Tuesday, June 08, 2021

Continuing our discussion on ‘who’s to blame.”

https://www.databreaches.net/the-blurry-boundaries-between-nation-state-actors-and-the-cybercrime-underground/

The blurry boundaries between nation-state actors and the cybercrime underground

Intel471 writes:

When it comes to attributing malicious cyber activity, there are two buckets by which actors generally fall in: “financially-motivated” or “nation-state.” The former is ultimately interested in money, while the latter is more concerned with obtaining or exploiting sensitive information to gain an advantage over a government or commercial entity. For the past decade, defenders could generally discern whether attackers fit into each of the previously mentioned buckets by examining tools, infrastructure, techniques and/or processes. Now, as cybercriminal work becomes increasingly lucrative due to the amount of money or information that could be acquired, the border between those buckets is eroding. The lines between nation-state objectives and financially-motivated cybercrime have continued to blur as the relationship between profit and espionage has grown, particularly within the cybercrime underground.
Whether nation-state threat actors were seen “moonlighting” in financially-motivated cybercrime or nation-states co-opted financially-motivated cybercriminals to do their bidding, Intel 471 has seen a slow and steady change in behavior where nation-states are incorporating the cybercrime underground to achieve their goals more than ever before.

Read more on Intel471’s blog.



(Related)

https://www.schneier.com/blog/archives/2021/06/vulnerabilities-in-weapons-systems.html

Vulnerabilities in Weapons Systems

If you think any of these systems are going to work as expected in wartime, you’re fooling yourself.”





Should the government keep it? Does Colonial Pipeline have any right to the ransom it paid because of faulty security?

https://www.cnn.com/2021/06/07/politics/colonial-pipeline-ransomware-recovered/index.html

First on CNN: US recovers millions in cryptocurrency paid to Colonial Pipeline ransomware hackers

The ransom recovery, which is the first seizure undertaken by the recently created DOJ digital extortion taskforce, is a rare outcome for a company that has fallen victim to a debilitating cyberattack in the booming criminal business of ransomware.

Colonial Pipeline Co. CEO Joseph Blount told The Wall Street Journal in an interview published last month that the company complied with the $4.4 million ransom demand because officials didn't know the extent of the intrusion by hackers and how long it would take to restore operations.

But behind the scenes, the company had taken early steps to notify the FBI and followed instructions that helped investigators track the payment to a cryptocurrency wallet used by the hackers, believed to be based in Russia.





You do not have to break encryption if you created it in the first place. A classic tech-sting.

https://www.bbc.com/news/world-57394831

ANOM: Hundreds arrested in massive global crime sting using messaging app

More than 800 suspected criminals have been arrested worldwide after being tricked into using an FBI-run encrypted messaging app, officials say.

The operation, jointly conceived by Australia and the FBI, saw devices with the ANOM app secretly distributed among criminals, allowing police to monitor their chats about drug smuggling, money laundering and even murder plots.

Officials called it a watershed moment.

Targets included drug gangs and people with links to the mafia.

Drugs, weapons, luxury vehicles and cash were also seized in the operation, which was conducted across more than a dozen countries. This included eight tons of cocaine, 250 guns and more than $48m (£34m) in various worldwide currencies and cryptocurrencies.

The FBI began operating an encrypted device network called ANOM, and covertly distributed devices with the chat app among the criminal underworld via informants.





How to identify targets without even hacking. (Unless of course, this was a hack?)

https://www.cnn.com/2021/06/08/tech/internet-outage-fastly/index.html

Massive internet outage: Websites and apps around the world go dark

Countless websites and apps around the world went down for about an hour Tuesday after Fastly, a major content delivery network, reported a widespread failure.

Fastly supports news sites and apps like CNN, the Guardian, the New York Times and many others. It also provides content delivery for Twitch, Pinterest, HBO Max, Hulu, Reddit, Spotify and other services.

Other major internet platforms and sites including Amazon, Target, and the UK government website — Gov.uk — were affected.

The problem was caused by an outage [That tells us nothing. What was the outage caused by? Bob] at Fastly, a cloud service provider. The company said on its service status website (which was working) Tuesday morning it had identified the problem and fixed the issue.





The ultimate surveillance tool?

https://9to5mac.com/2021/06/07/ios-15-find-my-network-can-find-your-iphone-when-it-is-powered-off/

iOS 15: Find My network can still find your iPhone when it is powered off, or factory reset

With iOS 15, your iPhone is still traceable through the Find My network even when the device is powered off. It seems that with iOS 15, the phone is not really fully ‘powered off’, it stays in a low-power state and acts like an AirTag, allowing any nearby iOS device to pick up the Bluetooth signal and send back its location.

This also means if your iPhone runs out of battery during the day, you still have a chance of finding its location for several more hours. In fact, Apple says the location tracking will even keep working whilst the phone is reset to factory settings with Activation Lock enabled.





Interesting question, but remember that one of the ‘solvers’ (lawmakers) has a built-in bias.

https://venturebeat.com/2021/06/08/bias-and-discrimination-in-ai-whose-responsibility-is-it-to-tackle-them/

Bias and discrimination in AI: whose responsibility is it to tackle them?

We all have our individual biases hardwired into our perceptions and actions. One might think artificial intelligence (AI) would eliminate our biases and create a level playing field. This is not the case. Since humans create the algorithms that enable AI to learn and make inferences, their biases are inherently incorporated into the code.

The following cases illustrate how detrimental the misuse of AI can be:

So, whose responsibility is it to stop the perpetual cycle of bias in AI? There are four key players:





Not the first to notice, but perhaps they can start the conversation?

https://www.dw.com/en/artificial-intelligence-cyber-warfare-drones-future/a-57769444

Germany warns: AI arms race already underway

In late 2020, as the world was consumed by the pandemic, festering tensions in the Caucasus erupted into war.

It looked like a textbook regional conflict, with Azerbaijan and Armenia fighting over the disputed region of Nagorno-Karabakh. But for those paying attention, this was a watershed in warfare.

"The really important aspect of the conflict in Nagorno-Karabakh, in my view, was the use of these loitering munitions, so-called 'kamikaze drones' — these pretty autonomous systems," said Ulrike Franke, an expert on drone warfare at the European Council on Foreign Relations.

Research by the Center for Strategic and International Studies showed that Azerbaijan had a massive edge in loitering munitions, with more than 200 units of four sophisticated Israeli designs. Armenia had a single domestic model at its disposal.

Other militaries took note.

The scale and speed of swarming open up the prospect of military clashes so rapid and complex that humans cannot follow them, further fueling an arms race dynamic.

As Ulrike Franke explained: "Some actors may be forced to adopt a certain level of autonomy, at least defensively, because human beings would not be able to deal with autonomous attacks as fast."



No comments: