Marcel Brown:  December 14th, 1902. The cable ship Silvertown begins laying the first Transpacific telegraph cable from San Francisco, destined for Honolulu, Hawaii. On January 1st, 1903, the connection between Hawaii and San Francisco was established.

Edwin Kwan: A research study based on data from January 2021 to April 2023 shows a rise in insider threats, with 55% relying on privilege escalation exploits and the remaining 45% introducing risk by downloading or misusing offensive tools.

Katy Craig:  In June 2023, cybersecurity incidents shook the digital landscape  as threat actors exploited a vulnerability in Adobe ColdFusion. The attackers executed a calculated malware deployment strategy. They exploited the Adobe ColdFusion vulnerability to introduce malware, including a remote access Trojan using HTTP POST commands.

Ian Garrett: AI has emerged at the forefront of cybersecurity megatrends for 2024. An overwhelming 93% of respondents anticipate Generative AI, like ChatGPT, impacting their business strategies within the next 5 years, with 89% already incorporating AI into their R&D efforts.

 

The Stories Behind the Cybersecurity Headlines

 

Edwin Kwan
Over 50% Insider Attacks Involve Privilege Elevation Exploits

Over 50% of insider attacks involve exploiting “elevation of privilege” flaws.

This is Edwin Kwan from Sydney, Australia.

A research study based on data from January 2021 to April 2023 shows a rise in insider threats, with 55% relying on privilege escalation exploits and the remaining 45% introducing risk by downloading or misusing offensive tools.

Rogue insiders typically turn against their employer when they have been given financial incentive to do so. It could also be out of spite or due to differences with their managers. The average cost of such incidents is around $648,000 for malicious incidents and $485,000 for non-malicious incidents. It is also found that nearly half of insider incidents were unintentional mishaps, such as exploit testing getting out of control, executing offensive security tools without appropriate protection measures, and downloading of unvetted code.

Recommended approaches for managing insider threats include timely vulnerability patching, user behavior analysis to detect insider threat activity, and security awareness training.

Resources
– CrowdStrike: https://www.crowdstrike.com/blog/how-malicious-insiders-use-known-vulnerabilities-against-organizations/
– Bleeping Computer: https://www.bleepingcomputer.com/news/security/privilege-elevation-exploits-used-in-over-50-percent-of-insider-attacks/

 

Katy Craig
Malware Deployment Strategy against Adobe ColdFusion

In June 2023, cybersecurity incidents shook the digital landscape as threat actors exploited a vulnerability in Adobe ColdFusion. These incidents targeted government systems utilizing a flaw in outdated versions of Adobe ColdFusion. Microsoft Defender for Endpoint raised the alarm, detecting the exploitation on public-facing web servers.

This is Katy Craig in San Diego, California.

The attackers executed a calculated malware deployment strategy. They exploited the Adobe ColdFusion vulnerability to introduce malware, including a remote access Trojan using HTTP POST commands. This approach allowed them to infiltrate the systems stealthily.

Detailed analysis of these incidents suggests the primary objective was reconnaissance. The attackers aimed to map out the agency networks, searching for further vulnerabilities or valuable data. However, there was no conclusive evidence of data exfiltration or lateral movement within the network.

The attacks had specific characteristics. In the first incident, threat actors accessed a system through an IP address tied to a public cloud service provider, necessitating careful scrutiny. The second incident saw attackers exploiting another IP address, from which they performed extensive domain and user account reconnaissance.

The sophistication of these attacks serves as a stark reminder the ongoing threat posed by cybercriminals and the importance of proactive defense strategies.

This is Katy Craig. Stay safe out there.

Resources
– CISA: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a

 

Ian Garrett
Where Will Cyber Leaders Focus on AI in 2024

If I told you that Artificial Intelligence, or AI, in cybersecurity will be one of the hot topics for 2024, you probably aren’t going to be surprised. Be prepared to not be surprised, because AI has emerged at the forefront of cybersecurity megatrends for 2024, according to the Security Industry Association study, which surveyed business leaders in the security industry. Let’s dig into AI’s deepening penetration in the enterprise security landscape.

Hey folks, this is Ian Garrett in Arlington, Virginia.

An overwhelming 93% of respondents anticipate generative AI, like ChatGPT, impacting their business strategies within the next 5 years, with 89% already incorporating AI into their R&D efforts.

AI’s multifaceted impact is evident in various areas of cybersecurity. Top on this list is AI security, emphasizing the need to protect data and intellectual property as AI becomes integral to businesses of all sizes. Pankit Desai, CEO at Sequretek, notes the efficiency and subtlety of AI-based attacks, making them challenging to detect.

Three significant concerns associated with AI security include trust in AI, its ethical application, and the cybersecurity of AI systems themselves. The adoption of AI-infused digital cameras is transforming video surveillance into video intelligence, providing more profound insights and analysis.

Generative AI is another key trend identified by the study. With its applications expected to revolutionize content creation and solve operational challenges in security systems. However, with its rising popularity and accessibility, there’s a growing need for regulatory frameworks to ensure ethical and responsible AI use. As Kumar Ritesh, CEO at Cyfirma, points out, factors like transparency, fairness, and privacy are crucial in building these regulations.

AI regulation is expected to catch up soon, with several countries looking to introduce their own AI guidelines. This regulatory aspect ranks fourth in the SIA study, acknowledging potential limitations in AI datasets.

As AI continues to shape the cybersecurity landscape, organizations must navigate these emerging trends with a focus on ethical application, robust security, and regulatory compliance.

Resources
– CSO Online: https://www.csoonline.com/article/1258559/ai-dominates-cybersecurity-megatrends-for-2024-report.html

 

Marcel Brown
This Day, December 14, in Tech History

This is Marcel Brown serving you up some technology history for December 14th.

December 14th, 1902. The cable ship Silvertown begins laying the first Transpacific telegraph cable from San Francisco, destined for Honolulu, Hawaii. After laying 2,238 nautical miles of cable, the Silvertown will land in Honolulu on December 26th. On January 1st, 1903, the connection between Hawaii and San Francisco was established. Public messages will begin transmitting on January 5th.

December 14th, 1972. Apollo 17 astronauts Eugene Cernan and Harrison Schmitt leave the surface of the moon for their return flight to Earth, becoming the last two astronauts on the surface of the moon to this date. While originally further trips to the moon had been planned, due to the enormous expense of going to the moon, they were cancelled. Originally estimated to cost $7 billion, the total cost ended up being closer to $20 billion. Cernan and Schmidt left a small commemorative plaque, upon which was written, “Here, man completed his first explorations of the moon, December 1972.” At the time of this recording, NASA has planned the Artemis II mission to return humans to the moon, scheduled to launch somewhere after the end of 2024.

That’s your technology history for today. For more, tune in tomorrow and visit my website, ThisDayInTechHistory.com.

Resources
– This Day in Tech History: https://thisdayintechhistory.com/12/14