Cyber activity on the rise
SINCE the start of the war in Ukraine, Russia has been hacked at an unprecedented scale. Now, more than 100 days into the war, tensions around cyber activity are rising.
Just past week, Russia’s Foreign Ministry said that its critical infrastructure and government bodies were being hit by cyberattacks and warned that it could lead to military confrontation with the West.
“The militarisation of the information space by the West, and attempts to turn it into an arena of interstate confrontation, have greatly increased the threat of a direct military clash with unpredictable consequences,” the Foreign Ministry said in a statement.
From the moment Russian troops entered Ukraine, questions have been raised about the potential for escalation if people outside of Ukraine are involved in cyberattacks against Russia.
Last week, the head of US Cyber Command told Sky News that its military hackers have been involved in offensive operations that support Ukraine.
Apart from state sponsored groups there has also been a proliferation of private hacker groups and individuals on both sides attacking critical infrastructure and other vulnerable areas.
Truly a war where cyberspace has become part of the battlefield. I can see this spilling over into other countries whether intentional or not as has occurred in the past where large malware attacks like NotPetya have accidently affected other entities not only the intended targets.
For the past two years, state-sponsored hackers allegedly working on behalf of the Chinese government have targeted scores of communications technologies, ranging from home routers to large telecom networks. That’s according to the NSA, FBI, and the Cybersecurity and Infrastructure Security Agency (CISA), which published a security advisory this week detailing the “widespread” hacking.
Since 2020, Chinese-backed actors have been exploiting publicly known software flaws in hardware and incorporating compromised devices into their own attack infrastructure. According to the US agencies, the attacks typically contained five steps.
China’s hackers would use publicly available tools to scan for vulnerabilities in networks. They would then gain initial access through online services, access login details from the systems, get access to routers and copy network traffic, before finally “exfiltrating” victim data.
“Exploiting these vulnerabilities has allowed them to establish broad infrastructure networks to exploit a wide range of publicand private-sector targets,” the agencies say in their joint advisory.
If you’re not familiar with the Silk Road it was an online black market and the first modern Darknet market. As part of the dark web, it was operated as a Tor hidden service, such that online users were able to browse it anonymously and securely without potential traffic monitoring.
The website was launched in February 2011; development had begun six months prior. Silk Road provided goods and services to over 100,000 buyers – from illegal drugs to weapons to most about anything.
In October 2013, the Federal Bureau of Investigation (FBI) shut down the website(14) and arrested Ross Ulbricht under charges of being the site’s pseudonymous founder “Dread Pirate Roberts”.
In 2020, the US Government finally tracked down and confiscated $US1 billion ($F2.18b) in Bitcoin from proceeds on the Silk Road!
The latest cybersecurity news online report that Silk Road successor - the dark-web marketplace AlphaBay, is about to complete its journey back to the top of the online underworld.
The original AlphaBay site—home to more than 350,000 product listings, ranging from drugs to cybercrime services—was purged from the dark web in July 2017 as part of a huge law enforcement operation.
However, AlphaBay’s second-in-command, a hacker going by the name of DeSnake, survived the law enforcement operation and relaunched the site last year. Now AlphaBay is growing quickly and is on the verge of resuming its dominant darkweb market position.
Phishing remains one of the most successful ways for criminals to break into people’s accounts and make money—and there’s no better example of this than a newly uncovered Facebook and Facebook Messenger phishing campaign.
This week, security researchers at US firm PIXM revealed a huge network of about 400 phishing pages that are raking in millions of views and have made its creators an estimated $59 million.
The scam, which has been running since at least September 2021, directs people to false Facebook login pages where their credentials are hoovered up. What stands out, as noted by the Register, is that the phishing campaign has managed to avoid Facebook’s phishing detection methods more effectively than others.
So far in 2022, police and tech companies have been cracking down on cybercriminals with some success: Raidforums, ZLoader, and the dark-web market Hydra have all been shut down in recent months.
That list got a little bit longer this week as the FBI and its international law enforcement took down a marketplace selling the personal information of around 24 million Americans, according to authorities.
The SSNDOB marketplace, which was made up of four individual domains, was selling people’s names, dates of birth, and Social Security numbers. SSNDOB has existed for about a decade, and in 2013, details obtained from the organization were used in the takeover of Xbox Live accounts. It’s believed the website has made its unknown owners around $22b since 2015.
We know artificial intelligence has been riding the crest of the hype wave, but we don’t hear enough about the problems and headaches it brings with it. As reported in ZDNet.com a new survey estimates the number of complete or nearly complete AI projects has grown tenfold over the past 12 months.
Great news, but that means IT teams are scrambling to keep up. Companies need more people with the right skills to put it all together, and executives and managers must ensure that the AI securely delivers what the business needs.
At issue are talent shortages, integration challenges, and governance requirements, a survey of 700 IT managers and executives published by Juniper Networks finds.
The most eyebrow-raising sound bite: Completed or nearly completed AI implementations grew from 6 per cent one year ago to 63 per cent today.
In addition, we’re currently seeing increased enthusiasm for full AI adoption, versus the narrower use cases that dominated last year’s survey. The percentage of IT leaders who say they’re looking to deploy fully enabled AI use cases with widespread adoption in the future jumped from 11 per cent to 27 per cent.
The longstanding build-or-buy conundrum has surfaced with AI projects. Companies are split on implementing off-the-shelf AI solutions compared with ones built inhouse. About four in 10 executives indicate that their organisations mix off-the-shelf AI solutions with ones they fully build themselves, with three in 10 saying they either use only off-the-shelf or only fully inhouse built solutions.
Building AI solutions in-house brings its own sets of challenges. More than half (53 per cent) of IT leaders surveyed say that the reliability of these in-house AI applications is a top challenge, followed by integration with existing systems (46 per cent), finding new AI-capable talent (44 per cent), and development time (44 per cent).
With great AI capabilities comes great responsibility. Less than 10 per cent of IT leaders consider their AI governance and policies, such as establishing a company-wide AI leader or responsible AI standards and processes, to be fully mature.
More leaders see IT governance as a priority: 95 per cent agree that having proper AI governance is key to staying ahead of future legislation, up from 87 per cent in 2021.
IT leaders indicate that the top risks from inadequate oversight of AI are accelerated hacking or what the survey’s authors call “AI terrorism” (55 per cent). Privacy also ranks as the top concern, cited by 55 per cent. Regulation compliance (49 per cent) and loss of human agency (48 per cent) were also indicated as top risks.
As Russian President Vladmir Putin has bluntly stated in the past – “You can do a lot more with weapons and politeness than just politeness”.
God bless and stay safe in both digital and physical worlds this weekend. is a private cybersecurity consultant. The views expressed in this article are his and not necessarily shared by this newspaper. Mr Tuisawau can be contacted on ilaitia@cyberbati.com