Marcel Brown:  October 29, 1969. UCLA student Charley Kline attempts to transmit the text, “login”, to a computer at the Stanford Research Institute. After the letters L and O are sent, the system crashes, making the first message ever sent on the internet “lo”.

Edwin Kwan: Since the Israel-Hamas war, there’s been numerous crypto donation scam sites appearing online. Scammers have been capitalizing on the horrific events of the Israel-Hamas conflict by pretending to be legitimate charities and collecting donations.

Hillary Coover: LinkedIn is currently testing the use of generative AI to address cybersecurity queries from its employees and external suppliers. Response times with the chatbot averaged just five seconds compared to the approximately 15 minutes that it took when handled by a human.

Mark Miller: News continues to trickle out about the Akira Ransomware Group breach of the Stanford University Department of Public Safety. This morning, Bitdefender reported that the University is being pressured to pay a ransom of an undisclosed amount in order to stop the leak of 430 gigabytes of private information and confidential documents.

 

The Stories Behind the Cybersecurity Headlines

 

Edwin Kwan
Israel-Hamas War Crypto Donation Scams

Since the Israel-Hamas war, there’s been numerous crypto donation scam sites appearing online.

This is Edwin Kwan from Sydney, Australia.

Scammers have been capitalizing on the horrific events of the Israel-Hamas conflict by pretending to be legitimate charities and collecting donations. The website has been impersonating legitimate charities by copying their website. The scammers have been promoting their scam sites on different social media accounts including X, Telegram, and Instagram. Security researchers have also spotted over 500 scam emails claiming to be charities fundraising to support victims of the ongoing Middle Eastern crisis. The scam websites accept donations by credit card or via cryptocurrency and accept crypto payments in Ethereum, Bitcoin, or USDT.

Fortunately, security researchers have not observed any donations made to the cryptocurrency wallets. Viewers are urged to scrutinize the donation pages thoroughly before donating. Scam charities often lack essential information about their charity organizers, information about recipients, legitimate documentation, and transparency on the usage of the funds.

Resources

– Bleeping Computer:
https://www.bleepingcomputer.com/news/security/palestine-crypto-donation-scams-emerge-amid-israel-hamas-war/

– Dark Reading:
https://www.darkreading.com/dr-global/israeli-hamas-conflict-spells-opportunity-for-online-scammers

 

Mark Miller
Stanford University Breached by Akira Ransomware Group

News continues to trickle out about the Akira Ransomware Group breach of the Stanford University Department of Public Safety. This morning, Bitdefender reported that the University is being pressured to pay a ransom of an undisclosed amount in order to stop the leak of 430 gigabytes of private information and confidential documents.

This is Mark Miller calling in from White Rock, New Mexico.

The Stanford Daily was the first to report on the incident last Wednesday. In an October 28 update, the Daily displays a screenshot of what Akira is describing as the types of assets they were able to access. According to the Daily Post, the hack was limited to police systems, but did not impact emergency responses.

This is the third breach of Stanford’s systems. The adversary focus on high institutions such as Stanford can be attributed to the types of data available on those systems, including contact information for high profile people who have attended the University. The threat of exposure of this type of information is high leverage for a ransomware group.

The University has not put out specifics on the amount of ransom being asked, nor of the details accessed by the breach. For links to the articles and resources mentioned in this update, go to 505updates.com where they are available at the bottom of this segment’s transcription.

Resources
– Stanford Daily: https://stanforddaily.com/2023/10/26/stanford-public-safety-department-hacked-networks-temporarily-down/
– Stanford Daily: https://stanforddaily.com/2023/10/28/ransomware-group-threatens-to-leak-stanford-police-data/
– Daily Post: https://padailypost.com/2023/10/28/stanford-says-its-police-computers-have-been-secured-after-hacking-attack-outside-specialists-brought-in/
– Akira Note: https://stanforddaily.com/wp-content/uploads/2023/10/akira.png?w=800
– Bitdefender: https://www.bitdefender.com/blog/hotforsecurity/stanford-university-pressured-to-pay-ransom-so-hackers-dont-leak-sensitive-data-stolen-in-recent-attack/
– StanfordReport: https://news.stanford.edu/report/2023/10/27/stanford-statement-department-public-safety-cybersecurity-incident/

 

Hillary Coover
Linkedin Chatbot

How is your security team leveraging generative AI today? LinkedIn is testing some really interesting applications of generative AI that security and operations teams should absolutely consider.

Hi, this is Hilary Coover in Washington, DC.

LinkedIn is currently testing the use of generative AI to address cybersecurity queries from its employees and external suppliers. The company’s security team spent about four months developing a chatbot using OpenAI’s large language models. Response times with the chatbot averaged just five seconds compared to the approximately 15 minutes that it took when handled by a human. Early tests indicated that responses hovered around 90 percent accuracy.

LinkedIn’s chatbot enhances the understanding of corporate security policies among employees, which prevents them from skipping security measures because they’re getting answers to their questions almost immediately. The company intends to track human involvement in interactions when the final chatbot version is deployed and LinkedIn employs around a dozen cybersecurity efforts who oversee internal policies and their implementation, so this chatbot is going to serve as a force multiplier for those cybersecurity experts.

While generative AI can ease employees workloads and tackle repetitive tasks, vigilance is still crucial to prevent incorrect or inappropriate responses.

Resources

– Wall Street Journal:
https://www.wsj.com/articles/linkedin-tests-generative-ai-to-field-cybersecurity-questions-from-employees-and-suppliers-d61d35a6?mod=tech_feat1_ai_pos1

 

Marcel Brown
This Day, October 16, in Tech History

This is Mark Miller standing in for Marcel Brown on October 30th for This Day in Tech History.

October 29, 1969. UCLA student Charley Kline attempts to transmit the text, “login”, to a computer at the Stanford Research Institute over the first link on the ARPANET, which was the precursor to the modern internet.

After the letters L and O are sent, the system crashes, making the first message ever sent on the internet “lo”.

About an hour later, after recovering from the crash, the full text of LOGIN is successfully sent.

October 30th, 1938. Orson Welles broadcasts his radio adaptation of War of the Worlds, which reportedly caused panic among listeners who believed the theatrical presentation was a real news broadcast.

Regardless of the actual levels of panic caused, The War of the Worlds is one of the most famous radio broadcasts in history.

And that’s it for ThisDayInTechHistory.Com Join us tomorrow.

Resources
– https://thisdayintechhistory.com/10/29
– https://thisdayintechhistory.com/10/30