Cyber security predictions for 2024

The year 2023 saw heightened cybersecurity activity, with both security professionals and adversaries engaged in a constant cat-and-mouse game. Here are some cybersecurity predictions for 2024 to help security professionals. It is crucial to anticipate the key themes likely to dominate the cybersecurity space in 2024.

Cybersecurity is an ever-evolving process that can never be ‘complete’ in the exact sense. The cybersecurity field evolves constantly as technology advances, global events create uncertainty, and threat actors refine and improve their malicious tactics. It is expected that 2024 again emphasizes the critical need to strike a balance between cybersecurity and cyber resilience. Safeguarding mission-critical assets and developing the capacity to anticipate, withstand, recover from, and adapt to cyberattacks remain central to organizational cybersecurity strategies. While preparedness remains one of the most important facets of effective organizational cybersecurity, it can be difficult to plan for the year ahead with so many unknowns.

Five Cybersecurity Predictions for 2024
https://www.securityweek.com/five-cybersecurity-predictions-for-2024/
A Never-Ending Story: Compromised Credentials
Ransomware Attacks Continue to Wreak Havoc
Global Conflicts and Elections Lead to a Rise in Hacktivism
White House Cybersecurity Strategy Triggers Revival of Vulnerability Management
The Emergence of Next-Gen Security Awareness Programs

10 Global Cybersecurity Predictions for 2024
https://www.fticonsulting.com/insights/articles/10-global-cybersecurity-predictions-2024
Election Security Making Headlines
A Two-Sided Approach to Artificial Intelligence
Widespread Adoption of Zero-Trust Architecture
Cities Integrating IoT into Critical Infrastructure
Increasing Cybersecurity Supply Chain Risks
Third Party Scrutiny Taking Priority for Compliance Officers
The Start of Significant Fines From Australian Regulators
Corporate Responsibility Shifting to Individuals
Organizational Transparency Surrounding Cybersecurity
Emergence of Incentivized Cybersecurity

Experts Talk: Predicting the Cybersecurity Landscape in 2024
Spiceworks News & Insights brings you expert insights on what to expect in cybersecurity in 2024.
https://www.spiceworks.com/it-security/security-general/articles/cybersecurity-predictions-2024/
By investing in AI governance tools and developing complimentary guardrails, companies can avoid what may end up being the biggest misconception in 2024: the assumption that you can control the adoption of AI.
“In 2024, we can expect a surge in malicious AI-generated content.”
“Organizations’ inability to identify the lineage of AI will lead to an increase in software supply chain attacks in 2024,”
The integration of AI into the development process, particularly in the CI/CD pipeline, is crucial.
“Cyberattacks overall are expected to increase; ransomware groups are targeting vendors, government agencies, and critical infrastructure in the United States.”
How can AI help threat actors: “With the assistance of AI, particularly generative AI (GenAI) technology, attackers will be able to refine their techniques, increasing their speed and effectiveness. GenAI will allow criminal cyber groups to quickly fabricate convincing phishing emails and messages to gain initial access into an organization.”
“If cyber leaders want to take on this responsibility (and burden), they will have to be reasonably informed of cyber risks faced by the organization and able to communicate those risks to investors,”
“Third-party risk management is no longer an experiment; it’s an expectation,”
“We will see breaches related to Kubernetes in high-profile companies,”

API Security Trends and Projections for 2024
https://www.spiceworks.com/it-security/application-security/guest-article/api-security-trends-and-projections/
1. The pervasiveness of API vulnerabilities – These vulnerabilities in AAA, if exploited, can lead to major security breaches.
2. Limitations of standard frameworks – While foundational, traditional frameworks like the OWASP API Security Top-10 have limitations in addressing the dynamic nature of API threats.
3. Leak protection – The report highlighted the critical need for enhanced API leak protection, especially considering significant breaches at companies like Netflix and VMware.
4. Rising threats and strategic recommendations – The Wallarm report identified injections as the most pressing API threat, underscoring their likelihood of significant damage.

Gartner’s 8 Cybersecurity Predictions for 2023-2025
https://krontech.com/gartners-8-cybersecurity-predictions-for-2023-2025
By 2025, 60% of organizations will use cybersecurity risk as the primary determinant in conducting third-party transactions and business relationships. Investors, especially venture capitalists, use cybersecurity risk as an important factor in evaluating opportunities.
1. By the end of 2023, modern data privacy laws will cover the personal information of 75% of the world’s population.
2. By 2024, organizations that adopt a cybersecurity network architecture will be able to reduce the financial costs of security incidents by an average of 90%.
3. By 2024, 30% of enterprises will deploy cloud-based Secure Web Gateway (SWG), Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA), and Firewall as a Service (FWaaS), sourced from the same vendor.
4. By 2025, 60% of organizations will use cybersecurity risk as the primary determinant in conducting third-party transactions and business relationships.
5. The percentage of states that enact laws regulating ransomware payments, fines and negotiations will increase from less than 1% in 2021 to 30% by the end of 2025.
6. By 2025, 40% of boards will have a dedicated cybersecurity committee overseen by a qualified board member.
7. By 2025, 70% of CEOs will build a culture of corporate resilience to protect themselves from threats from cybercrime, severe weather events, social events, and political instability.
8. By 2025, cyber-attackers will be able to use operational technology environments as weapons successfully enough to cause human casualties.

Top 10 Cyber Security Trends And Predictions For 2024
https://www.splashtop.com/blog/cybersecurity-trends-and-predictions-2024
Trend 1: Increased Focus on AI and Machine Learning in Cybersecurity
Trend 2: Growing Importance of IoT Security
Trend 3: Expansion of Remote Work and Cybersecurity Implications
Trend 4: The Rise of Quantum Computing and Its Impact on Cybersecurity
Trend 5: Evolution of Phishing Attacks
Trend 6: Enhanced Focus on Mobile Security
Trend 7: Zero Trust Security
Trend 8: Cybersecurity Skills Gap and Education
Trend 9: Blockchain and Cybersecurity
Trend 10: Cybersecurity Insurance Becoming Mainstream

6 Predictions About Cybersecurity Challenges In 2024
https://www.forbes.com/sites/edwardsegal/2023/12/09/6-predictions-about-cybersecurity-challenges-in-2024/?sh=172726819433
‘Uptick in Disruptive Hacktivism’
Election Interference
More Targeted Attacks
Fooling Users
Leveraging AI Tools
‘New Avenues For Cybercrime’

5 cybersecurity predictions for 2024
https://www.fastcompany.com/90997838/5-cybersecurity-predictions-for-2024
1. Advanced phishing
2. AI-powered scams
3. Increase in supply chain attacks
4. Deployment of malicious browser extensions
5. Changing demographics brings more threats

Top cybersecurity predictions of 2024
https://www.securitymagazine.com/articles/100271-top-cybersecurity-predictions-of-2024
Adoption of passwordless authentication
Multi-Factor Authentication (MFA) will become a standard requirement for most online services and applications. Traditional methods like SMS-based MFA will decline in favor of more secure options, such as time-based one-time passwords (TOTP) generated by authenticator apps.
Both enterprises and consumers are increasingly adopting passwordless solutions across various sectors. Transitioning to a passwordless mindset may appear unconventional, as it requires users to change their habits. However, the enhanced security and the seamless experience it offers reduce the learning curve, making the transition more user-friendly.
Cybersecurity will be a higher priority for law firms
For nearly any law firm, part of the ‘big picture’ approach to cybersecurity includes an ability to scale detection and response capabilities.
Artificial intelligence and large language models
Phishing and BEC attacks are becoming more sophisticated because attackers are using personal information pulled from the Dark Web (stolen financial information, social security numbers, addresses, etc.), LinkedIn and other internet sources to create targeted personal profiles that are highly detailed and convincing. They also use trusted services such as Outlook.com or Gmail for greater credibility and legitimacy.
We should also expect the rise of 3D attacks, meaning not just text but also voice and video. This will be the new frontier of phishing. We are already seeing highly realistic deep fakes or video impersonations of celebrities and executive leadership.
I expect to see a major breach of an AI company’s training data exposing the dark side of large language models (LLM) and the personal data they hold that were scraped from open sources.
One of the big trends we expect to see in 2024 is a surge in use of generative AI to make phishing lures much harder to detect, leading to more endpoint compromise. Attackers will be able to automate the drafting of emails in minority languages, scrape information from public sites — such as LinkedIn — to pull information on targets and create highly-personalized social engineering attacks en masse.
Simultaneously, we will see a rise in ‘AI PC’s’, which will revolutionize how people interact with their endpoint devices. With advanced compute power, AI PCs will enable the use of “local Large Language Models (LLMs)”
With the increase in regulatory and security requirements, GRC data volumes continue to grow at what will eventually be an unmanageable rate. Because of this, AI and ML will increasingly be used to identify real-time trends, automate compliance processes, and predict risks.
Prioritize training
Insider threats are a leading problem for IT/security teams — many attacks stem from internal stakeholders stealing and/or exploiting sensitive data, which succeed because they use accepted services to do so. In 2024, IT leaders will need to help teams understand their responsibilities and how they can prevent credential and data exploitation.
On the developer side, management will need to assess their identity management strategies to secure credentials from theft, either from a code repository hosted publicly or within internal applications and systems that have those credentials coded in. On the other hand, end users need to understand how to protect themselves from common targeted methods of attack, such as business email compromise, social engineering and phishing attacks.
Security teams need to prioritize collaboration with other departments within their organization to make internal security training more effective and impactful.

Humans Are Notoriously Bad at Assessing Risk
https://www.epanorama.net/newepa/2022/12/31/cyber-trends-for-2023/
We as humans, with our emotions, can sometimes be irrational and subjective. When too much subjectivity is mixed into risk assessment, it can produce a risk picture that is not an accurate representation of reality.

Threat Intel: To Share or Not to Share is Not the Question
https://www.securityweek.com/threat-intel-to-share-or-not-to-share-is-not-the-question/
To share or not to share isn’t the question. It’s how to share, what to share, where and with whom. The sooner we arrive at answers, the safer we’ll be collectively and individually.

Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation
https://www.securityweek.com/addressing-the-state-of-ais-impact-on-cyber-disinformation-misinformation/
The recent rapid rise of artificial intelligence continues to be a game-changer in many positive ways. Yet, within this revolution, a shadow looms. By embracing a strategy that combines technological advancements with critical thinking skills, collaboration, and a culture of continuous learning, organizations can safeguard against AI’s disruptive effects.

332 Comments

  1. Tomi Engdahl says:

    Venäjä, Ukraina ja Kiiina maailman ensimmäisen kyberrikoslistan kärjessä
    https://etn.fi/index.php/13-news/16120-venaejae-ukraina-ja-kiiina-maailman-ensimmaeisen-kyberrikoslistan-kaerjessae

    Kansainvälinen tutkijaryhmä on kolmen vuoden intensiivisen tutkimuksen jälkeen koonnut kaikkien aikojen ensimmäisen “World Cybercrime Indexin”, joka tunnistaa maailman tärkeimmät kyberrikollisuuden keskittymät. Listan kärjessä ovat Venäjä, Ukraina, Kiina, Yhdysvallat ja Nigeria.

    Tutkimuksen toinen kirjoittaja tohtori Miranda Bruce Oxfordin yliopistosta ja UNSW Canberrasta sanoi, että tutkimus antaa julkiselle ja yksityiselle sektorille mahdollisuuden keskittää resurssinsa tärkeimpiin tietoverkkorikollisuuden keskuksiin. Samalla se antaa mahdollisuuden käyttää vähemmän aikaa ja varoja kyberrikollisuuden vastatoimiin maissa, joissa ongelmia ei ole.

    Kyberrikosindeksi on julkaistu PLOS ONE -lehdessä.
    https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0297312

    Reply
  2. Tomi Engdahl says:

    ”Monissa yrityksissä tietoturvaloukkaus on lähes väistämätön”
    https://etn.fi/index.php/13-news/16138-monissa-yrityksissae-tietoturvaloukkaus-on-laehes-vaeistaemaetoen

    Tietoturvayritys Barracuda Networks on julkaissut tietohallintoa koskevan CIO-raportin Leading your business through cyber risk. Sen tulokset ovat hälyttäviä. Jopa kuudella kymmenestä yrityksestä on vaikeuksia hallita tietoturvariskiä. – Monille yrityksille jonkinlainen tietoturvaloukkaus on nykyään lähes väistämätön, sanoo yhtiön tietohallintojohtaja Siroui Mushegian.

    Tutkimuksen tiedot ovat peräisin Cybernomicsin kyselystä, johon osallistui viime syyskuussa 1917 tietoturva-alan ammattilaista 100-5000 työntekijän yrityksistä eri toimialoilta Yhdysvalloissa (522), UK:ssa (372), Ranskassa (329), Saksassa (425) ja Australiassa (269).

    Tulokset osoittavat muun muassa, että monien organisaatioiden on vaikea toteuttaa koko yrityksen laajuisia turvallisuuskäytäntöjä, kuten todennustoimenpiteitä ja pääsynvalvontaa. Puolet (49 %) tutkituista pienistä ja keskisuurista yrityksistä mainitsi tämän yhdeksi kahdesta tärkeimmästä hallintoon liittyvästä haasteestaan. Lisäksi hieman yli kolmannes (35 %) pienemmistä yrityksistä on huolissaan siitä, että ylin johto ei pidä verkkohyökkäyksiä merkittävänä riskinä, kun taas suuremmat yritykset kamppailevat todennäköisimmin budjetin (38 %) ja ammattitaitoisten ammattilaisten (35 %) puutteen kanssa.

    Monet organisaatiot ovat huolissaan toimitusketjun turvallisuuden ja valvonnan puutteesta sekä näkyvyyden puutteesta kolmansiin osapuoliin, joilla on pääsy arkaluonteisiin tai luottamuksellisiin tietoihin. Noin joka kymmenennellä ei ole toimintasuunnitelmaa, mikäli yrityksen tietoturva vaarantuu.

    Reply
  3. Tomi Engdahl says:

    The CIO report:
    Leading your
    business through
    cyber risk
    Get expert guidance on how to navigate
    your business to a stronger, more resilient future
    https://www.barracuda.com/reports/cyber-resilience-report

    Reply
  4. Tomi Engdahl says:

    Dustin Volz / Wall Street Journal:
    Sam Altman, Satya Nadella, Sundar Pichai, Jensen Huang, and others join a panel to advise US DHS on deploying AI safely within America’s critical infrastructure

    OpenAI’s Sam Altman and Other Tech Leaders to Serve on AI Safety Board
    https://www.wsj.com/tech/ai/openais-sam-altman-and-other-tech-leaders-to-serve-on-ai-safety-board-7dc47b78?st=xggtkj1be488ozw&reflink=desktopwebshare_permalink

    Panel will advise Department of Homeland Security on deploying artificial intelligence safely within America’s critical infrastructure

    Reply
  5. Tomi Engdahl says:

    Reuters:
    Sources: ByteDance prefers a TikTok shutdown in the US rather than a sale if legal options fail, deeming TikTok’s algorithm as core to overall ByteDance systems — TikTok owner ByteDance would prefer shutting down its loss-making app rather than sell it if the Chinese company exhausts …

    https://www.reuters.com/technology/bytedance-prefers-tiktok-shutdown-us-if-legal-options-fail-sources-say-2024-04-25/

    Sherry Qin / Wall Street Journal:
    ByteDance says it has no plans to sell TikTok, responding to a report suggesting that it is considering scenarios for selling a majority stake in US TikTok
    https://www.wsj.com/tech/bytedance-says-it-wont-sell-u-s-tiktok-business-61f43079

    Reply
  6. Tomi Engdahl says:

    Pilvifirman asiakkaat menettivät kaiken datansa kyberhyökkäykseen, ja yhtiö lakkasi olemasta kotisivuja myöten – Voiko pilveen luottaa?
    Pilvipalveluita on totuttu pitämään paitsi kätevänä ja kustannustehokkaana myös turvallisena vaihtoehtona. Tanskalaisen Cloudnordic-palvelun romahdus herätti kuitenkin kysymään, voiko pilveen luottaa.
    https://www.tekniikkatalous.fi/uutiset/pilvifirman-asiakkaat-menettivat-kaiken-datansa-kyberhyokkaykseen-ja-yhtio-lakkasi-olemasta-kotisivuja-myoten-voiko-pilveen-luottaa/28de055f-1d64-4b3c-8e1a-1d2f772648d5#Echobox=1700778420

    Elokuussa 2023 pienen tanskalaisen pilvipalveluntarjoajan Cloudnordicin asiakkaille tapahtui pahin mahdollinen: kyberrikolliset olivat onnistuneet salaamaan kaikki yrityksen palvelinten tiedot, mukaan lukien tietojen varmistukseen käytetyt palvelimet.

    Reply
  7. Tomi Engdahl says:

    Volkswagen Group’s Systems Hacked: 19,000+ Documents Stolen
    https://gbhackers.com/volkswagen-systems-hacked/

    Reply
  8. Tomi Engdahl says:

    Network Security
    SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking

    SD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE.

    https://www.securityweek.com/sd-wan-dont-build-a-dead-end-prepare-for-future-proof-secure-networking/

    Reply
  9. Tomi Engdahl says:

    Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon

    As a security industry, we need to focus our energies on those professionals among us who know how to walk the walk.

    https://www.securityweek.com/navigating-vendor-speak-a-security-practitioners-guide-to-seeing-through-the-jargon/

    Reply
  10. Tomi Engdahl says:

    Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual

    Jennifer Leggio makes the case for more alcohol-free networking events at conferences, and community-building opportunities for sober individuals working in cybersecurity.

    https://www.securityweek.com/beyond-the-buzz-rethinking-alcohol-as-a-cybersecurity-bonding-ritual/

    Reply
  11. Tomi Engdahl says:

    CISO Strategy
    Should Cybersecurity Leadership Finally be Professionalized?

    The majority opinion is that a cybersecurity professional body is long overdue and would benefit cybersecurity and cybersecurity practitioners.

    https://www.securityweek.com/should-cybersecurity-leadership-finally-be-professionalized/

    Reply
  12. Tomi Engdahl says:

    Google Says it Blocked 2.28 Million Apps from Google Play Store

    In 2023, Google said it blocked 2.28 million bad applications from being published on Google Play and banned 333,000 developer accounts.

    https://www.securityweek.com/google-says-it-blocked-2-28-million-apps-from-google-play-store/

    Reply
  13. Tomi Engdahl says:

    Tech CEOs Altman, Nadella, Pichai and Others Join Government AI Safety Board Led by DHS’ Mayorkas

    CEOs of major tech companies are joining a new artificial intelligence safety board to advise the federal government on how to protect the nation’s critical services from “AI-related disruptions.”

    https://www.securityweek.com/tech-ceos-altman-nadella-pichai-and-others-join-government-ai-safety-board-led-by-dhs-mayorkas/

    Artificial Intelligence
    CISA Rolls Out New Guidelines to Mitigate AI Risks to US Critical Infrastructure

    New CISA guidelines categorize AI risks into three significant types and pushes a four-part mitigation strategy.

    https://www.securityweek.com/cisa-rolls-out-new-guidelines-to-mitigate-ai-risks-to-us-critical-infrastructure/

    Reply
  14. Tomi Engdahl says:

    Tom Warren / The Verge:
    Microsoft outlines security principles and goals tied to executive compensation packages, following a scathing US Cyber Safety Review Board report in April 2024 — – Protect identities and secrets. … – Protect tenants and isolate production systems. … – Protect networks.

    Microsoft/Tech/Security
    https://www.theverge.com/2024/5/3/24147883/microsoft-security-priority-executive-compensation-goals

    Microsoft overhaul treats security as ‘top priority’ after a series of failures
    / Microsoft’s security overhaul and goals are now linked to leadership compensation.

    Reply
  15. Tomi Engdahl says:

    STRATEGYBeyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual
    Jennifer Leggio makes the case for more alcohol-free networking events at conferences, and community-building opportunities for sober individuals working in cybersecurity.
    https://www.securityweek.com/beyond-the-buzz-rethinking-alcohol-as-a-cybersecurity-bonding-ritual/

    Reply
  16. Tomi Engdahl says:

    https://github.com/luijait/DarkGPT
    DarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.

    Reply
  17. Tomi Engdahl says:

    “Cyber security is not something you learn in a Masters Degree. It is something you learn from years of experience across the broad spectrum of IT. This cannot be bypassed.”

    - Randall Frietzche

    Reply
  18. Tomi Engdahl says:

    Pilven tietoturva huolestuttaa lähes kaikkia
    https://etn.fi/index.php/13-news/16167-pilven-tietoturva-huolestuttaa-laehes-kaikkia

    Fortinetin rahoittama ja Cybersecurity Insidersin toteuttama vuoden 2024 Cloud Security Report -tutkimus selvitti, millaisia haasteita organisaatiot kohtaavat pilviympäristöjensä suojaamisessa ja mitä strategioita ne priorisoivat. Peräti 96 prosenttia organisaatioista ilmoitti olevansa kohtalaisen tai erittäin huolissaan pilvipalvelujen turvallisuudesta.

    Raportista selviää muun muassa, että yhä useammat organisaatiot suosivat hybridi- ja monipilvistrategioita. Kyselytutkimukseen vastanneista 78 prosenttia kertoo omaksuneensa tällaisen strategian. Heistä 43 prosentilla on käytössä pilvipalvelun ja paikallisen infrastruktuurin yhdistelmä ja 35 prosentilla monipilvistrategia. Määrät ovat nousseet kahden vuoden takaisesta, jolloin 39 prosenttia organisaatioista käytti hybridipilviä ja 33 prosenttia monipilveä.

    Useimmat organisaatiot ovat käsittäneet, että tietoturva on sisällytettävä osaksi pilvistrategioita. Pilvipalveluja koskevat kyberturvallisuushaasteet ja tarve parantaa pilviympäristöjen turvatoimia ovat muuttuneet entistä tärkeämmiksi kysymyksiksi uusien tekoälyyn liittyvien uhkien myötä.

    - Pilvisovellusten kehityksen ja käyttöönoton yleistyessä organisaatioissa myös tietoturva monimutkaistuu. Vaikka useiden pilvien käyttö tarjoaa monia etuja, monien työkalujen hallinta lisää monimutkaisuutta ja vaikeuttaa yhdenmukaisten tietoturvakäytäntöjen soveltamista kaikissa pilviympäristöissä, sanoo Fortinetin kyberturvallisuusasiantuntija Jani Ekman.

    96 prosenttia organisaatioista ilmoitti olevansa kohtalaisen tai erittäin huolissaan pilvipalvelujen turvallisuudesta. Vastaajista 61 prosenttia odottaa pilvipalvelujensa turvallisuusbudjetin kasvavan seuraavien 12 kuukauden aikana.

    Reply
  19. Tomi Engdahl says:

    Pieter Haeck / Politico:
    The EU’s crackdown on Huawei shows an EU-wide TikTok ban will likely take years of diplomacy, as the bloc lacks a formal say over national security concerns

    Europe is nowhere close to banning TikTok
    The EU has its own ways to deal with the video app. A blanket ban is not (yet) part of it.
    https://www.politico.eu/article/us-style-tiktok-ban-nowhere-close-europe/

    Reply
  20. Tomi Engdahl says:

    Tom Warren / The Verge:
    Microsoft outlines security principles and goals tied to executive compensation packages, following a scathing US Cyber Safety Review Board report in April 2024

    Microsoft overhaul treats security as ‘top priority’ after a series of failures
    / Microsoft’s security overhaul and goals are now linked to leadership compensation.
    https://www.theverge.com/2024/5/3/24147883/microsoft-security-priority-executive-compensation-goals

    Reply
  21. Tomi Engdahl says:

    Building the Right Vendor Ecosystem – a Guide to Making the Most of RSA Conference
    As you look to navigate RSA Conference, with so many vendors, approaches and solutions, how do you know what solutions you should be investing in?
    https://www.securityweek.com/building-the-right-vendor-ecosystem-a-guide-to-making-the-most-of-rsa/

    This year’s RSA Conference (RSAC) is taking place from May 6 to 9 at the Moscone Center in San Francisco. The conference serves as the epicenter for the global cybersecurity community to converge, gain valuable insights, engage in deep conversations, and discover transformative solutions that can change their business model. The Expo also reveals the latest advances in cybersecurity technology from over 600 of the world’s foremost vendors.

    Right now, many SOC teams are at a crossroads, torn between choosing vendor-based platform solutions or best-of-breed products.

    Seek to eliminate security tool siloes

    Today’s SOC teams face an uphill battle with fragmented tools and data silos. There are also major challenges around alert fatigue and overloaded SOC teams who, despite all their tools, end up undertaking manual investigations to determine the best response. This is causing SOC burnout, with more than two-thirds (66%) likely to change jobs in next year.

    Platform versus best of breed – weighing advantages and disadvantages

    Most organizations are utilizing both vendor-based platform and best-of-breed security tools, some of which they may be looking to consolidate. Platforms promise a streamlined interface between the vendor’s solutions within your environment, but they have drawbacks and often lack the functionality and features provided by best-of-breed solutions.

    Integration with other tools

    One of the key questions you should be asking vendors, when looking for the optimum solution, is how well their platform or solution integrates with other tools.

    It is important that you understand your strategy before you get into any conversations. For example, you may be looking to consolidate several tools to reduce complexity, but you will still need to integrate those you do select.

    Breadth versus depth – the value of the depth of information

    A vendor may have a wide breadth of integrations with third-party providers, but these might not go that deep. Ideally, integrations won’t be merely surface level, but will draw on the deeper capabilities of the complementary solutions. Therefore, it is important to understand the depth of these integrations and whether they will meet your needs.

    At the end of the day, if you are building out a platform approach you will inevitably still have some technologies that you need to integrate. Additionally, you should be aware of the issue of vendor lock-in; customers that rely on a single company for their entire security environment, rarely move off that platform. So if you are committing to a dominant vendor, you need to ensure it has flexibility to incorporate those best-of-breed solutions that you still want to use.

    Central to this is asking how robust the vendors APIs are. I say this because legacy vendors, that evolved in a standalone environment, may have limited APIs, meaning that there will be less that the SOC team is able to do from an ecosystem standpoint.

    before you set off to RSA this year, here are four additional points to consider:

    Assess your current and future security needs and challenges and prioritize the most critical and urgent ones.
    Evaluate the existing and potential products and services that can address your needs and challenges, and compare their features, benefits, drawbacks, and costs.
    Consider the reliability and reputation of the vendors and their vision and direction for the future.
    Beware of the risks and trade-offs of consolidation in the cybersecurity landscape. If your tool vendor’s plans are misaligned with your strategic goals, and they get acquired by another company, it’s likely to change its product roadmap, support, and pricing structures.

    Reply
  22. Tomi Engdahl says:

    ICS/OT
    From Warnings to Action: Preparing America’s Infrastructure for Imminent Cyber Threats

    As cyber threats grow more sophisticated, America cannot afford complacency. The time for decisive action and enhanced cyber resilience is now.

    https://www.securityweek.com/from-warnings-to-action-preparing-americas-infrastructure-for-imminent-cyber-threats/

    Reply
  23. Tomi Engdahl says:

    André Beganski / Decrypt:
    Robinhood CEO Vlad Tenev decries the “regulatory onslaught” and calls SEC’s actions “another improper attempt by the administrative state to stifle innovation” — Though Robinhood Crypto thought its “safety-first” approach was distinct, the SEC said that enforcement action is on its way.

    https://decrypt.co/229728/robinhood-ceo-decries-regulatory-onslaught-crypto-fight-sec

    Reply
  24. Tomi Engdahl says:

    Mitre Wants The Feds To Play In Its Sandbox
    https://hackaday.com/2024/05/07/mitre-wants-the-feds-to-play-in-its-sandbox/

    If you haven’t worked with the US government, you might not know Mitre, a non-profit government research organization. Formed in 1958 by the U.S. Air Force as a company to guide the SAGE computer, they are often research experts who oversee government contracts or evaluate proposals. Now they are building a $20 millon “AI Sandbox” for the Federal government to build AI prototypes.

    Partnered with NVidia, the sandbox will use an NVidia GDX SuperPOD system capable of an exaFLOP of 8-bit AI computation. Mitre reports this will increase their compute power for AI by two orders of magnitude.

    Access to the sandbox will be through one of the six federally funded R&D centers that Mitre operates on behalf of the government. These include centers that support the FAA, the IRS, Homeland Security, Social Security, health services, and cybersecurity with NIST. Of course, the DoD is likely in that mix, too.

    Federal AI Sandbox
    https://www.mitre.org/news-insights/fact-sheet/federal-ai-sandbox

    To realize the incredible potential of AI within the federal government, a secure sandbox environment with significant computational power is needed for prototyping, training, and testing complex AI models.

    Reply
  25. Tomi Engdahl says:

    Criminal Use of AI Growing, But Lags Behind Defenders
    https://www.securityweek.com/criminal-use-of-ai-growing-but-lags-behind-defenders/

    When not scamming other criminals, criminals are concentrating on the use of mainstream AI products rather than developing their own AI systems.

    At the 2024 RSA Conference, taking place this week in San Francisco, Trend Micro on Wednesday delivered an update on its 2023 investigation into the criminal use of gen-AI. “Spoiler: criminals are [still] lagging behind on AI adoption.”

    In summary, Trend Micro has found only one criminal LLM: WormGPT. Instead, there is a growing incidence, and therefore potential use, of jailbreaking services: EscapeGPT, BlackHatGPT, and LoopGPT. (The RSA presentation is supported by a separate Trend Micro blog.)

    There is also an increasing number of ‘services’ whose purpose is unclear. These provide no demo and only mention their supposed capabilities: high on claims but low on proof. FraudGPT is one example.

    Trend is not sure about the relevance or value of these offerings, and places them in a separate category labeled potential ‘scams’. Other examples include XXX.GPT, WolfGPT, EvilGPT, DarkBARD, DarkBERT, and DarkGPT.

    In short, when not scamming other criminals, criminals are concentrating on the use of mainstream AI products rather than developing their own AI systems. This is also seen in the use of AI within other services. The Predator hacking tool includes a GPT feature using ChatGPT to assist scammers’ text creation abilities.

    Reply
  26. Tomi Engdahl says:

    CISA Announces CVE Enrichment Project ‘Vulnrichment’
    https://www.securityweek.com/cisa-announces-cve-enrichment-project-vulnrichment/

    CISA’s Vulnrichment project is adding important information to CVE records to help improve vulnerability management processes.

    The US cybersecurity agency CISA on Wednesday announced a new project that aims to add important information to CVE records in an effort to help organizations improve their vulnerability management processes.

    The project is named Vulnrichment and its goal is the enrichment of public CVE records with Common Platform Enumeration (CPE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE), and Known Exploited Vulnerabilities (KEV) data.

    CISA says it has already enriched 1,300 CVEs — particularly new and recent CVEs — and is asking all CVE numbering authorities (CNAs) to provide complete information when submitting vulnerability information to CVE.org.

    The agency says it’s initially taking each CVE through a Stakeholder-Specific Vulnerability Categorization (SSVC) scoring process.

    SSVC, developed by CISA in collaboration with Carnegie Mellon University’s Software Engineering Institute, provides a vulnerability analysis methodology that accounts for a vulnerability’s exploitation status, safety impact, and prevalence of the affected product.

    Stakeholder-Specific Vulnerability Categorization (SSVC)
    https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc

    Reply
  27. Tomi Engdahl says:

    Shields Up: How to Minimize Ransomware Exposure
    https://www.securityweek.com/shields-up-how-to-minimize-ransomware-exposure/

    Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response.

    Reply
  28. Tomi Engdahl says:

    I work for a Pentesting company and Nessus & Nmap, along with >insert your favorite TLS protocol/cipher tool checker here< is our standard outside of doing mostly all testing in. Burp Suite.

    This is specifically for web app penetration tests though. Network PenTest / etc use a lot more tooling.

    Reply
  29. Tomi Engdahl says:

    Verkkorikollisuuden ammattimaistuminen ja tekoälyn vikkelä kehitys asettavat yritykset uudenlaisten kyberuhkien eteen. Esimerkiksi deepfake-teknologia vie toimitusjohtajahuijaukset täysin uudelle tasolle.

    ”Tulevaisuudessa tekoälyn luoma toimitusjohtaja voi ottaa reaaliaikaisen Teams-puhelun ja keskustella työntekijänsä kanssa. Teknologisesti tämä on toteutettavissa jo nyt”, tietoturvan syväosaaja ja WithSecuren tutkimusjohtaja Mikko Hyppönen kertoo.

    Koska jokainen yritys on potentiaalinen hyökkäyksen kohde, on toimiin ryhdyttävä heti. Lue vinkit yrityksen tietoturvan kehittämiseen artikkelista!

    Deepfake-huijaukset ja monet muut verkkorikokset ammattimaistuvat – Jokainen yritys on potentiaalinen kohde kyberrosvolle
    Kyberrikollisuus ei ole enää pitkään ollut vain yksittäisten hakkereiden harjoittamaa puuhastelua, vaan se on kehittynyt hyvin organisoituneeksi rikolliseksi toiminnaksi. Kentällä on yhä enemmän rikollisorganisaatioita, jotka toimivat kuin yritykset. Rikollisten tarjoamien palveluiden määrä on kasvanut, ja palvelut moninaistuvat entisestään tekoälyn vauhdittamana.

    Kehittyneet tietoturvateknologiat ovat tuoneet mukanaan varjopuolen: tehokkaita mekanismeja voidaan käyttää myös väärin. Olemme päätyneet tilanteeseen, jossa erilaisia kyberrikoksia voidaan ostaa kuin mitä tahansa muitakin palveluita. Kyberrikollisuus on ammattimaistunut ja kyberhyökkäykset on tuotteistettu. Aihe koskettaa kaikkia yrityksiä.

    ”Jokainen yritys on tänä päivänä ohjelmistoyritys. Kaikkien firmojen toiminta pyörii softan päällä tavalla tai toisella – oli se sitten kirjanpito tai myyntireskontra”, tietoturvan syväosaaja ja WithSecuren tutkimusjohtaja Mikko Hyppönen kertoo.

    Jokainen yritys on tänä päivänä ohjelmistoyritys.

    Kaikilta yrityksiltä löytyy jotain digitaalisessa muodossa olevaa suojattavaa tietoa tai järjestelmiä, jotka voivat joutua kyberhyökkäyksen kohteeksi. Koska yhä ammattimaisemmin ja organisoidummin toimivat rikolliset todella tietävät mitä tekevät, on yritysten oltava valppaina.

    Rikollisten palveluvalikoima laajenee
    Lunnastroijalaiset ja palvelunestohyökkäykset ovat tunnettuja esimerkkejä yrityksiin kohdistuvista iskuista. Suorien rikosten lisäksi kybervoroilta voi hankkia työkaluja, jotka esimerkiksi kuormittavat hyökkäyskohteen palvelinta. Mutta missä tämä kaupankäynti oikein tapahtuu?

    ”Vakavimmat hyökkäysten muodot ostetaan privaattifoorumeilla, kuten chateissa, tai Tor-verkossa. Ei kuitenkaan ole tavatonta, että kauppaa käydään myös julkisessa verkossa”, Hyppönen kertoo.

    Alalla on myös tahoja, jotka eivät koe harjoittavansa rikollista toimintaa. Tämä herättääkin kysymyksen, onko rikosta avustava, epäeettinen toiminta rikollista. Hyppönen kertoo esimerkin tuotteistetuista sisäänpääsypalveluista (englanniksi initial access brokers).

    ”Näiden palveluiden myyjät skannaavat IP-avaruuksia ja etsivät haavoittuvuuksia. Kun haavoittuvuus löytyy, tieto myydään pimeässä verkossa hyvään hintaan. Omasta mielestään nämä kauppiaat eivät ole rikollisia, koska he eivät murtaudu minnekään tai vie tietoja.”

    Sisäänpääsypalveluiden tyyppinen toiminta on kasvanut kovaa vauhtia. Hyppösen mukaan on muutenkin yhä yleisempää, että rikolliset ostavat toinen toisiltaan palveluita, joihin heillä itsellään ei ole kyvykkyyksiä. Yksi esimerkki tästä on deepfake-huijaukset.

    Tekoäly tekee toimitusjohtajahuijauksista vakuuttavampia kuin koskaan
    Tekoäly tuo kyberrikollisuuden markkinoille uudenlaiset huijaustyypit, kuten deepfake-huijaukset. Deepfake-teknologia luo aidolta vaikuttavaa ääni-, kuva- ja videomateriaalia halutusta henkilöstä. Materiaali tuotetaan yhdistämällä tai muuttamalla olemassa olevaa materiaalia koneoppivan tekoälyn avulla.

    ”Toimitusjohtajahuijaukset eivät ole uusi juttu. Ennen internetiä ne toteutettiin esimerkiksi faksilla, mutta nyt deepfake-teknologia on tullut mukaan kuvioihin”, Hyppönen pohtii.

    ”Alkuvaiheessa huijaukset toteutetaan ennalta renderöidyillä ääni- ja videoklipeillä. Pienestäkin materiaalista saa kloonattua ihmisen kasvot tai äänen. Tulevaisuudessa tekoälyn luoma toimitusjohtaja voi ottaa reaaliaikaisen Teams-puhelun ja keskustella työntekijänsä kanssa. Teknologisesti tämä on toteutettavissa jo nyt.”

    Hyppönen ennustaa deepfake-teknologiasta tulevan merkittävä haaste tulevaisuudessa. Hän näkeekin uuden palvelun syntyvän kyberrikollisten palvelutarjontaan: deepfake as a service.

    Rikollinen voi hyökätä sinne, minne vähiten odotat
    Kuka valikoituu hakkerin uhriksi?

    ”Liian usein tuudittaudumme ajatukseen, että hakkeria eivät kiinnosta juuri minun firmani tiedot. Tämä on täysin väärä uskomus, johon vaaditaan ajattelumallin muutos. Jokainen organisaatio on potentiaalinen kohde, vaikkei välttämättä tunnu siltä”, Hyppönen muistuttaa.

    Tietoturvahyökkäyksen kohde valikoituu yleensä sattumanvaraisesti. Kun tarkastellaan yrityksiä, joihin hyökkäys on kohdistunut, voidaan huomata nopeasti, ettei yrityksen toimialalla tai sijainnilla ole väliä. Hakkeri löytää yrityksen tietoturvan heikot kohdat ja valitsee uhrinsa sen perusteella.

    ”Hakkeri saattaa huomata, että esimerkiksi tietyssä etäkäyttöpalvelimen kokoonpanossa on reikä. Sen jälkeen hän skannaa firmat, jotka käyttävät tätä palvelinta. Jos hän löytää esimerkiksi sata yritystä, ne kaikki ovat potentiaalisia hyökkäyksen kohteita.”

    Uhriksi joutumisen mahdollisuus herättää huolen siitä, miten oman yrityksen tietoturvan tason saa pidettyä riittävän korkealla monipuolistuvista uhista huolimatta. Onneksi henkilöstön koulutuksella ja yhteisillä toimintatavoilla pääsee jo pitkälle.

    ”Koulutuksen arvo on kiistaton. Kun kaikille on selvää, miten ihmisen aitous varmistetaan, kenelle soitetaan epäilyttävissä tilanteissa tai miten sisäpiirisäännöt oikeasti menevät, ollaan turvallisilla vesillä”, Hyppönen rauhoittelee.

    Kyberrosvot-podcast sukeltaa toinen toistaan jännittävämpien kyberrikollisuuden tositarinoiden pariin. Kuuntele jaksosta Herramieshakkereiden Mikko Hyppösen ja Tomi Tuomisen tarkat analyysit ammattimaistuneen kyberrikollisuuden nykytilanteesta.

    Avainsanat:

    Digitalisaatio Teknologia Tietoturva Tekoäly Kyberturvallisuus
    DNA Yrityksille
    Olemme uuden työn edelläkävijä, joka ymmärtää digitalisoituneen maailman monimutkaisuuden ja haluaa tehdä siitä yllättävän yksinkertaista tarjoamalla asiakkaillemme ensiluokkaisia ratkaisuja ja odotukset ylittävää palvelua.

    Samasta aiheesta

    7 vinkkiä yritysliittymän käyttöön ulkomailla
    5/2024 DNA Yrityksille

    Uhkaähky lamauttaa organisaation – vinkkini sen purkamiseen
    5/2024 Juho Saarinen

    Uhkakenttä muuttuu teknologian kehittyessä – miten yrityksen kyberresilienssiä voi vahvistaa?
    4/2024 Mari Eklund

    DNA:n vahvat pohjoismaiset hartiat takaavat sujuvat digipalvelut läpi Pohjolan
    3/2024 DNA Yrityksille

    Näin ennakoit kustannukset: hanki mobiililaitteet palveluna
    3/2024 DNA Yrityksille
    Kaikki artikkelit ja blogit

    Kaikki referenssit

    Kaikki oppaat

    Tilaa uutiskirje

    Ota yhteyttä

    Lue lisää uudesta työstä
    ARTIKKELI

    5/2024 DNA YRITYKSILLE
    7 vinkkiä yritysliittymän käyttöön ulkomailla
    Lue artikkeli
    ARTIKKELI

    5/2024 DNA YRITYKSILLE
    Yrittäjä: Osta työvälineet Y-tunnukselle ja säästä!
    Lue artikkeli
    ARTIKKELI

    5/2024 DNA YRITYKSILLE
    Kyberrosvot: Tietoturvassa yhdistyvät inhimillisyys, teknologia ja varautuminen
    Lue artikkeli
    BLOGI

    5/2024 JUHO SAARINEN
    Uhkaähky lamauttaa organisaation – vinkkini sen purkamiseen
    Lue blogi
    RAPORTTI
    Miltä näyttää teknologian vuosi 2024?
    Uljaan uuden huomisen onnennumero on 14 – nimittäin niin monta nousevaa teknologiatrendiä esitellään DNA:n vuoden 2024 teknologiatrendiraportissa! Lue valppaasti, sillä monet näistä trendeistä tulevat jättämään jälkensä historiaan.

    Lataa raportti

    Pysy digitalisaation vauhdissa.
    Tilaa DNA Yrityksille -uutiskirje sähköpostiisi!
    Tilaa uutiskirje
    Hyödynnetäänkö teillä jo uuden työn mahdollisuuksia? Ota yhteyttä – katsotaan yhdessä parhaat ratkaisut yrityksellesi.
    Jätä yhteydenottopyyntö
    Hallinnoi palveluitasi
    Kirjaudu YritysDNA:han
    Hanki tunnukset
    Asiakaspalvelu
    Tuki ja ohjeet
    Ota yhteyttä
    Yritysmyynti
    Varaa soittoaika
    Soita 0800 30 20 30
    Jätä yhteydenottopyyntö

    Liittymät ja laitteet

    Yritysratkaisut

    Teknologia nyt
    FI
    EN
    SV
    Yksityisille
    Yrityksille
    Wholesale
    DNA Oyj
    Tietosuoja
    Muokkaa evästeasetuksia
    Tilaus- ja toimitusehdot
    DNA 2024
    https://www.dna.fi/yrityksille/blogi/-/blogs/deepfake-huijaukset-ja-monet-muut-verkkorikokset-ammattimaistuvat-jokainen-yritys-on-potentiaalinen-kohde-kyberrosvolle?utm_source=facebook&utm_medium=linkad&utm_content=KIKA-artikkeli-deepfake-huijaukset-ja-monet-muut-verkkorikokset-ammattimaistuvat-jokainen-yritys-on-potentiaalinen-kohde-kyberrosvolle&utm_campaign=H_KIKA_SES_24-18-22_artikkelikampanja&fbclid=IwAR18GaH1J6XQ7ocdUrjhA69jvfkmMR-egOdrY2gkvmHt-Ik6WeMHKfvPLKg_aem_AcHrUTrmmin6xXSxBDbk1rWDsg7OEvIs4s6EZ1eeSi2GcxJqquJy1X4Dg1H_6OAFh081ZX9gzT5P72SaJnhbtf2Y

    Reply
  30. Tomi Engdahl says:

    “There Is No Cyber Labor Shortage?
    There are plenty of valuable candidates on the market. Hiring managers are simply looking in the wrong places.”

    There Is No Cyber Labor Shortage
    There are plenty of valuable candidates on the market. Hiring managers are simply looking in the wrong places
    https://www.darkreading.com/cybersecurity-operations/there-is-no-cyber-labor-shortage?fbclid=IwZXh0bgNhZW0CMTEAAR0YIPCEZ4MVpzVDdAY8EqtqpuLmvtyclHWxFeEklwH4tadbqYhj2A0rUi4_aem_AcduDuaAqMKzUgo3gvan1I6_5GSfEOEYoWzZMFBZ2OdUAtcrEnKYMecz-FkxwxHsDr9JatATDj0ygm8nLvHxVwe0

    The unfortunate truth is, if you’re looking for an entry-level position in the cybersecurity field, there aren’t many on-ramps. The wide-ranging security certification bodies and training organizations that dominate the industry have convinced many — maybe even most — cybersecurity leaders that “number of certifications” or “years of formal training” are the only metrics by which potential job candidates should be judged. What’s more, the emergence of both undergraduate and graduate-level cybersecurity degrees has placed another arbitrary barrier between otherwise qualified individuals and the jobs they want. Don’t have the right degree? Too many organizations will tell you not to bother applying.

    Unfortunately, the meaningless requirements and barriers we place in front of candidates are only likely to get more burdensome with time. Want an entry-level security operations center (SOC) position? Please arrive with a bachelor’s degree in cybersecurity, Security+ (CISSP preferred) training, and $30,000 worth of SANS courses. Oh, and be prepared to work third shift for a while.

    Yes, those credentials have value, but treating them as mandatory artificially raises the barrier to entry for new security professionals. Hiring managers often are hesitant to hire candidates perceived as undercredentialed when they believe there must be a “perfect” candidate out there somewhere. But the truth is, a perfect candidate probably isn’t interested in a third-shift SOC position — which means hiring managers need to reevaluate where they look for new employees and which qualifications matter most.

    Solving the Shortage by Broadening the Candidate Pool

    It isn’t just organizations themselves that fall into this trap — recruiters do, too. As effective as recruiters are at gathering candidates, they usually aren’t cybersecurity experts — which means they aren’t always capable of discerning between cybersecurity candidates ready to deliver value and those who are simply good at marketing themselves. Understandably, they look for shorthand ways to help them narrow down candidates: Degrees, certifications, training, and other measurable factors obviously are attractive. They become de facto indicators of value, and their absence is treated as an indicator that a candidate is unqualified — or at least not a fit for a technical role.

    The result is self-defeating. By narrowing down candidate pools based on a small number of arbitrary qualifications, organizations and recruiters end up self-selecting candidates who are good at acquiring credentials and taking tests — neither of which necessarily correlate to long-term success in the cybersecurity field. Prioritizing this small pool of candidates also means overlooking the many, many candidates with analytical potential, technical promise, and professional dedication who may not have gotten the right degree or attended the right training course. By tapping into these candidates, organizations will find that the “labor shortage” that has received so much attention isn’t such a hard problem to solve, after all.

    Reply
  31. Tomi Engdahl says:

    100% correct. There is a massive surplus in candidates, but HR requirements for entry-level positions are illogical.

    There really is a shortage. Most candidates cannot pass a phishing test.

    The phrases “Econ 101″ and “Supply & Demand” are often overused, but unless there’s an artificial price ceiling in place, there’s no shortage. It’s just people who are mad about the price.

    I look at this from two sides. Sure, the author is correct about untapped potential.

    But my god. The number of factory floor risk management people getting hired into cyber roles with laughable technical experience is scary. I have seen this firsthand, it’s a problem. Hiring managers are at fault for this.

    I think the author nails is… “It takes a strong analytic mind, a willingness to explore and grow, and a level of comfort with new and evolving technology. Perhaps most importantly, it requires a hiring manager willing to invest in a potentially unproven candidate.”

    https://www.facebook.com/share/p/PKapSEHbT3C4sHMc/

    Reply
  32. Tomi Engdahl says:

    Management & Strategy
    Legacy of Wisdom: Security Lessons Inspired by My Father

    Honoring my father by translating his timeless life lessons into practical wisdom for the cybersecurity profession.

    https://www.securityweek.com/legacy-of-wisdom-security-lessons-inspired-by-my-father/

    Reply
  33. Tomi Engdahl says:

    Wall Street Journal:
    Sources: US officials have told Google, Meta, and others about concerns that undersea cables could be vulnerable to tampering by China-owned repair ships — Google, Meta Platforms and others partially own many cables, but they rely on maintenance specialists, including some with foreign ownership

    U.S. Fears Undersea Cables Are Vulnerable to Espionage From Chinese Repair Ships
    Google, Meta Platforms and others partially own many cables, but they rely on maintenance specialists, including some with foreign ownership
    https://www.wsj.com/politics/national-security/china-internet-cables-repair-ships-93fd6320?st=wy5kmsu7l8jrvvz&reflink=desktopwebshare_permalink

    WASHINGTON—U.S. officials are privately delivering an unusual warning to telecommunications companies: Undersea cables that ferry internet traffic across the Pacific Ocean could be vulnerable to tampering by Chinese repair ships.

    State Department officials said a state-controlled Chinese company that helps repair international cables, S.B. Submarine Systems, appeared to be hiding its vessels’ locations from radio and satellite tracking services, which the officials and others said defied easy explanation.

    The warnings highlight an overlooked security risk to undersea fiber-optic cables, according to these officials: Silicon Valley giants, such as Google and Meta Platforms, partially own many cables and are investing in more. But they rely on specialized construction and repair companies, including some with foreign ownership that U.S. officials fear could endanger the security of commercial and military data.

    The Biden administration’s focus on the repair ships is part of a wide-ranging effort to address China’s maritime activities in the western Pacific. Beijing has taken steps in recent decades to counter U.S. military power in the region, often by seeking ways to stymie the Pentagon’s communications and other technological advantages in case of a clash over Taiwan or another flashpoint, officials say.

    U.S. officials have told companies, including Google and Meta, about their concerns that Chinese companies could threaten the security of U.S.-owned cables, a person familiar with the briefings said. In some cases, the conversations have included discussion of Shanghai-based S.B. Submarine Systems, the person said.

    Reply
  34. Tomi Engdahl says:

    The Guardian:
    How China is using AI news anchors to spread its propaganda on social media; Microsoft: some AI anchors were created using ByteDance’s video editing app CapCut

    How China is using AI news anchors to deliver its propaganda
    https://www.theguardian.com/technology/article/2024/may/18/how-china-is-using-ai-news-anchors-to-deliver-its-propaganda

    News avatars are proliferating on social media and experts say they will spread as the technology becomes more accessible

    Reply
  35. Tomi Engdahl says:

    DarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.
    https://github.com/luijait/DarkGPT

    Reply
  36. Tomi Engdahl says:

    Management & Strategy
    Start-Ups: 10 Tips for Navigating the Headwinds Against High-Growth

    These strategies can help cybersecurity startups navigate the current market dynamics, focusing on modern buyer behavior, updated KPIs, brand awareness, and effective sales and marketing alignment.

    https://www.securityweek.com/start-ups-10-tips-for-navigating-the-headwinds-against-high-growth/

    Reply
  37. Tomi Engdahl says:

    Cloud Security
    Google Cites ‘Monoculture’ Risks in Response to CSRB Report on Microsoft

    Google is invoking the ‘monoculture’ word in response to a scathing U.S. government report on Microsoft’s inadequate cybersecurity practices.

    https://www.securityweek.com/google-cites-monoculture-risks-in-response-to-csrb-report-on-microsoft/

    Google is invoking the ‘monoculture’ word in response to a scathing U.S. government report on Microsoft’s inadequate cybersecurity practices.

    The tech giant published a sharp statement Monday warning of “long-standing risk to public-sector organizations using the same vendor for operating systems, email, office software, and security tooling” and called on the government to mitigate risks from a Microsoft-centric monoculture.

    “This approach raises the risk of a single breach undermining an entire ecosystem,” Google said of Microsoft’s dominant market share in government, enterprise and consumer ecosystems.

    “Governments should adopt a multi-vendor strategy and develop and promote open standards to ensure interoperability, making it easier for organizations to replace insecure products with those that are more resilient to attack,” Google declared.

    Even more, Google called on regulators to investigate restrictive licensing practices that impede a diverse supplier ecosystem and disincentivize innovation.

    Reply
  38. Tomi Engdahl says:

    BLint: Open-source tool to check the security properties of your executables
    BLint is a Binary Linter designed to evaluate your executables’ security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also produce Software Bill-of-Materials (SBOM) for compatible binaries.
    https://www.helpnetsecurity.com/2024/05/14/blint-open-source-check-security-properties-executables/

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*