber attack | Business Upturn

North Korean hackers leverage AI, raising global cybersecurity concerns

Eesha Chakraborty — Sun, 25 Feb 2024 03:35:15 +0000

North Korean hackers, long notorious for their audacious cyberattacks, have taken their game to the next level by incorporating generative artificial intelligence (AI) into their operations. This development, reported by security experts and intelligence agencies, marks a concerning escalation in the sophistication and potential impact of North Korea’s cyber threats.

Previously known for brazen attacks like the Bangladesh central bank heist and the WannaCry ransomware epidemic, North Korean hackers are now leveraging AI’s power to create more convincing online personas and tailor phishing campaigns with unprecedented precision. Imagine receiving a LinkedIn message from a seemingly legitimate recruiter, only to discover later it was a meticulously crafted AI-generated profile designed to steal your credentials. This is the reality that cybersecurity professionals now face, with the added complexity of AI-powered attacks blurring the lines between human and machine interaction.

The integration of AI raises several critical concerns. Firstly, it facilitates targeted espionage and financial theft, potentially fueling North Korea’s nuclear weapons program. The ability to bypass language barriers and generate realistic documents enables hackers to infiltrate sensitive networks and steal valuable information, intellectual property, and funds. Secondly, it complicates global cybersecurity efforts. Identifying and neutralizing AI-powered attacks requires advanced detection algorithms and constant adaptation, posing a significant challenge for defense systems designed to combat traditional cyber threats.

The report by the National Intelligence Service further highlights North Korea’s ambitious AI development, encompassing government, academic, and commercial sectors. This comprehensive approach suggests a strategic focus on leveraging AI across various domains, including public health, nuclear safety, and military simulations. While some private entities claim to have integrated AI into their surveillance systems, the true extent of North Korea’s AI capabilities remains shrouded in secrecy.

The arms race in the cybersecurity realm is intensifying, with both defense and offense adopting AI tools. While machine learning algorithms traditionally aided in identifying suspicious network activity, offensive actors are now exploring large language models like ChatGPT to automate and personalize attacks. This dual-use nature of AI underscores the need for responsible development and deployment, ensuring its benefits outweigh the potential harm.

Enhanced international cooperation is crucial to share intelligence, develop robust AI-powered defense systems, and establish clear norms for responsible AI development. Additionally, continued investment in research and development is essential to stay ahead of the curve and ensure effective countermeasures against AI-powered cyberattacks.

Australia will increase penalties for data breaches following cyberattacks

Aryan Jakhar — Sun, 23 Oct 2022 02:43:27 +0000

Following high-profile hacks that affected millions of Australians in recent weeks, Attorney-General Mark Dreyfus announced that Australia would submit regulations to parliament that would strengthen the penalty for businesses that suffer significant data breaches.

Since Optus, the second-largest telco in Australia and controlled by Singtel, reported on September 22 a hack that resulted in the theft of personal data from up to 10 million accounts, the telco, financial, and government sectors in that country have been on high alert.

This month, a data breach at health insurance Medibank Private, which provides coverage for one-sixth of Australians, resulted in the theft of 200 terabytes of data and the personal information of 100 customers, including medical diagnoses and procedures.

In a formal statement released on Saturday, Dreyfus stated that the government would alter privacy regulations the following week to “substantially enhance penalties for persistent or major privacy violations.”

The maximum fines for major or persistent privacy violations will increase from the current A$2.22 million ($1.4 million) to the greater of A$50 million, three times the amount of the profit received via the abuse of information, or 30% of turnover in the relevant period, he added.

Australians have a right to assume that their personal information would be protected when asked to provide it to businesses, according to the attorney general.

“Significant privacy breaches in recent weeks have shown existing safeguards are inadequate. It’s not enough for a penalty for a major data breach to be seen as the cost of doing business,” Dreyfus said.

“We need better laws to regulate how companies manage the huge amount of data they collect, and bigger penalties to incentivise better behaviour” he added.

Following the Optus data breach, the government earlier this month announced intentions to update consumer privacy laws to make it easier for targeted data exchange between banks and telecommunications companies.

Two Australian authorities started looking into Optus after the incident, and the corporation has come under fire for failing to stop the breach, one of the biggest in Australian history.

The government provides these 5 precautions to keep you safe online

Aryan Jakhar — Mon, 29 Aug 2022 09:32:21 +0000

The increasing frequency of cyber attack instances in India raises serious concerns about cyber safety. India had an average of roughly 200,000 threats each day in the first three months of 2022, according to US-based cyber security company Norton. Recently, the Indian government released some advice on how to keep safe online.

India’s Ministry of Home Affairs has posted five crucial guidelines for residents to remember when using the internet on Cyber Dost, their safety and cyber security awareness website. Here are some of these advice:

Never share personal information with unknown

Identity theft and other issues might arise from disclosing personal information to online strangers. People are urged not to post private information online, especially bank account information.

Maintain netiquette while online

Internet etiquette is referred to as netiquette. It includes instructions for sending emails, having online conversations, and other things. Netiquette’s goals are to prevent user dispute and to assist in creating a productive environment for online conversation.

Take care with what you share online

On the internet, it can be dangerous to share information like OTPs, bank card numbers, and addresses. It is usually advised to provide personal information via DMs to the verified social media accounts only, even if the company is handling your complaint.

Never accept friend request from unknown person on social media platform

Your risk of online dangers may increase if you accept friend requests from strangers. Scammers may fake your profile in order to get personal data and access online accounts.

Always keep your password strong and safe

A password that is optimal for security is 12 characters long. The combination should consist of letters, numbers, and symbols. Your personal information will be protected and kept out of the wrong hands if you use a strong password to access your online accounts.

Taiwan formulates plans to defend cyber attacks

Bhaswati Sengupta — Sat, 24 Jul 2021 08:09:04 +0000

As China creates military pressure on Taiwan, the self-governing island formulates plans for the next big frontier of warfare: crippling cyberattacks.

This month, Taiwan head of cybersecurity informed CNN Business that it is taking dramatic measures to guard against technological vulnerabilities by employing roughly two dozen computer experts to deliberately attack the government’s system and further help it to defend against what Taiwanese authorities estimate around 20 million to 40 million cyberattacks every month.

Taiwan has been capable to defend against the overwhelming majority of attacks. As per reports, successful breaches numbers in a hundred while only a handful are what the government classifies as ‘serious’.

According to Chien Hung Wei, head of Taiwan’s Department of Cybersecurity, the enormous number from where Taiwan thinks they are coming from has compelled the government to take issues seriously.

While referring to China, he told CNN Business, “Based on the attacker’s action and methodology, we have a rather high degree of confidence that many attacks originated from our neighbor.”

He explained, “The operation of our government highly relies on the internet.”

“Our critical infrastructure, such as gas, water, and electricity are highly digitized, so we can easily fall, victim, if our network security is not robust enough.”

Recently, cyberattacks are one of the increasing global threats. Beside china which is accused of orchestrating such attacks, Beijing is facing intense scrutiny from the west on the matter this week.

Earlier this week, the United States, the European Union, and other allies blamed China’s Ministry of State Security for deploying ‘criminal contract hackers’ to carry out malicious activities across the world involving a campaign against Microsoft’s Exchange email services in March.

The coordinated announcement has demonstrated Biden’s administrating priorities in defending cybersecurity, following serious vulnerabilities that had been reported in major American sectors like energy and food production.

Chien further asserted that Taiwan suspects that state-backed hackers were behind at least one major malware attack on the Island the previous year. Reportedly, in May 2020, CPC Corporation, a government-owned refiner in Taiwan was hacked and was further left unable to process electronic payments from customers. The Ministry of Justice Investigation Bureau accused a hacker group in connection to China of initiating the attack.

However, on the other hand, China has debunked claims that suggested launching cyberattacks against Taiwan and others. In a statement to CNN Business, the Ministry of Foreign Affairs notified the island’s accusations as ‘groundless and purely malicious.’ Furthermore, China’s Taiwan Affairs office criticized Taiwanese authorities for using cyberattacks to smear the mainland as a ‘habitual trick’ to deviate the public’s focus away from the Island’s recent COVID 19 outbreak.

China too denied claims by the west earlier this week on launching a massive global hacking campaign and termed it as ‘groundless’.

Zaho Lijian, spokesperson for China’s Ministry of Foreign Affairs commented, “We strongly urge the United States and its allies to stop pouring dirty water on China on cybersecurity issues.”

“China firmly opposes and cracks down on cyberattacks of any kind let alone encourages, support or indulges in them.”

Tensions with China

Since the conclusion of the Chinese Civil War, nearly 70 years ago Taiwan and Mainland China have been governed separately. The Chinese Communist Party has never ruled Taiwan. However, Beijing considers the island to be an inseparable part of its territory. It has repeatedly threatened to use its force if required to prevent the island from formally declaring independence.

In the recent past, China has increased its military pressure on its neighbor Taiwan. In the month of June, the country sent more than two dozen warplanes near the island, asking Taiwan to alert its air defenses. This incident is considered the largest number of warplanes sent to the zone since Taiwan started to maintain records of such incursions last year. Beijing too issued military propaganda warning Taipei to ‘prepare for war’ as it develops stronger ties with the United States.

Earlier this month, US-based cybersecurity company Recorded Future claimed that a Chinese state-sponsored group has been aiming at the Industrial Technology Research Institute which is a Taiwanese hi-tech research institution. On this issue, China’s Taiwan Affairs Office accused Taiwanese authorities of creating anti china hatred and increasing cross-strait conflicts.

Preparing for risks

As per reports, several countries are concentrating on the global threat of cyberattacks, which have recently crippled one of the largest fuel pipelines in the United States and collapsed major operations for meat suppliers JBS USA.

In April, the US Department of Justice announces 2020 as the ‘worst year ever’ for exhortation related to cyberattacks. According to records in the cybersecurity firm Check Point Software, the first half of the ongoing year witnessed nearly a 102 percent increased in ransomware attacks compared to the same time period of the last year.

Allen Own CEO of Taiwanese cybersecurity company Devcore mentioned that many countries including United States, China, Russia, and North Korea have assembled formidable ‘cyber armies’ to obtain intelligence or infiltrate another country’s infrastructure or defend against the attackers that might do the same to them. He stated that this emphasizes Taiwan’s need to boost its own capability. He narrates, “In Information security, many people say that World War III will happen over the Internet”

In 2016, the Executive Yuan, Taiwan’s highest administrative organ introduced the Department of cybersecurity to meet the security risks.

President Tsai Ing-Wen at that time announced cybersecurity as a matter of national security. She further disclosed the establishment of a new digital development ministry that will supervise the information and communication sector that will concentrate on protecting critical infrastructure.

Chien affirmed that self-governing island has been subjected to tens of millions of attacks monthly, a trend the government has recorded for at least the last few years. However, he mentioned that the country was capable to defend such attempts.

China refused to disclose any further details about the attacks, it only cited successful hacks that resulted in students’ data being stolen.

According to Tsai Sung-ting, CEO of Team T5 which is a cybersecurity solution provider, Even if a cyber intrusion is resolved such attacks can have long-term consequences on the grounds of information that attackers can gain access to.

He said, “We frequently observe that after they compromise an organization, the first thing is to steal the emails and the documents.”

“So even after you clean the infection this time, they may come back next month or a few months later. So I will say the threat is persistent.”, he added.

U.S. firm CEO says up to 1,500 businesses affected by ransomware attack

Vaibhav Agrawal — Tue, 06 Jul 2021 05:37:17 +0000

According to a report released by Reuters, due to a ransomware attack centered on the United States information technology firm Kaseya, around 800 to 1500 businesses across the world have been affected, as mentioned by its Chief Executive Officer on Monday.

It was difficult to estimate the precise impact of Friday’s attack because those who were hit were major customers of Kaseya’s customers, As mentioned by the Florida-based company’s CEO Fred Voccola in an interview.

The company typically handles the back-office work for those companies which are too small or modestly resourced for having their Tech departments are provided software tools by Kaseya.

Allowing the hackers to paralyze hundreds of businesses situated on all five continents, on Friday one of those tools was subverted. Small concerns like dentists’ offices or accountants were among the most of those who affected, while the disruption has been felt more keenly in Sweden where due to cash registers going inoperative, hundreds of supermarkets had to close along with New Zealand, where schools and kindergartens were knocked offline.

Although a willingness to temper the demands made by the hackers in private conversations with the cybersecurity expert and with Reuters has been indicated by the hackers who, to restore all the affected businesses data have demanded $70 million and claim the responsibility for the breach.

On Monday Reuters was told by a representative of the hackers that they are always ready to negotiate. Although the representative didn’t provide their name but spoke through a chat interface on the hacker’s website.