Day: November 2, 2023

Prashanth GJ, CEO, TechnoBind Solutions In today’s era of technological advancements, artificial intelligence (AI) has emerged as a game-changer for businesses across various industries. One of the most promising and rapidly evolving branches of AI is generative AI. This innovative technology enables machines to create and generate new content, whether it’s images, music, text, or even entire virtual worlds. These AI models, fueled by deep learning techniques like Generative Adversarial Networks (GANs) and Transformers, have the potential to revolutionize various industries, from entertainment and design to healthcare and robotics. The potential benefits of generative AI for businesses are vast, ranging from enhancing creativity and innovation to streamlining operations and customer engagement. One-third of annual McKinsey Global survey respondents say that they are using Gen AI tools in at least one business function. 40% of respondents say their organizations will increase their investment in AI overall because of advances in gen AI. The most commonly reported business functions using these newer tools are the same as those in which AI use is most common overall – marketing and sales, product and service development, and service operations such as customer care and back-office support. While generative AI has enormous potential to be utilized by organizations, this has also opened the floodgate of cyber threats and breaches against its users. 21% of the annual McKinsey Global survey respondents say their organizations have established policies governing employees’ use of gen AI technologies in their work. A recent report by cybersecurity firm Group-IB revealed that over 100,000 ChatGPT accounts have been compromised and their data is being illicitly traded on the dark web, with India alone accounting for 12,632 stolen credentials. Many companies have forbidden their employees from using any generative AI-powered bots. However, the percentage of Gen AI users worrying about AI’s cybersecurity concerns has reduced from last year’s 51% to 38% says McKinsey Global survey. It is the unknown that has made users skeptical about readily utilizing generative AI Research by PA Consulting found that 69% of individuals are afraid of AI and 72% say they don’t know enough about AI to trust it. According to a survey among 200 enterprise security officials, a staggering 91% of companies reported experiencing API-related security issues in the past year. As organizations are looking forward to leveraging LLP APIs, their lack of trust and knowledge about generative AI and news about security breaches pose a challenge in readily adopting it. The open-source code in generative AI is considered a double-edged sword by many. While cost-effectiveness, transparency and easy availability are a plus, open-source code also leaves users vulnerable to attacks. OpenAI’s ethical policy prevents LLMs from aiding the threat actors with malicious information. However, the threat actors can bypass these restrictions using various malicious techniques, such as – jailbreaking, reverse psychology, prompt injection attacks and ChatGPT-4 model escaping. Apart from API and open-source threats, generative AI leaves room to create various other threats: Deepfake Threats: One of the most prominent concerns stemming from generative AI is the rise of deepfake technology. Deepfakes utilize generative AI to manipulate and fabricate realistic videos or images that convincingly mimic real people or events. This can have severe consequences such as political disinformation, impersonation, and reputational damage. Phishing Attacks: Cybercriminals can exploit generative AI to enhance the sophistication of phishing attacks. By generating hyper-realistic emails, websites, or user interfaces, hackers can deceive individuals into revealing sensitive information or unknowingly downloading malware. Malware Generation: Generative AI can be used to develop novel strains of malware that are harder to detect and eradicate. By continuously evolving their code and behavior, AI-powered malware can evade traditional security measures, potentially causing significant damage to computer networks and systems. Polymorphic malware is one such example of malicious software that continuously modifies its code to evade antivirus detection. Automated Social Engineering: Generative AI can be leveraged to automate social engineering attacks, such as personalized spear-phishing campaigns. By analyzing vast amounts of data, AI can craft persuasive messages that target specific individuals or groups, increasing the chances of success for cybercriminals. Challenges in combating and mitigating these threats Effective defense against generative AI threats requires access to vast amounts of training data to understand and detect malicious patterns. However, obtaining labelled data that covers the diverse landscape of potential attacks can be challenging due to privacy concerns and legal limitations. Cybersecurity professionals face a continuous battle to keep up with the evolving sophistication of generative AI. As AI techniques progress, adversaries can quickly adapt and develop new attack vectors, necessitating constant vigilance and proactive measures to mitigate emerging threats. Generative AI models are often regarded as black boxes, making it difficult to ascertain their decision-making process. When malicious content is generated, attributing responsibility to the perpetrators becomes challenging. This hampers effective countermeasures and legal actions. As organizations strive to combat generative AI threats, they must navigate the delicate balance between security measures and privacy concerns. Mitigation efforts should avoid unnecessary invasions of privacy while still protecting individuals and organizations from potential harm. These challenges can be mitigated using advanced detection techniques, collaboration between researchers, industry experts, and policymakers and a robust legal framework. Ethical consideration along with bias and fairness are the foundation of building and utilizing generative AI. Organizations currently seem to be mostly preoccupied with the cost-benefits and the strong support a generative AI provides. There is always a threat looming around the adoption of technologies that haven’t been tried and tested for loopholes. While some may argue that generative AI is an advantageous tool in combating cyber threats, the lack of knowledge about the tool and its possible misuse by threat actors should be a bigger concern. Generative AI holds immense potential to revolutionize various industries and foster innovation. However, the challenges it presents such as ethical concerns, bias, misuse, transparency, and human-AI collaboration, cannot be overlooked. As generative AI continues to advance, it is imperative for researchers, developers, policymakers, and society at large to work collaboratively to address these challenges, ensuring responsible…

Joanne Weng Director of the International Business Department, Synology In the ever-evolving digital landscape, businesses face increasing challenges in ensuring the safety and continuity of their data. A string of disruptions experienced by major corporations has only heightened the need for robust backup and recovery mechanisms. At the heart of modern businesses lies data, and its security and risk management play a pivotal role in ensuring business continuity. However, while the importance of backups and disaster recovery plans is universally acknowledged, executing them can become prohibitively expensive. This financial challenge underscores the necessity of prioritization and the ability to architect a lean yet resilient IT infrastructure. A clear checklist is required While the causes, impacts, and solutions of data-related incidents may vary, the overarching principles remain consistent. Your organization likely already has some backups to counter ransomware or equipment failure. So answer this – What recovery point objectives (RPOs) and recovery time objectives (RTO) can you achieve with your current backup plan if your production servers or cloud instances suddenly vanish? Put another way, how much money will that downtime cost the business if you need to perform a complete disaster recovery process? If that makes you feel uneasy, and you’re in a position that should know this, it might be time to review your backup and disaster recovery (DR) plans. Starting with the fundamentals, businesses need to map out and identify which systems are responsible for which real-world ‘work.’ While some companies may use siloed infrastructure per department, there are likely countless dependencies that need to be mapped out. For example, it’s obvious that a directory server disruption will knock out authenticating with any services or endpoint (which is huge but expected), but what about your internal ERP system? If you don’t already have a map of your IT infrastructure, get it done. Ensure that system dependencies are clearly documented and well understood. Next, list the primary real-world processes based on your business (e.g., product manufacturing, e-commerce, logistics) and most importantly, stack-rank them based on their financial impact if disruptions happen. Each business will have vastly different requirements based on its structure and technology stack. However, there will always be a cost that can be associated with downtime. This process needs to be routinely reviewed and kept up to date. Building solid foundations Building a dependable and resilient IT infrastructure isn’t easy, but it’s also not difficult once we break it down into multiple components. High availability (HA) for production environments: In the event of a server failure, the HA system should automatically take over, minimizing downtime. For companies that self-host their systems, this is usually done through HA hypervisor clusters paired with similarly HA-clustered storage systems. Cloud deployments can likewise leverage load balancers and self-monitoring tools to ensure services remain online. On-site and off-site backups: Regular backup schedules for critical operational tools like file servers, DBs, ERP systems, core service virtual machines, and offline servers should be documented. Depending on the importance of the operational service, appropriate Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) need to be carefully defined. An out-of-date database backup is better than nothing but will still cause a significant headache. Finally, off-site backups and disaster recovery (DR) capacity shouldn’t be an afterthought. To keep costs in check, retention policies and the scale of the DR equipment or cloud instances can be lowered. Restoring shouldn’t be stressful In the unfortunate event of a disruption, a three-tier restoration process can ensure business continuity: Automatic failover: HA clusters should be designed to automatically failover, ensuring that there’s no manual intervention required during critical moments. This should be enough to take care of simple equipment failures. Restore from snapshots or failover to backup systems: Local snapshots and similar technology allow servers to quickly roll back an unintended change extremely quickly. If the problem persists or the problem stems from a larger issue (e.g., the entire cluster is down), full restores or failovers to another system should be considered. Restore from remote backups or failover to the DR site: In case of major disruptions like natural disasters, remote backup solutions come into play. Businesses can restore from these backups or, if necessary, failover to a DR site to resume operations. Stay ahead of the curve Effective monitoring is the backbone of a resilient infrastructure. The approach should focus on: Filtering out the noise: Monitoring solutions need to ensure that only critical notifications are sent out, preventing information overload and ensuring that the right people are alerted promptly when critical events inevitably happen. Acting quickly and decisively: Time is of the essence during disruptions. IT, DevOps, SIRT, and even PR teams need to be well coordinated for various types of events. From security breaches to data center fires or even just mundane equipment failures, anything that might result in customer or operation disruptions will involve cross-team communications and collaboration. The only way to get better at handling these is to have documentation on what should be done, a clear chain of command, and practice drills. In conclusion, a comprehensive backup and recovery strategy is essential for businesses aiming for uninterrupted operations. While there are many solutions available in the market, it’s crucial to find one that aligns with your business needs. Over the years, companies like Synology have demonstrated expertise in storage and data protection, with numerous success stories that attest to their capabilities. *Views expressed in the article are solely of the Author  

Sergio Bertoni, The Leading Analyst at SearchInform Social engineering techniques are as old as the hills, because human beings’ weaknesses are everlasting. The term social engineering is relatively new, it was adopted in the digital era. Even though the mass media regularly report about some new method of fraud being discovered, basically these methods are just new variations on old tricks. However, they don’t become less efficient as time goes by. In this article we will find out why Let’s start with refreshing of some basics. Social engineering is the set of techniques and methods which make a person act in favor of a fraudster – expose information, follow links, transfer money etc. There are numerous variations existing, however, all of them are based on some specific methods, such as: Perceptual errors (phishing, Quid pro quo method). Curiosity (Trojan horse, road apple). Self-interest (reverse social engineering) and others. You can easily obtain data on all of these methods, they’re precisely described in specialized publications, in scientific articles and in Wikipedia as well. I would like to discuss another question – why, despite the fact that social engineering techniques are precisely examined and well known, do people still fall victim to attackers so easily? Glad to be deceived The first reason why social engineering techniques’ are so successful is that there are always some people who easily fall victims to any kind of fraudster. Sometimes, when looking through a spam letter you may ask yourself, who can believe in what the authors write? Nevertheless, it works. For instance, there is the popular Nigerian prince scam. Fraudsters deliberately target users who believe in most impossible things and don’t try to find out, whether some fact is true or not. Among millions of users there are always some people who believe in such scam and respond to the messages. Greed and curiosity makes people take the bait. The right people in right place and at right time Even if a person is skeptical, this does not mean that his/ her chances to fall intruders’ victim are significantly lower. For instance, due to lack of time a person may not recheck some data. What’s more, inattentiveness, lack of competencies in information security related issues, neglect of information, fear and, of course, combination of all these factors often lead to negative outcomes. There was once a case that was quite illustrative: the experts from antivirus company Eset described an attack that focused on MasterCard users around the world. The fraudsters sent e-mails containing notifications about updates and warned that the new security system had been implemented and that there was a chance that accounts would be deactivated. The fraudsters suggested users to follow the link and fill out some forms, so users were forced to share their personal data, login, password and other important data. To trick the user, the attackers even imitated the verification process on a fake website. Even though the email address did not correspond to any official Mastercard email address, the browser considered the opened pages as safe because the attackers used the SSL certificate. That’s how intruders managed to obtain required data, which enabled them to gain access to victims’ accounts and steal their money. One of the most successful and dangerous type of social engineering attacks, targeting companies is the so-called BEC-attacks, compromise of corporate email. According to the Internet Crime Report 2021 by FBI, BEC/ AEC attacks resulted in $2,395,953,296 losses. Thus, BEC attacks turn out to be one of the most efficient malicious technique. And it should be also noticed, that there is a step change taking place in the amount of attacks. Even largest companies such as Facebook and Google become victims of cyber attacks. For instance, there was a case when they were billed by a fake counterparty. Accountants didn’t recognize the trait as the name of the fake counterparty remained the name of the real one. It’s impossible not to be deceived As it can be seen, even if a person is very skeptical, it’s very difficult for him/ her to recognize some types of attacks, as they are prepared extremely precise – sites are forged qualitatively, security certificate are used etc. It’s crucial to remember about arising deep-fake related risks (deepfakes are convincing images, audios and videos generated by AI forgery of audio or video. Currently, there is plenty of cases of successful deepfakes usage reported globally. I’ll share details on a few of them. For instance, such an incident happened with a Japanese woman who transferred about $30.000 to a fraudster. The victim of social engineering thought that she corresponded with an ‘astronaut.’ The intruder promised to come to Japan and marry the woman. The so-called astronaut told that he needed money to return to Earth. That’s why he asked the gullible lady to cover his expenses for returning home, including the rocket flight. Another case happened when fraudster impersonated Mark Ruffalo, tricked a Japanese artist and managed to illicitly gain $500.000. A veteran manga artist Chikae Ide told that once a user, who impersonated the famous Hollywood actor, well-known for his role of Hulk, added her to friends on social networks. As a result, they had been in contact for a few years. During this time the artist even had videocalls with ‘Mark.’ However, it turned out that the fraudster used deepfake technologies to enhance the credibility. What’s more, the Japanese artist and fake Hollywood artist nearly got ‘unofficially married.’ Then, the intruder made the woman transfer large sums to him. The artist had to go into debt to financially help the impersonator. All in all, the woman transferred $500.000 to the intruder. Sometimes, intruders complement social engineering techniques with deepfake technologies. There was a case when a Lloyds Bank customer managed to access his account using AI. The user was able to trick the voice ID to log into the account by generating his voice. At the same time, technologies become a norm and some companies yet offer their…