Artificial intelligence has the potential to bring a select set of advanced techniques to the table when it comes to cyber offense, researchers say. According to Darktrace (.PDF) researchers, the current threat landscape is full of everything from script kiddies and opportunistic attacks to advanced, state-sponsored assaults, and in the latter sense, attacks continue to evolve.
However, for each sophisticated attack currently in use, there is the potential for further development through the future use of AI. Within the report, the cybersecurity firm documented three active threats in the wild which have been detected within the past 12 months.
Read more about the findings of the report on ZDNet.
While it is likely that the breach activity of 2018 won’t reach the level of 2017, a look back at the first nine months suggests that 2018 is on pace to be another significant year for breaches, according to Risk Based Security.
The 2018 Q3 Data Breach QuickView Report found that 3,676 data compromise events were disclosed between 1 January and 30 September, exposing 3.6 billion records. However high those numbers might seem, and despite the consistent pace at which disclosures are reported, 2018 is not expected to see the record number of breaches reported in 2017.
Enterprises identify 870 unique vulnerabilities on their systems every day, on average. Of those, more than 100 are rated as critical on the common vulnerability scoring system (CVSS) according to a new report. The Vulnerability Intelligence Report from cyber risk company Tenable is based on analysis of anonymized data from 900,000 vulnerability assessments across 2,100 enterprises.
It estimates that the industry is on track to disclose up to 19,000 new vulnerabilities in 2018, an increase of 27 percent over 2017. Yet in 2017, public exploits were available for only seven percent of all vulnerabilities, meaning that 93 percent of all vulnerabilities posed only theoretical risk.
Read more about the findings of the new Tenable report on BetaNews.
Three quarters of organizations plan to buy more cloud security tools in 2019 as a means to better secure increasingly complex cloud environments, new research shows. The data comes from Alcide, which today released its “2018 Report: The State of Securing Cloud Workloads.” Nearly 350 security, DevOps, and IT pros weighed in to share their cloud security plans. Most are struggling to secure complex cloud setups, and think more tools will help.
Results show cloud security workflows remain fragmented. Across all company sizes, about 53% of respondents distribute their cloud workloads across a hybrid infrastructure; 18% use multi-cloud. The larger the business, the higher the degree of fragmentation, researchers found.
Read more about the findings of the Alcide research on DarkReading.
The Pentagon and the US intelligence community plan to launch a counter-cyberattack on Russia if the country interferes with US midterm elections, according to a recent report from the Center for Public Integrity. In preparation, US military hackers have already been given permission to access Russian cybersystems necessary to complete the attack, said the report.
This movement is one of the cyber battle plans organized since President Donald Trump signed an executive order that streamlines the review of such operations, said the report. Essentially, the new policy allows for potential offensive actions to be executed more quickly upon attack.
Read more about how the US plans to combat possible Russian influence in the midterm elections on TechRepublic.
Cyber-criminals could sell someone’s complete digital life – including social media accounts, banking details, app data, gaming accounts and even remote access to servers or desktops – for less than $50 on the dark web, according to a new study from Kaspersky Lab.
The research is based on an investigation of dark web markets, revealing that the price paid for a single breached account is even lower – at about $1 each. Many criminals sell accounts in bulk and some even offer a “lifetime warranty,” so if an account a buyer has purchased stops working, they receive a new one for free. Although the resale value of stolen data is low, cyber-criminals can still use it in many ways, from stealing money to committing crimes under the disguise of someone else’s identity.
The U.S. trade war with China is focused on products ranging from agricultural goods to household appliances, but the United States and other democracies should worry about a different type of Chinese export: digital authoritarianism.
China has consistently been ranked by digital advocates as the world’s worst abuser of internet freedom. The country, however, isn’t just tightening online controls at home but is becoming more brazen in exporting some of those techniques abroad including in Africa, says a new report from the U.S.-based think tank Freedom House.
Huawei has denied that it assisted the Chinese government in infiltrating a foreign network to gain information, following reports over the weekend to the contrary. “Huawei categorically denies it has ever provided, or been asked to provide, customer information for any government or organisation,” a Huawei spokesperson told ZDNet.
“These baseless accusations are made without any evidence whatsoever.” The denial followed reports by The Australian that it had “confirmed from a national security source” that Huawei staffers were used by Chinese intelligence to “get access codes to infiltrate a foreign network”, including providing password and network details.
Cyberattacks targeting energy and utilities firms have increased inside enterprise IT networks, rather than the critical infrastructure, according to Vectra’s2018 Spotlight Report on Energy and Utilities. This discovery emphasizes the need for companies to make efforts to locate hidden threat behaviors early, said the press release.
Orchestrated cyberattack campaigns typically occur over many months, said the release. Attacks against energy and utilities networks have occurred for years, acting as slow, quiet, unique attacks that observe operator behaviors.
Read more about the findings of the new Vectra report on TechRepublic.
Malware is still being delivered to industrial facilities via USB removable storage devices and some threats can cause significant disruptions, according to a report by Honeywell. The industrial giant last year launched SMX, a product designed to protect facilities from USB-born threats. The company also uses it to determine the risk posed by USB drives to such organizations.
Honeywell has analyzed data collected from 50 locations across the U.S., South America, Europe and the Middle East. The enterprises in the study represented the energy, oil and gas, chemical manufacturing, pulp and paper, and other sectors. Honeywell said its product had blocked at least one suspicious file in 44% of the analyzed locations. Of the neutralized threats, 26% could have caused major disruptions to industrial control systems (ICS).
Read more about the findings of the Honeywell research on SecurityWeek.