Newsletter

open source and cybersecurity news

November 29, 2023

It's 5:05, November 29, 2023. TIme for your cybersecurity and open source headlines

In this Episode:

Marcel Brown:  November 29th, 1972. Atari introduces their first product, Pong, which would become the world’s first commercially successful video game. Nolan Bushnell installed the game at Andy Capp’s Tavern in Sunnyvale, California on this day. There were 10,000 machines installed within four months.

Edwin Kwan: In 2023, Australians suffered over $400 million in losses due to scams. The actual figure is believed to be much higher considering under reporting. Australian banks have yielded to pressure from consumer groups and pledged to enhance efforts against scams by implementing technology to block transfers to suspicious accounts.

Katy Craig: Google’s latest cybersecurity forecast presents a concise yet comprehensive look at the emerging cyber landscape for 2024. This report from Google underlines the urgent need for advanced AI-integrated cybersecurity measures to combat these evolving threats and safeguard digital ecosystems in 2024 and beyond.

Hillary Coover: As more and more cocaine is sneaking into Europe, big ports like Rotterdam and Antwerp are facing cybercrime aiding smuggling operations. In a shocking expose, the intricate web of criminal infiltration into Europe’s major ports is revealed.

 

The Stories Behind the Cybersecurity Headlines

 

Edwin Kwan
Australian Banks Begin Blocking Transfers to Suspect Accounts

Edwin Kwan, Contributing Journalist, It's 5:05 PodcastIn a significant move, Australian banks have yielded to pressure from consumer groups and pledged to enhance efforts against scams by implementing technology to block transfers to suspicious accounts.

This is Edwin Kwan from Sydney, Australia.

Initially resisting such measures, the banks, prompted by calls from the ACCC and the Consumer Action Law Center, will now restrict transfers if the recipient’s name and the bank details do not match.

The decision follows a similar successful measure introduced in the UK in 2020, which resulted in a 35% reduction in misdirected payments in its first year. Australian consumer advocates applaud this move, emphasizing its potential to prevent millions of scams annually. They now call on the Australian government to follow the UK’s lead and mandate banks to reimburse scam victims.

In 2023, Australians suffered over $400 million in losses due to scams. The actual figure is believed to be much higher considering under reporting. The banks plan to launch a scam-safe accord, investing $100 million in a new ” confirmation of payee” system, which is expected to reduce scams by allowing customers to confirm the intended recipient.

This system, rolling out across the sector, will introduce more warnings and delays for new payments or increase limits. Currently, the onus is on the consumers to check the transactions in Australia to prevent identity fraud. Banks will enhance technology, implement controls, and introduce biometric checks for new account openings.

With 15.4 billion transactions worth $2.5 trillion dollars annually, the implementation of an industry-wide payee confirmation system is a significant undertaking, set to commence immediately and rollout between 2024 and 2025. While it’s hailed as a crucial reform, advocates call for mandatory codes and higher liability standards for scam losses to be the final piece of the regulatory puzzle.

Resources
– The Guardian: https://www.theguardian.com/australia-news/2023/nov/24/australian-banks-buckle-to-pressure-and-vow-to-block-transfers-to-suspect-accounts

 

Katy Craig
Google’s Cybersecurity Forecast: The Growing Influence of AI

Katy Craig, Contributing Journalist, It's 5:05 PodcastGoogle’s latest cybersecurity forecast presents a concise yet comprehensive look at the emerging cyber landscape for 2024, with a specific focus on the growing influence of artificial intelligence, AI, in both cyber threats and defenses.

This is Katy Craig in San Diego, California.

Let’s get right into the report’s insights.

1. AI-Enhanced Cyber Threats. The report warns of a significant rise in AI-powered cyber attacks. This includes more sophisticated phishing and social engineering attacks, using generative AI and large language models, making them highly personalized and difficult to detect. AI is also expected to fuel scalable disinformation campaigns, undermining public trust in digital information.

2. Geopolitical Cyber Dynamics. Major nation states like China, Russia, North Korea, and Iran are anticipated to escalate their cyber activities. This includes stealthy cyber espionage, financially motivated attacks, especially in cryptocurrencies, and disruptive operations targeting geopolitical rivals and the upcoming US presidential election.

3. Evolving Attack Methods. An uptick in the exploitation of zero-day vulnerabilities and a surge in hacktivism are on the horizon. Additionally, nation states are likely to incorporate wiper malware for strategic attacks, and there’s a growing concern over cloud and serverless services being targeted more frequently.

4. Supply Chain and Mobile Vulnerabilities. Supply chain attacks, particularly via software package managers and novel social engineering tactics targeting mobile devices, are highlighted as rising threats.

5. Cyber Defense Strategies. On the defense side, AI is set to play a pivotal role. It’s expected to significantly enhance threat detection, response capabilities, and analysis, aiding in managing large datasets in complex threat environments.

6. Cyber Insurance Market Trends. The report also touches on the evolving cyber insurance market, predicting changes in coverage and premium rates.

7. Security Operations Consolidation. There’s an anticipated trend towards more integrated risk and threat intelligence in security operations, aligning with the diverse and complex nature of modern network environments.

This report from Google underlines the urgent need for advanced AI-integrated cybersecurity measures to combat these evolving threats and safeguard digital ecosystems in 2024 and beyond.

This is Katy Craig. Stay safe out there.

Resources
– Google Cloud:  https://cloud.google.com/resources/security/cybersecurity-forecast

 

Hillary Coover
Hacker’s Haven: Cocaine Infiltration Unveiled in Europe’s Biggest Ports

Hillary Coover, Contributing Journalist, It's 5:05 Podcast

As more and more cocaine is sneaking into Europe, big ports like Rotterdam and Antwerp are facing cybercrime aiding smuggling operations. In a shocking expose, the intricate web of criminal infiltration into Europe’s major ports is revealed. This playbook underscores the alarming vulnerabilities within these critical points of entry and the transformative impact of digitization on the traditional smuggling methods.

Hi, this is Hillary Coover in Washington, DC.

Europe’s commercial ports, particularly Rotterdam and Antwerp, have become prime targets for cocaine trafficking, and a Dutch hacker, Davy de Valk, played a pivotal role in this trade. By breaching the IT systems of these ports, de Valk provided invaluable data to drug traffickers, recommending optimal shipping containers for hiding contraband and facilitating the smooth pickup of illegal goods on the receiving end.

de Valk’s services, outlined over the encrypted chat platform SkyECC, revealed a sophisticated operation. By monitoring shipping containers and exploiting weaknesses in their scanning histories, de Valk identified the best targets for concealing cocaine-laden containers. His collaboration with criminal elements, referred to as “MyLines,” showcased a criminal enterprise deeply embedded within seemingly legitimate shipping operations.

The critical element of de Valk’s strategy involved pin code fraud, enabling the impersonation of transport companies for smooth cargo pickups. de Valk’s endeavors continued with a focus on the Antwerp terminal, the second busiest in Europe.

de Valk orchestrated the infiltration of the terminal with the help of an office clerk- an insider. Through a meticulously planned USB hack, de Valk gained access to the terminal’s IT system, enabling him to manipulate container management programs and generate PIN numbers. The scope of his achievements, which included attempting to clone port staff ID badges, remained elusive as European police uncovered a broader pattern of PIN code fraud facilitating the trafficking of massive cocaine shipments.

This multifaceted saga exposes the underbelly of Europe’s major ports, transformed into conduits for the relentless influx of cocaine. As authorities grapple with the challenge of securing these critical entry points, the story of de Valk serves as a stark reminder of the evolving tactics employed by cybercriminals in an increasingly digital world.

Resources
– OCCRP: https://www.occrp.org/en/narcofiles-the-new-criminal-order/inside-job-how-a-hacker-helped-cocaine-traffickers-infiltrate-europes-biggest-ports

 

Marcel Brown
This Day, November 29, in Tech History

Marcel Brown, Contributing Journalist, It's 5:05 PodcastThis is Marcel Brown coming at you with some technology history for November 29th.

November 29th, 1972. Atari introduces their first product, Pong, which would become the world’s first commercially successful video game. The story goes that Atari’s founder, Nolan Bushnell, installed the game at Andy Capp’s Tavern in Sunnyvale, California on this day.

Soon they were called by the bar owner complaining that the game stopped working. On investigating the problem, they found that the game was jammed with quarters. At least that is the legend, but regardless, there were 10,000 machines installed within four months.

The popularity of Pong sparked the beginning of the video game industry, with Atari being the leader in both arcade and home video gaming through the early 1980s.

November 29, 1974. The January issue of Popular Electronics is published, featuring the MITS Altair 8800 microcomputer kit on its cover. The magazine would begin arriving on newsstands and to subscribers in the first part of December. The Altair 8800 itself would begin shipping on December 19th.

The visibility that the Altair received helped make it an extremely popular computer for its time, as MITS forecasted selling 800 computers over the course of one year, and ended up selling 5,000 units by August. As the magazine started reaching readers, MITS was flooded with inquiries and orders for the Altair, to the point where they had to hire more people just to answer their phones.

The success of the Altair helped popularize the concept of the microcomputer, which then inspired early technology innovators such as Steve Wozniak and Steve Jobs, who created the Apple I personal computer, as well as Microsoft founders Bill Gates and Paul Allen, who wrote software for the Altair and other early micro and personal computers.

The story behind the collaboration of MITS and Popular Electronics for this particular issue is interesting. The recently hired editor of the magazine wanted more computer projects to be featured, yet knew that existing microcomputer projects of the time were somewhat daunting for hobbyists to complete. They were looking for something that was a complete kit in a professional-looking enclosure.

Another editor knew that MITS was working on a project that could fit their need and collaborated with them to have that kit ready for the January issue publication. While the first prototype was ready in October and was shipped to Popular Electronics, it never reached them due to either a strike by the shipping company or simply being lost or stolen.

The story varies depending on the source. The article was actually written using pictures of an empty mockup of the Altair and a prototype circuit board layout that was different than the finished product. Additionally, MITS left the naming of the microcomputer kit to the magazine.

One of the editors claims that the inspiration for the name came from his 12-year-old daughter who suggested calling it Altair after the location where the Star Trek Enterprise would be traveling in that night’s episode. However, other sources claim it was a technical editor of the magazine who came up with Altair when it was suggested the computer be named after a star.

Whatever the truth is, the Altair 8800 was one of the most important computers in technology history, and we all owe a great deal to this particular magazine issue for publicizing it.

That’s your technology history for today. For more, tune in tomorrow and visit my website, ThisDayInTechHistory.com.

Resources
https://thisdayintechhistory.com/11/29

Contributors:

Comments:

Leave the first comment

Newsletter