Tag Archives: security

“AI vs. Scammers: A Revolution in the Fight Against Phone Fraudsters – Is a Virtual Grandma the Answer to the Growing Threat?”

Reading Time: 3 minutes
AI-generated image of an older, gray-haired woman holding a telephone

The Scale of the Problem

In recent years, the prevalence of phone scams has reached alarming levels. According to a report by CERT Polska, attempts at phone fraud increased by 40% in 2023 compared to the previous year. In the UK, where the telecom operator Virgin Media O2 has introduced an innovative solution in the form of a virtual grandma named Daisy, one in five residents falls victim to scams at least once a week. These statistics highlight that traditional methods of combating fraud are struggling to keep pace with the evolving tactics of scammers.

Introducing Daisy: The AI Granny

Daisy, a custom-made chatbot developed by Virgin Media O2, is designed to waste scammers’ time. This AI-driven solution automates the practice of “scambaiting,” where individuals pose as potential victims to frustrate scammers, gather information, and expose their tactics. Daisy impersonates an older adult, a demographic particularly vulnerable to scams, and engages in long, meandering conversations with fraudsters. Unlike human scambaiters who need breaks, Daisy can operate around the clock, effectively keeping scammers occupied and preventing them from targeting real victims.In an introductory video, Daisy is portrayed as a photorealistic AI-generated woman with gray hair, glasses, and pearls, chatting on a pink landline. Her friendly demeanor contrasts sharply with the frustration she causes scammers, who often find themselves exasperated by her refusal to provide the information they seek, such as bank account details. “It’s nearly been an hour, for the love of (inaudible expletive),” one scammer groans, to which Daisy cheerfully responds, “Gosh, how time flies.”

The Technology Behind Daisy

Daisy combines various AI models to listen to callers, transcribe their speech into text, and generate responses using a custom large language model. This model is enhanced with a “personality” layer that gives Daisy her charming, grandmotherly vibe. The creative agency behind Daisy, VCCP Faith, based her voice on a staff member’s grandmother to ensure authenticity. By tricking criminals into believing they are defrauding a real person, Daisy not only wastes their time but also exposes common tactics used by scammers, helping consumers better protect themselves.While Daisy may seem like a harmless neighbor, she is a formidable opponent in the battle against fraud. The technology has already reportedly wasted hundreds of hours of scammers’ time, showcasing its potential as a valuable tool in slowing down fraudulent activities.

A Critical Perspective

Despite the innovative approach represented by Daisy, it is essential to critically assess the broader implications of using AI in this context. While Daisy effectively occupies scammers, the underlying issue of phone fraud remains pervasive. The reliance on technology like Daisy raises questions about the long-term effectiveness of such solutions. Can a virtual grandma truly replace the need for comprehensive education and awareness programs aimed at preventing scams?Moreover, the costs associated with developing and maintaining such advanced AI systems can be substantial. As noted in various reports, including those from McKinsey & Company, the financial investment required for AI solutions can reach millions of dollars annually. This raises concerns about the sustainability of relying solely on AI to combat fraud, especially when scammers continuously adapt their tactics.

The Need for a Multi-Faceted Approach

Experts agree that a multi-faceted approach is necessary to effectively combat phone scams. While Daisy serves as an innovative tool, it should be part of a broader strategy that includes public education, awareness campaigns, and international cooperation among law enforcement agencies. Programs aimed at educating vulnerable populations, particularly the elderly, about the risks of phone scams are crucial in reducing the number of victims.Additionally, collaboration between telecom operators and law enforcement can enhance the effectiveness of anti-fraud measures. By sharing information about emerging scams and developing proactive strategies, stakeholders can create a more robust defense against fraud.

Conclusion

The introduction of Daisy, the AI granny, represents a fascinating development in the fight against phone scams. While her ability to waste scammers’ time is commendable, it is vital to recognize that technology alone cannot solve the problem. A comprehensive approach that combines innovative AI solutions with education, awareness, and collaboration is essential for effectively combating the growing threat of phone fraud.As we navigate this new landscape, it is crucial to remain vigilant and proactive in protecting ourselves and our communities from the ever-evolving tactics of scammers. With any luck, Daisy will inspire a legion of fierce fake grandmothers ready to fight fraud, but we must also invest in broader strategies to ensure lasting change. I believe that the introduction of Grandma Daisy is merely a temporary solution to make scammers aware that they are not untouchable; however, in the future, we will find better ways to address this issue.

Sources:

  1. https://spidersweb.pl/2024/11/daisy-babcia-ai.html
  2. IEEE Security & Privacy – The State of AI in Cybersecurity 2024: ieee.org
  3. https://www.cbsnews.com/news/ai-grandma-daisy-uk-anti-fraud-scammers-virgin-media-o2/
  4. https://www.forbes.com/sites/lesliekatz/2024/11/15/introducing-daisy-an-ai-granny-outwitting-scammers-one-call-at-a-time/
  5. Instagram – cyfrowa_inteligencja_pl

Written with help of you.com

Tagged ,

Cryptocurrency’s Dark Side: Money Laundering and Other Criminal Activities

Reading Time: 3 minutes

Cryptocurrency’s Dark Side:

Cryptocurrency has become increasingly popular in recent years, but its anonymous nature and ease of use have also made it a prime target for criminals. Money laundering, drug trafficking, and terrorist financing are just a few of the illicit activities that cryptocurrency has been used to facilitate.

One of the biggest challenges in combating cryptocurrency-related crime is the difficulty of tracing transactions. Unlike traditional financial transactions, cryptocurrency transactions are not subject to the same regulatory oversight. This makes it difficult for law enforcement to track down criminals and recover stolen funds. Another challenge is the international nature of cryptocurrency transactions. Criminals can easily transfer cryptocurrency across borders, making it difficult for law enforcement to jurisdictionally investigate and prosecute crimes.

Despite these challenges, there are a number of steps that can be taken to address the use of cryptocurrency for criminal purposes. One important step is to increase regulation of the cryptocurrency industry. This would help to increase transparency and make it more difficult for criminals to use cryptocurrency anonymously. Another important step is to improve international cooperation in investigating and prosecuting cryptocurrency-related crimes. Law enforcement agencies need to be able to share information and coordinate their efforts across borders in order to effectively combat this type of crime.

Market Manipulation

Cryptocurrency markets are highly susceptible to manipulation. This is due in part to the lack of regulation and the relatively small size of the cryptocurrency market.

One common form of market manipulation is wash trading. Wash trading is when an insider buys and sells the same cryptocurrency at the same time in order to create artificial trading volume. This can make the cryptocurrency appear more popular and valuable than it actually is.

Another common form of market manipulation is front-running. Front-running is when an insider uses their knowledge of upcoming trades to place their own trades ahead of time. This allows them to profit from the price movements that they have created.

Market manipulation can have a significant impact on investors. When investors are misled into believing that a cryptocurrency is more valuable than it actually is, they may be more likely to invest in it. This can lead to significant losses when the price of the cryptocurrency eventually falls.

There are a number of steps that can be taken to address market manipulation in the cryptocurrency market. One important step is to increase regulation. Regulation would help to increase transparency and make it more difficult for insiders to manipulate the market.

Another important step is to educate investors about the risks of market manipulation. Investors need to be aware of the different ways in which the market can be manipulated and how to protect themselves from becoming victims.

Investment Risks

Cryptocurrency is a very risky investment. Cryptocurrencies are volatile and unregulated, which means that their prices can fluctuate wildly. This makes them a poor choice for investors who are not comfortable with a high degree of risk.

In addition, cryptocurrency exchanges have been hacked on numerous occasions, resulting in the theft of millions of dollars worth of cryptocurrency. Investors also face the risk of losing their cryptocurrency if they forget their private keys or if their wallets are compromised.

Another risk associated with cryptocurrency investment is the potential for fraud. There have been a number of cases of cryptocurrency scams and Ponzi schemes. Investors need to be careful and do their research before investing in any cryptocurrency.

Environmental Impact

Cryptocurrency mining is a very energy-intensive process. In 2021, the Bitcoin network consumed more electricity than the entire country of Argentina. This is a major environmental concern, as it contributes to climate change.

In addition, cryptocurrency mining often takes place in countries with cheap electricity and lax environmental regulations. This can lead to environmental damage, such as air pollution and water contamination.

There are a number of ways to reduce the environmental impact of cryptocurrency mining. One way is to use renewable energy sources to power mining operations. Another way is to develop more efficient mining hardware.

Regulatory Challenges

Cryptocurrency is still a relatively new asset class, and there is no clear regulatory framework in place. This makes it difficult for investors to protect themselves from fraud and other abuses.

In addition, the lack of regulation makes it difficult for law enforcement to track down and prosecute criminals who use cryptocurrency.

There are a number of regulatory challenges that need to be addressed in order to create a more stable and secure cryptocurrency market. One challenge is to develop clear regulations that protect investors and prevent fraud. Another challenge is to develop international regulations that coordinate the oversight of cryptocurrency markets across borders.

Conclusion

Cryptocurrency has the potential to revolutionize the financial system, but it is important to be aware of the dark side of cryptocurrency before investing. Investors should carefully consider their risk tolerance and investment goals before making any decisions.

https://crypto.news/various-crypto-scams-cost-users-over-32m-in-october/

https://www.electronicpaymentsinternational.com/news/signal-cryptos-dark-side-is-back-in-the-news-how-bad-is-it-really/?cf-view

https://www.coindesk.com/consensus-magazine/2023/10/20/unraveling-the-dark-side-of-crypto/

https://cryptopotato.com/dark-side-of-crypto-etf-approval-unveiling-the-hidden-risks-and-challenges-for-markets-and-investors/

https://www.financemagnates.com/cryptocurrency/education-centre/the-dark-side-of-the-blockchain/

Engine Used: DeepAI

Tagged , , , , ,

Digital Immunity: Your Software’s Superpower in a Connected World

Reading Time: 2 minutes
Five worthy reads: Digital immune systems—your first line of defense  against cyberattacks - ManageEngine Blog

In our digital age, where cyber threats loom large, Digital Immune Systems (DIS) are like superheroes for software, shielding it from bugs and security threats. This powerful approach not only makes software resilient but also ensures a seamless user experience. Let’s dive into what DIS is all about, why it matters, and how you can strengthen your software’s immune system.

Digital Immune System Decoded: DIS is like a shield, swiftly protecting software from bugs and security breaches. Its goal is clear: make applications resilient, reduce business risks, and, most importantly, keep users happy. By 2025, organizations investing in DIS are expected to cut downtime by 80%, a testament to its crucial role in keeping operations smooth.

Essential Components of DIS:

  1. Observability: Transparent systems are resilient. Observability means real-time monitoring, catching and fixing issues on the fly, making user experiences better.
  2. AI-Augmented Testing: Let AI handle testing independently, identifying issues early without human intervention.
  3. Chaos Engineering: Controlled disruptions in testing, preparing teams for real-world challenges.
  4. Auto-Remediation: Applications that can fix themselves, ensuring uninterrupted service without human help.
  5. Application Security: Safeguarding the software supply chain with security measures and strong version control.
  6. Site Reliability Engineering (SRE): Balancing speed and stability for a fantastic user experience.

Why DIS Matters for Software: DIS not only reduces business risks but also boosts software quality. Real-time threat detection, continuous monitoring, and meeting security requirements ensure a proactive defense against cyber threats.

Linking Digital Immunity to Software Quality: Automated testing and continuous monitoring, integral to DIS, ensure fast and top-quality software releases. The aim is to make software immune to bugs and vulnerabilities right from the start, ensuring efficiency and performance.

Achieving a Healthy Digital Immune System: Automate code changes, increase testing coverage, and leverage technology like APIs. Sauce Labs, with its testing solutions, helps identify risks quickly and securely.

In a Nutshell: In our digital-heavy world, DIS is your software’s superhero. Investing in a robust digital immune system protects your digital assets, ensures smooth operations, delights users, and fortifies software quality.

Opinion: This insightful information about Digital Immunity brilliantly demystifies the complex world of software development, making the concept accessible and highlighting its pivotal role in safeguarding against cyber threats. The clear breakdown of key components and their real-world significance, coupled with practical tips for achieving a robust Digital Immune System, empowers you with actionable insights. In a landscape where digital security is paramount, this piece not only underscores the importance of DIS but also serves as a valuable guide for organizations aiming to fortify their software against evolving threats.

Questions for Readers: How do you think Digital Immune Systems will evolve as our digital world keeps growing, and what extra steps would you recommend for safeguarding software development against new threats?

Resources: What is Digital Immune System? | Overview of Digital Immunity (site24x7.com), What Is A Digital Immune System? (saucelabs.com), Digital Immune System and its Key Compoenents (xenonstack.com), What Is a Digital Immune System and Why Does It Matter? (gartner.com), chat AI bing

Image: https://www.google.com/url?sa=i&url=https%3A%2F%2Fblogs.manageengine.com%2Fcorporate%2Fmanageengine%2F2023%2F06%2F30%2Fdigital-immune-systems-your-first-line-of-defense-against-cyberattacks.html&psig=AOvVaw3UVxvSyJosZ2lrNwm_SRsU&ust=1703096888926000&source=images&cd=vfe&opi=89978449&ved=0CBEQjRxqFwoTCPiQ-t2QnIMDFQAAAAAdAAAAABAD

Tagged , , , ,

An overview of cloud security

Reading Time: 9 minutes
Cloud Security Images - Free Download on Freepik

Cloud security is a collection of procedures and technology designed to address external and internal threats to business security. Organizations need cloud security as they move toward their digital transformation strategy and incorporate cloud-based tools and services as part of their infrastructure.

The terms digital transformation and cloud migration have been used regularly in enterprise settings over recent years. While both phrases can mean different things to different organizations, each is driven by a common denominator: the need for change.

As enterprises embrace these concepts and move toward optimizing their operational approach, new challenges arise when balancing productivity levels and security. While more modern technologies help organizations advance capabilities outside the confines of on-premise infrastructure, transitioning primarily to cloud-based environments can have several implications if not done securely.

Striking the right balance requires an understanding of how modern-day enterprises can benefit from the use of interconnected cloud technologies while deploying the best cloud security practices.

What is cloud computing?

The “cloud” or, more specifically, “cloud computing” refers to the process of accessing resources, software, and databases over the Internet and outside the confines of local hardware restrictions. This technology gives organizations flexibility when scaling their operations by offloading a portion, or majority, of their infrastructure management to third-party hosting providers.

The most common and widely adopted cloud computing services are:

  • IaaS (Infrastructure-as-a-Service): A hybrid approach, where organizations can manage some of their data and applications on-premise while relying on cloud providers to manage servers, hardware, networking, virtualization, and storage needs.
  • PaaS (Platform-as-a-Service): Gives organizations the ability to streamline their application development and delivery by providing a custom application framework that automatically manages operating systems, software updates, storage, and supporting infrastructure in the cloud.
  • SaaS (Software-as-a-Service): Cloud-based software hosted online and typically available on a subscription basis. Third-party providers manage all potential technical issues, such as data, middleware, servers, and storage, minimizing IT resource expenditures and streamlining maintenance and support functions.

Why is cloud security important?

In modern-day enterprises, there has been a growing transition to cloud-based environments and IaaS, Paas, or SaaS computing models. The dynamic nature of infrastructure management, especially in scaling applications and services, can bring a number of challenges to enterprises when adequately resourcing their departments. These as-a-service models give organizations the ability to offload many of the time-consuming, IT-related tasks.

As companies continue to migrate to the cloud, understanding the security requirements for keeping data safe has become critical. While third-party cloud computing providers may take on the management of this infrastructure, the responsibility of data asset security and accountability doesn’t necessarily shift along with it.

By default, most cloud providers follow best security practices and take active steps to protect the integrity of their servers. However, organizations need to make their own considerations when protecting data, applications, and workloads running on the cloud.

Security threats have become more advanced as the digital landscape continues to evolve. These threats explicitly target cloud computing providers due to an organization’s overall lack of visibility in data access and movement. Without taking active steps to improve their cloud security, organizations can face significant governance and compliance risks when managing client information, regardless of where it is stored.

Cloud security should be an important topic of discussion regardless of the size of your enterprise.  Cloud infrastructure supports nearly all aspects of modern computing in all industries and across multiple verticals.

However, successful cloud adoption is dependent on putting in place adequate countermeasures to defend against modern-day cyberattacks. Regardless of whether your organization operates in a public, private, or hybrid cloud environment, cloud security solutions and best practices are a necessity when ensuring business continuity.

What are some cloud security challenges?

Lack of visibility
It’s easy to lose track of how your data is being accessed and by whom, since many cloud services are accessed outside of corporate networks and through third parties.

Multitenancy
Public cloud environments house multiple client infrastructures under the same umbrella, so it’s possible your hosted services can get compromised by malicious attackers as collateral damage when targeting other businesses.

Access management and shadow IT
While enterprises may be able to successfully manage and restrict access points across on-premises systems, administering these same levels of restrictions can be challenging in cloud environments. This can be dangerous for organizations that don’t deploy bring-your-own device (BYOD) policies and allow unfiltered access to cloud services from any device or geolocation.

Compliance
Regulatory compliance management is oftentimes a source of confusion for enterprises using public or hybrid cloud deployments. Overall accountability for data privacy and security still rests with the enterprise, and heavy reliance on third-party solutions to manage this component can lead to costly compliance issues.

Misconfigurations
Misconfigured assets accounted for 86% of breached records in 2019, making the inadvertent insider a key issue for cloud computing environments. Misconfigurations can include leaving default administrative passwords in place, or not creating appropriate privacy settings.

What types of cloud security solutions are available?

Identity and access management (IAM)
Identity and access management (IAM) tools and services allow enterprises to deploy policy-driven enforcement protocols for all users attempting to access both on-premises and cloud-based services. The core functionality of IAM is to create digital identities for all users so they can be actively monitored and restricted when necessary during all data interactions

Data loss prevention (DLP)
Data loss prevention (DLP) services offer a set of tools and services designed to ensure the security of regulated cloud data. DLP solutions use a combination of remediation alerts, data encryption, and other preventative measures to protect all stored data, whether at rest or in motion.

Security information and event management (SIEM)
Security information and event management (SIEM) provides a comprehensive security orchestration solution that automates threat monitoring, detection, and response in cloud-based environments. Using artificial intelligence (AI)-driven technologies to correlate log data across multiple platforms and digital assets, SIEM technology gives IT teams the ability to successfully apply their network security protocols while being able to quickly react to any potential threats.

Business continuity and disaster recovery
Regardless of the preventative measures organizations have in place for their on-premise and cloud-based infrastructures, data breaches and disruptive outages can still occur. Enterprises must be able to quickly react to newly discovered vulnerabilities or significant system outages as soon as possible. Disaster recovery solutions are a staple in cloud security and provide organizations with the tools, services, and protocols necessary to expedite the recovery of lost data and resume normal business operations.

An overview of cloud security

Cloud security is a collection of procedures and technology designed to address external and internal threats to business security. Organizations need cloud security as they move toward their digital transformation strategy and incorporate cloud-based tools and services as part of their infrastructure.

The terms digital transformation and cloud migration have been used regularly in enterprise settings over recent years. While both phrases can mean different things to different organizations, each is driven by a common denominator: the need for change.

As enterprises embrace these concepts and move toward optimizing their operational approach, new challenges arise when balancing productivity levels and security. While more modern technologies help organizations advance capabilities outside the confines of on-premise infrastructure, transitioning primarily to cloud-based environments can have several implications if not done securely.

Striking the right balance requires an understanding of how modern-day enterprises can benefit from the use of interconnected cloud technologies while deploying the best cloud security practices.
Learn more about cloud security solutions What is cloud computing?

The “cloud” or, more specifically, “cloud computing” refers to the process of accessing resources, software, and databases over the Internet and outside the confines of local hardware restrictions. This technology gives organizations flexibility when scaling their operations by offloading a portion, or majority, of their infrastructure management to third-party hosting providers.

The most common and widely adopted cloud computing services are:

  • IaaS (Infrastructure-as-a-Service): A hybrid approach, where organizations can manage some of their data and applications on-premise while relying on cloud providers to manage servers, hardware, networking, virtualization, and storage needs.
  • PaaS (Platform-as-a-Service): Gives organizations the ability to streamline their application development and delivery by providing a custom application framework that automatically manages operating systems, software updates, storage, and supporting infrastructure in the cloud.
  • SaaS (Software-as-a-Service): Cloud-based software hosted online and typically available on a subscription basis. Third-party providers manage all potential technical issues, such as data, middleware, servers, and storage, minimizing IT resource expenditures and streamlining maintenance and support functions.

Why is cloud security important?

In modern-day enterprises, there has been a growing transition to cloud-based environments and IaaS, Paas, or SaaS computing models. The dynamic nature of infrastructure management, especially in scaling applications and services, can bring a number of challenges to enterprises when adequately resourcing their departments. These as-a-service models give organizations the ability to offload many of the time-consuming, IT-related tasks.

As companies continue to migrate to the cloud, understanding the security requirements for keeping data safe has become critical. While third-party cloud computing providers may take on the management of this infrastructure, the responsibility of data asset security and accountability doesn’t necessarily shift along with it.

By default, most cloud providers follow best security practices and take active steps to protect the integrity of their servers. However, organizations need to make their own considerations when protecting data, applications, and workloads running on the cloud.

Security threats have become more advanced as the digital landscape continues to evolve. These threats explicitly target cloud computing providers due to an organization’s overall lack of visibility in data access and movement. Without taking active steps to improve their cloud security, organizations can face significant governance and compliance risks when managing client information, regardless of where it is stored.

Cloud security should be an important topic of discussion regardless of the size of your enterprise.  Cloud infrastructure supports nearly all aspects of modern computing in all industries and across multiple verticals.

However, successful cloud adoption is dependent on putting in place adequate countermeasures to defend against modern-day cyberattacks. Regardless of whether your organization operates in a public, private, or hybrid cloud environment, cloud security solutions and best practices are a necessity when ensuring business continuity.What are some cloud security challenges?

Lack of visibility
It’s easy to lose track of how your data is being accessed and by whom, since many cloud services are accessed outside of corporate networks and through third parties.

Multitenancy
Public cloud environments house multiple client infrastructures under the same umbrella, so it’s possible your hosted services can get compromised by malicious attackers as collateral damage when targeting other businesses.

Access management and shadow IT
While enterprises may be able to successfully manage and restrict access points across on-premises systems, administering these same levels of restrictions can be challenging in cloud environments. This can be dangerous for organizations that don’t deploy bring-your-own device (BYOD) policies and allow unfiltered access to cloud services from any device or geolocation.

Compliance
Regulatory compliance management is oftentimes a source of confusion for enterprises using public or hybrid cloud deployments. Overall accountability for data privacy and security still rests with the enterprise, and heavy reliance on third-party solutions to manage this component can lead to costly compliance issues.

Misconfigurations
Misconfigured assets accounted for 86% of breached records in 2019, making the inadvertent insider a key issue for cloud computing environments. Misconfigurations can include leaving default administrative passwords in place, or not creating appropriate privacy settings.

What types of cloud security solutions are available?

Identity and access management (IAM)
Identity and access management (IAM) tools and services allow enterprises to deploy policy-driven enforcement protocols for all users attempting to access both on-premises and cloud-based services. The core functionality of IAM is to create digital identities for all users so they can be actively monitored and restricted when necessary during all data interactions

Data loss prevention (DLP)
Data loss prevention (DLP) services offer a set of tools and services designed to ensure the security of regulated cloud data. DLP solutions use a combination of remediation alerts, data encryption, and other preventative measures to protect all stored data, whether at rest or in motion.

Security information and event management (SIEM)
Security information and event management (SIEM) provides a comprehensive security orchestration solution that automates threat monitoring, detection, and response in cloud-based environments. Using artificial intelligence (AI)-driven technologies to correlate log data across multiple platforms and digital assets, SIEM technology gives IT teams the ability to successfully apply their network security protocols while being able to quickly react to any potential threats.

Business continuity and disaster recovery
Regardless of the preventative measures organizations have in place for their on-premise and cloud-based infrastructures, data breaches and disruptive outages can still occur. Enterprises must be able to quickly react to newly discovered vulnerabilities or significant system outages as soon as possible. Disaster recovery solutions are a staple in cloud security and provide organizations with the tools, services, and protocols necessary to expedite the recovery of lost data and resume normal business operations.

How should you approach cloud security?

The way to approach cloud security is different for every organization and can be dependent on several variables. However, the National Institute of Standards and Technology (NIST) has made a list of best practices that can be followed to establish a secure and sustainable cloud computing framework.

The NIST has created necessary steps for every organization to self-assess their security preparedness and apply adequate preventative and recovery security measures to their systems. These principles are built on the NIST’s five pillars of a cybersecurity framework: Identify, Protect, Detect, Respond, and Recover.

Another emerging technology in cloud security that supports the execution of NIST’s cybersecurity framework is cloud security posture management (CSPM). CSPM solutions are designed to address a common flaw in many cloud environments – misconfigurations.

Cloud infrastructures that remain misconfigured by enterprises or even cloud providers can lead to several vulnerabilities that significantly increase an organization’s attack surface. CSPM addresses these issues by helping to organize and deploy the core components of cloud security. These include identity and access management (IAM), regulatory compliance management, traffic monitoring, threat response, risk mitigation, and digital asset management.

Overall:

The breakdown of common cloud computing services (IaaS, PaaS, and SaaS) adds clarity, aiding understanding of modern enterprise models. Adeptly addresses challenges, including lack of visibility, multitenancy issues, access management complexities, compliance concerns, and misconfigurations, offering valuable insights for organizations.

The recommended cloud security solutions (IAM, DLP, SIEM, Business Continuity, and Disaster Recovery) provide a comprehensive approach to risk mitigation. The article’s inclusion of NIST principles and the emerging technology CSPM further enriches its content.

In summary, the article serves as a valuable resource for organizations navigating cloud security complexities. Its blend of informative content, practical solutions, and insights into emerging technologies makes it an effective guide.

Resources:

What is Cloud Security? Cloud Security Defined | IBM

Image:

https://www.google.com/imgres?imgurl=https%3A%2F%2Fimages.rawpixel.com%2Fimage_800%2FczNmcy1wcml2YXRlL3Jhd3BpeGVsX2ltYWdlcy93ZWJzaXRlX2NvbnRlbnQvbHIvcGYtczEwNi1wbS02OTA1LmpwZw.jpg&tbnid=_mAq6Iv45–5nM&vet=12ahUKEwiW0aKY_9KCAxXA4AIHHdtUDDwQMygDegQIARBZ..i&imgrefurl=https%3A%2F%2Fwww.rawpixel.com%2Fsearch%2Fcloud%2520computing&docid=0m4X-jisoXZdTM&w=800&h=533&q=cloud%20security%20technology%20hd%20image&ved=2ahUKEwiW0aKY_9KCAxXA4AIHHdtUDDwQMygDegQIARBZ

Tagged , , ,

The Biggest Cloud Security Challenges

Reading Time: 4 minutes

What is Cloud security?

Cloud security is a branch of cyber security that focuses on safeguarding cloud computing platforms. This involves maintaining data privacy and security across internet infrastructure, apps, and platforms. The efforts of cloud providers and the clients that utilize them, whether an individual, small to medium corporation, or enterprise, are required to secure these systems.

Cloud providers use always-on internet connections to host services on their servers. Because their firm relies on consumer confidence, they deploy cloud security solutions to keep client data private and secure. However, cloud security is also partially in the hands of the customer. Understanding these aspects is critical for a successful cloud security solution.

Why Cloud security is imortant?

Business and personal data resided locally in the 1990s, and security was also local. Data would be stored on your personal PC’s internal storage and on business servers if you worked for a firm.

The introduction of cloud technology has compelled everyone to rethink cyber security. Your data and apps may be bouncing between local and distant servers — but they’re always online. If you use Google Docs on your smartphone or Salesforce software to manage your clients, the data might be stored anywhere. As a result, safeguarding it becomes more complicated than before it was only a matter of preventing unauthorized individuals from accessing your network.

Cloud security necessitates certain changes to prior IT processes, however it has grown increasingly important for two reasons:

  • Convenience over security. Cloud computing is rapidly becoming a key technique for both business and personal use. Because of innovation, new technology is being introduced faster than industry security regulations can catch up, putting additional responsibility on users and providers to address accessibility concerns.
  • Centralization and multi-tenant storage. Every component, from fundamental infrastructure to minor data such as emails and documents, may now be discovered and accessed remotely via 24/7 web-based connections. All of this data collection on the computers of a few large service providers can be quite harmful. Threat actors may now target enormous multi-organizational data centers and trigger massive data breaches 

What are the biggest Cloud security challenges?

As risks have developed and more sophisticated new assaults have emerged, it is now more vital than ever for enterprises to adopt security-first mindsets. Having said that, here are some of the most pressing difficulties we face this year, as well as how cloud security solutions may assist your firm in overcoming them.

Data Breaches

Failure to handle data properly (through purposeful encryption) exposes your company to significant compliance concerns, not to mention data breach penalties, fines, and substantial breaches of consumer confidence. Regardless of what your Service-Level Agreement (SLA) states, it is your responsibility to secure your customers’ and employees’ data.

IT workers have traditionally had extensive control over network infrastructure and physical hardware (firewalls, etc.) used to protect proprietary data. Some of those security controls are abandoned to a trusted partner in the cloud (in all scenarios, including private cloud, public cloud, and hybrid cloud scenarios), implying that cloud infrastructure might raise security concerns. Choosing the proper vendor with a proven track record of deploying robust security measures is critical to overcome this difficulty.

Compliance With Regulatory Mandates

It’s typical for corporations, particularly small and medium-sized businesses, to believe that just cooperating with a cloud solutions provider provides them with optimum security. However, there is more to it than meets the eye.

The correct cloud security solutions give the technological capability to comply with regulatory demands, but constant supervision and detailed attention to detail are required. The cloud provider provides cloud security under the responsibility model, whereas the end user provides cloud security.

Data loss

It’s natural to be concerned about the security of business-critical data when it’s moved to the cloud. Losing cloud data, whether by inadvertent deletion and human mistake, criminal manipulation including malware installation (i.e. DDoS), or a natural disaster that shuts down a cloud service provider, may be fatal for commercial businesses. A DDoS assault is frequently only a distraction for a more serious danger, such as an effort to steal or erase data.

To address this difficulty, it is critical to have a disaster recovery plan in place, as well as an integrated system to combat hostile assaults.

What types of cloud security solutions are available?

Identity and access management (IAM)

Enterprises may utilize identity and access management (IAM) technologies and services to install policy-driven enforcement methods for all users seeking to access both on-premises and cloud-based services. IAM’s fundamental capability is to generate digital identities for all users, allowing them to be actively monitored and limited as needed throughout all data exchanges.

Data loss prevention (DLP)

DLP (data loss prevention) services provide a set of tools and services designed to safeguard the security of regulated cloud data. DLP systems secure all stored data, whether at rest or in motion, by combining remediation warnings, data encryption, and other preventative measures.

Security information and event management (SIEM)

Security information and event management (SIEM) is a complete security orchestration solution for cloud-based settings that automates threat monitoring, detection, and response. SIEM technology, which uses artificial intelligence (AI)-driven technologies to correlate log data across many platforms and digital assets, enables IT professionals to successfully deploy network security policies while responding fast to any possible threats.

Business continuity and disaster recovery

Data breaches and disruptive disruptions can occur regardless of the precautionary measures that enterprises put in place for their on-premise and cloud-based infrastructures. Enterprises must be able to respond swiftly to newly identified vulnerabilities or large system failures. Disaster recovery solutions are a must-have in cloud security because they offer enterprises the tools, services, and standards needed to fast data recovery and restart regular company operations.

The security risks and challenges associated with cloud computing are not insurmountable. Enterprises may reap the benefits of cloud technology with the correct cloud service provider (CSP), technology, and planning.

The CDNetworks cloud security solution combines web speed with cutting-edge cloud security technologies. With 160 points of presence, our customers’ cloud-based assets are safeguarded with 24/7 end-to-end protection, including DDoS mitigation at the network and application levels, and their websites and cloud applications are expedited on a worldwide scale.

Resources:

https://www.skyhighsecurity.com/en-us/cybersecurity-defined/what-is-cloud-security.html

https://www.ibm.com/topics/cloud-security

https://www.kaspersky.com/resource-center/definitions/what-is-cloud-security

https://www.startus-insights.com/innovators-guide/cybersecurity-trends-innovation/

Tagged ,

Amazon has obliged drivers in the US to agree to collect data from cameras in vans – otherwise, they will not be able to deliver packages

Reading Time: 2 minutes

The company installed the cameras in February 2021, explaining that they were needed for safety.

Drivers of Amazon’s delivery service in the US must now sign a “biometric consent” form in order to continue working for the company [1], The Verge writes on March 24.

It involves agreeing to collect data from cameras installed in delivery vans. Drivers must agree to the use of “certain technology, including cameras” as a “condition of delivering packages for Amazon,” [2] according to Vice.

The drivers in question are those who rent Amazon vans under the Partner Service Delivery programme. According to Vice, about 75,000 drivers could be affected.

What kind of data the company will collect depends on what kind of equipment is installed in the vans, The Verge suggests. But the agreement implies a wide range of data to be collected. This includes cameras using facial recognition to confirm driver identity and connect to an account, according to Vice.

Among those collected, for example, is data on the van’s movement, including speed, acceleration, braking, turns and distance travelled, “potential traffic offences” such as speeding or unbuckling a seatbelt. As well as “potentially dangerous driving behaviour” – when the driver is distracted from the road or falling asleep.

The company says it installs the cameras for “safety” and “to improve delivery”. But some drivers have already refused to sign the agreement.

  • Amazon installed [3] artificial intelligence cameras in vans rented by drivers participating in the Partner Service Delivery programme in February. They have built-in software that can detect 16 different safety issues, including if drivers are distracted, speeding, braking sharply and more.
  • In early March, senators from five US states wrote to Amazon [4] saying that the use of surveillance cameras in delivery vans “raises important privacy and worker oversight issues that Amazon must respond to”.
  • In September 2020, human rights activists had already spoken out about the hard work at Amazon – for example, the company has an electronic employee monitoring system, there are cameras in warehouses and drivers’ locations are constantly recorded.

Sources:

[1] https://www.theverge.com/2021/3/24/22347945/amazon-delivery-drivers-ai-surveillance-cameras-vans-consent-form

[2] https://www.vice.com/en/article/dy8n3j/amazon-delivery-drivers-forced-to-sign-biometric-consent-form-or-lose-job

[3] https://www.cnbc.com/2021/02/03/amazon-using-ai-equipped-cameras-in-delivery-vans.html

[4] https://www.cnbc.com/2021/03/03/senators-question-amazon-about-cameras-monitoring-delivery-drivers.html

#technews #transport #amazon #ai #privacy #security

Tagged , , , ,

Microsoft Teams phishing campaign attack on O365 Users

Reading Time: 3 minutes

Image shows capabilities of Microsoft teams- a Network of sharing files, calendar, emotions, statics, comment, and mails.

© Image inserted from Microsoft News – news.microsoft.com

 

Due to the COVID-19 situation many Governments, Organisations, and businesses transform into online communication platforms or integrate into their system and use it as a primary communication channel. Universities and academic institutions all around the world also decide for a sudden shift to online learning in a short period of time.

According to the New York Times analysis of internet usage in the US and special services that allow us to work and learn from home increasing continuously.

 

© Image Screenshot from NY Times – App popularity according to iOS App Store rankings on March 16-18. · Source: Apptopia

 

At Kozminski our main communication channel is Microsoft Teams, MS Teams is one of the products of O365, and a very popular subscription services that MS offer academic institutions among Google G Suite, Zoom for Education, and many more.

Cloud-based communication platform security is a huge threat that we as a student, employer, and user-facing threats daily, it’s clear to us there is no perfection in SaaS. Startup, Footprint, Runtime, Responsiveness, Hangs, rendering, and so many more that we use to hear as BUGS, but Security Bugs is one of the scariest to end user because makes us a vulnerable and the main target.

Abnormal Security researchers warn of a phishing campaign that pretends to be an automated message from MS teams, but actually aims to steal the credentials of O365 recipients.

Phishing is a fraudulent attempt to obtain sensitive information or data, it’s a very popular and old technique of attack. This campaign attack was sent to 15,000 – 50,000 O365 users according to researchers with Abnormal Security

“Because Microsoft Teams is an instant-messaging service, recipients of this notification might be more apt to click on it so that they can respond quickly to whatever message they think they may have missed based on the notification,” said researchers in a Thursday analysis.

The phishing Email displays the name “There’s new activity in teams”, making look like it’s an automatic notification from Microsoft Teams.

As can be seen in the picture below, the email tells the recipient that his teammates are trying to reach him, warns him that he has missed the MS Teams Chat and shows an example of a teammate chat where he is asked to submit something.

 

Email Attack: The email is sent from the display name, ‘There’s new activity in Teams’, making it appear like an automated notification from Microsoft Teams.

© Image inserted from Abnormal Security

 

It’s certain that Using 2FA or Multi-FA will make an important additional layer, low coast solution In many cases, it does stop phishing attacks from succeeding but it doesn’t mean your are immune to attacks. Also according to MS365 administration official documentation first task is to “Set up multi-factor authentication” and apply to the user as required widely within the organization and the Second task “Train your users” Also Microsoft recommended The Harvard Kennedy School Cybersecurity Campaign Handbook guidance.

In my opinion, due to rapid changes and system integration, most IT Teams can not feed their users enough information and updates, and it’s time for us as the end-user to watch tutorials to familiarises ourselves and read more informations about our daily software/tools.

And here is to learn more about how to set up 2FA on your Microsoft account Step by Step

The Image show steps, how 2FA works on clients point of view.

© Image inserted from ZUKO TECH – Two-factor authentication (2FA)

 

Resource: Abnomal Security

MS = Microsoft Teams   –   O365 = Office 365   –   2FA = Two-Factor Authentication

Tagged , , ,

How facial recognition works

Reading Time: 3 minutesNowadays facial recognition systems become more and more popular. They are used by many companies, as well as certain countries as a way of detecting citizens. But how does facial recognition work?

Facial recognition is defined as a biometric software application with the ability of identifying a person by comparing their facial structure and patterns with data stored in a database. Every person has a unique facial pattern, and when other humans may not be able to easily distinguish it, software applications are capable of doing it within seconds. There are four steps that the software uses to recognise someone’s face.

Firstly, the camera will detect and recognize a face of a certain person, either when the person is alone, or in a crowd. Before there was a problem that occurred when the camera was not pointed directly at the front of the face, but nowadays the algorithm learned to deal with that issue.

Secondly, the photo of the face is taken and analysed. The software analyses over 80 facial features that differ from person to person, which are referred to as nodal points. Some of those features are obvious, such as shape of the eyes, but some of them are a lot more difficult to distinguish, for example distance between the eyes, shape and height of the cheekbones, or width of the nose.

After that, the analysis of the face is turned into lines of code and mathematical formulas. The features become numbers, and the code is referred to as faceprint. Just like with thumbprint, each person has unique faceprint.

After the code is obtained, it is compared with database of faceprints. The databases have millions of photos with necessary information. For example, the FBI has access to over 641 million photos. That includes 21 state databases, such as DMV, which are state level agencies that administer vehicle registration and driver licencing. The FBI also has access to Facebook’s databases, which store millions of photos tagged with person’s name. The software identifies matching information with data provided by databases. It then returns the match with attached personal information, such as name, age, address or even friends and family.

So where is facial recognition used? As you can probably imagine, there are great advantages of using the software in security purposes. Many airports all around the world use it to identify potential dangers. Facial recognition is also used in device security. Many new phones offer a possibility to use your face to unlock the phone, instead of using a pin code or symbol.

As you can probably guess, there are many ongoing controversies concerning facial recognition. Some people claim that it is an invasion of privacy. Other claim that it doesn’t work properly or can be easily deceived. The main concern surrounding facial recognition is that the data gathered by the software and stored in databases might get leaked or simply hacked and used with malicious intent.

In conclusion, facial recognition technology brings lots of possibilities in terms of safety and security, as long as the data itself stays secure. The possible misuses of such data are endless and might cause a serious danger in the future.

References:

https://en.wikipedia.org/wiki/Facial_recognition_system

www.pandasecurity.com/mediacenter/panda-security/facial-recognition-technology/

Tagged , , ,

50 000 Printers hacked in order to prolong PewDiePie’s number one spot on YouTube.

Reading Time: 3 minutes

Felix Kjellberg, a swedish YouTuber known as PewDiePie, is in the middle of a “YouTube subscribers war” where the prize is the number on spot considering the amount of subscribers on a channel. The war is fought between him and T-Series, an Indian media company which does bollywood music videos. Right now T-Series is the fastest growing channel on YouTube and has the number one spot regarding video views.

We’ve seen lots of posts, tweets, videos with people preaching the message of helping Felix remain the number one by subscribing to him, we’ve even had another YouTuber buy billboards to spread the message.

But this is like nothing before. Twitter user known as TheHackerGiraffe has found an exploit that enabled him to hack 50 thousand printers. First words about it came from twitter where people thought it was actually PewDiePie’s propaganda. PewDiePie took a bit of hate to the face because of this, but not enough to affect him – it’s not the first time and not the last time he gets bullied.

 

Because of this event the subscriber war took a twist and PewDiePie is still number one but not for long since T-Series is growing 4 times quicker. Here’s a live sub counter from YouTube provided by FlareTV

A bit about the technical side of the “hack”.

“TheHackerGiraffe scanned the Internet to find the list of vulnerable printers with port 9100 open using Shodan, a search engine for internet-connected devices and exploited them to spew out a message.

The hacker mainly uses an open-source hacking tool to exploit vulnerable printers, called Printer Exploitation Toolkit (PRET), which has been designed for testing printers against various known vulnerabilities, allowing attackers to capture or manipulate print jobs.”

The Hacker News

Apparently this is more of a trick than a hack. It’s not very complicated and it’s already been done by a hacker called Weev in 2016 in order to broaden antisemitism and by another hacker in 2017 who just printed silly drawings on around 150 000 printers.

TheHackerGiraffe in his AMA on reddit claimed that he hacked only 50 000 out of 800 000 potential printers that are still exposed to attacks. In perspective, that’s a lot of printers to be used in a bad way like phishing, blackmailing or just simply abusing it. It shows how insecure IPP/LPD printers are – especially when they’re not up-to-date. To somehow portray how easy this attack may be TheHackerGiffare wrote:

Think of it as a giant print button on the internet.

Having this power in his hands our “Friendly Giraffe” instead of abusing it he decided to help a YouTuber he liked and out of all the options he had – he decided to send the following message:

It’s a good way to raise awareness about security. This trick could have cost companies a lot of money since ink and paper doesn’t come for free. On top of that a trick like that could be pulled off by a kid and they could suffer consequences because of that. It is said that all a hacker need is your Fax number to hack your printer. At the end of the day a fun little game of a subscriber war has thought us a lesson about our security.

S:
https://thehackernews.com/2018/11/pewdiepie-printer-hack.html
https://www.zdnet.com/article/twitter-user-hacks-50000-printers-to-tell-people-to-subscribe-to-pewdiepie/
https://www.reddit.com/r/AMA/comments/a1wo96/i_hacked_50000_printers_worldwide_out_of/
twitter

Tagged , , , , , , ,

The Future of Security – Highlights from O. Brodt’s speech at Masters&Robots Conference 2017

Reading Time: 5 minutesOleg Brodt works at Deutsche Telekom Innovation Labs in Israel. He comes from the small city called Beersheba, also spelled Beer-Sheva, which also is the largest city in the Negev desert of southern Israel. In the end of October this year he spoke at Masters&Robots Conference in Warsaw, and I would like to present some of the highlights of his speech on cyber security.

 

1. Beersheba – as a Cyber Security Center of Israel

Israeli government decided that Beersheba is going to be a cyber security capital of Israel (being more than 4 times smaller than Warsaw). Therefore, all the cyber security units of military and other agencies were moved to this city. That is what made a great impact on Beersheba’s development and stimulated the inflow of human capital into the city. Nowadays there are 40 multinational companies located in Beersheba. There are also many accelerators, incubators, around 100 Start-Ups and the Ben-Gurion University, which is the only university in Israel offering a cyber security degree. Generally, there are around 400 Start-Ups focused on cyber security in Israel, furthermore, the country attracts 15% of global venture capital financing of cyber security projects.

Beersheba 2007

Beersheba 2017

 

 

 

 

 

 

 

2. Cyber Security Kids – Israeli Programs for Talented Pupils

In Israel children, who are good at math and IT, have a chance to become a part of the educational programs, which are aimed to prepare human resources for Israeli military units. Those are usually kids, who go to 9th grade. If the kid is cherrypicked, he or she attends the after school classes on cyber security twice a week during four years of high school and after this, he or she joins the army unit.

By the time a child finishes a school, he or she is already an expert in cyber security. Moreover, there is a 6-months gap between the kid finishes school studies and joins the military agency, and during that gap, a kid already works on military CS projects in IT labs. Those are the lowest qualified workers in Israeli IT Labs. The IT labs are being headed by professor Yuval Elovici, who is a known academic figure in the field of CS.

3. There are Different Kinds of Attackers in CS

  • Kids (“Script Kiddies”) – just children, who are bored, they have spare time and technical skills to hack you. They have some basic knowledge, and start to play around with CS, however, they are lowly qualified and normally can not do a lot of harm. Moreover, kids are hacking for “FUN”, there is no real money interest in it.
  • State Actors – governments, which hack each other or specific targets. They are extremely highly qualified, and if you are the target – it will be very difficult to defend. Also, they have “unlimited resources” to hack you, which means they are very dangerous and if they really want to hack you, it is a question of time.
  • Cybercriminals – revenue driven hackers, who aim to get a financial benefit from you.
  • Hacktivism – is the subversive use of computers and computer networks to promote a political agenda or a social change. Perhaps the most prolific and well known hacktivist group, Anonymous has been prominent and prevalent in many major online hacks over the past decade.
  • Terror Organizations – not very active in the field of CS yet, but are increasing their activity gradually.

4. Financial Models of Attackers

There are also different ways attackers might harm you and there are some of them:

  • Ransomware – a type of malicious software from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.
  • DDOS-as-a-Service – a new service in the Darknet. If you want to attack your competitor in the internet (for example internet shop), you order such a service in the Darknet from qualified hackers, and than they attack the e-commerce platform of your competitor in a way that it gets too many requests and falls offline.
  • Crypto-Hacks – is something relatively new, and means that hackers attack bitcoins exchangers in order to still their money.
  • Darkweb hacking services – there are even whole price lists for certain violations in the Darkweb. For example, how much does it cost to buy a thousand credit cards, or to hack somebody’s Facebook account.

5. It Is Not Personal – When Hacking You is a Business

  • The hackers, who attack you because of financial motivation are interested only in getting the money. They really do not care who you are, they are not hacking you because you are you, they are hacking you because of your resources. And the most popular way to hack during last two years is ransomware. Due to its “commonness”, there starts to arise a commoditization of the services connected to ransomware, so to say. In other words, hackers, who attack you with ransomware have support centers! So, for example, if you get hacked, and your entire organization data in currently encrypted, you get a message that you have to pay a ransom in bitcoins, but you do not know what actually bitcoin is – you may address hackers’ customer service for help. Yes, you get a phone number on your screen, and if you call on this number – a nice customer service representative guide you through the whole process. Sounds nice, hah?
  • Organizations, which are specialized in negotiations with hackers arise. For example: you are being hacked, and the attacker wants you to pay 5000$ ransom for your files. But how can you know that after the transfer of the money the files will be released? That is where negotiations companies come into play. First, they try to establish a reputation of the hacker – they ask him questions like: “How do I know that you are not going to publish my files in the Darkweb?” or “How do I know that you are not going to sell my files to other organizations?” And what happens next is something surprising – hackers give lists of “previous customers” (people or organizations, which were hacked by them before) to convince the victim that the deal is safe. They also propose to refer to those “customers” to get a recommendation. So there exists so-called recommendation base for hackers, in which new negotiations companies are specialized.

Sources:

  • https://en.wikipedia.org/wiki/Ransomware
  • https://en.wikipedia.org/wiki/Beersheba
  • Oleg’s Brodt Speech at Masters&Robots Conference in Warsaw (26-27 October 2017)

 

Tagged , , ,