The Fiji Times »Ransomware and AI Monitoring
Ransomware attacks have reached “stratospheric” levels and now account for nearly 70% of all attacks that use any form of malware or malicious software, that is, any software intentionally designed by hackers to steal data. data, damage or operate any electronic device. This is a 30% jump from the same period in 2020.
The most common targets for ransomware in the second quarter of 2021 were government, medical and industrial companies as well as scientific and educational institutions, according to a recent report from the world’s leading cybersecurity provider Positive Technologies.
The overall percentage of attacks on government agencies rose to 20 percent in the second quarter, from 12 percent in the first quarter. Third-party ransomware (using Ransomware-as-a-service) was involved in almost 75% of all of these malware-related attacks.
In the second quarter, the industrial sector was involved in 80% of global malware attacks. Citing a specific incident, Positive Technologies said it found a new type of remote administration tool (RAT) called B-JDUN, which was used to target an energy company. They do not specify whether nuclear power plants were involved, although these cyber attacks on critical infrastructure are a worrying trend and are now classified by governments as having an impact on national security.
The volume of ransomware attacks had already increased in April of this year. But in early May, cyber attacks targeted the US Colonial Pipeline and the District of Columbia Police Department. Such attacks have revealed the boldness and daring of today’s ransomware gangs. But they also sparked unwanted advertising, drawing the attention of law enforcement agencies and eventually the US government, which led to efforts to crack down on ransomware attacks by US federal agencies and international law enforcement.
As a result, cybercriminals have since started to change their ways, relying less on partners or customers (to ransomware-as-a-service) to carry out attacks and monitoring their cyber attacks more closely. Some have also promised to leave out certain industries, such as those involved in operations or critical infrastructure.
Due to bad publicity and law enforcement efforts, disputes have arisen on Dark Web forums questioning the nature of ransomware. Several forums have since banned posts related to partner ransomware programs or services. Some forum users even said that the ransomware gangs should stop what they are doing and find a different way to make money.
Does that mean ransomware operators will turn a new leaf and see their mistake? Barely, according to Positive Technologies. In fact, I think it’s extremely unlikely that ransomware hacker groups responsible for large-scale attacks will leave such a profitable company and rather wait for things to fall apart before developing a new approach. They can even temporarily shut down and start operations under a new alias, using the downtime to refine their ransomware attack strategies and come up with more innovative malware.
With ransomware likely to remain a major threat, here are some tips on how organizations can protect themselves;
- Install security updates. Make sure you install security updates in a timely manner;
- Fully investigate any major attack. Conduct in-depth investigations of all major incidents to uncover points of compromise and uncover any vulnerabilities exploited by attackers. Also, make sure the hackers haven’t left any back doors for themselves to come back;
- Strengthen perimeter security. You can strengthen security around the corporate perimeter by using modern security tools, such as web application firewalls to protect web resources. To prevent malware infections, use sandboxes that analyze the behavior of files in a virtual environment to detect malicious activity; and
- Finally, benefit from regular cyber vulnerability and risk assessments by an independent cybersecurity consultant to monitor the cybersecurity status of your information systems.
Artificial intelligence (AI) has made video surveillance automated and frankly terrifying. Summarized from an ACLU report and trial a few years ago, AI can now flag people based on their clothes or behavior, identify people’s emotions, and find people taking action ” unusually ”.
In the past, surveillance cameras were passive devices. Maybe they just recorded and no one watched the video unless they needed it, for example if a crime was committed. Usually a bored guard would look at a dozen different screens, looking for something interesting. In both cases, the video was only stored for a few days because the storage was expensive.
In developed countries, this is no longer the case. Advances in video analytics, powered by AI techniques such as machine learning, now allow computers to watch and understand surveillance video! Identification technologies make it easier to know who is in videos. And finally, the cameras themselves have gotten cheaper, more ubiquitous, and much better; The cameras mounted on drones can effectively monitor an entire city or areas of countries. Computers can watch surveillance videos without human issues like distraction, fatigue, or even needing to be paid. The result is a high level of surveillance that was impossible just a few years ago.
Let’s take the technologies one by one. First: video analysis. Computers are increasingly recognizing what is happening in a video. It is easy to detect when a person or vehicle enters a prohibited area. They can count people or cars. They can detect when baggage is left unattended or when previously unattended baggage is picked up and removed. They can detect when someone is loitering in an area, lying down or running. More and more, they can detect particular actions of people.
More than identifying actions, video analytics allows computers to understand what is going on in a video: they can flag people based on their clothes or behavior, identify people’s emotions through body language and behavior, and find people who act “unusually” according to everyone. others around them.
Computers can also identify people. AIs are improving to identify people in these videos. Facial recognition technology is constantly improving, facilitated by the huge stock of tagged photographs that we voluntarily donate to Facebook, Instagram and other social media sites, and the photos that governments collect during the issuance process, eg – Fiji voter registration cards, Fiji TIN / FNPF dual cards, driver’s licenses and even passports. The technology already exists to automatically identify everyone that a camera “sees” in real time. Even without video identification, we can be identified by the unique information streamed by smartphones that we carry everywhere with us (GPS tracking activated), or by our laptops or devices connected via Bluetooth. Law enforcement has been tracking cell phones for years and this practice can now be combined with video analysis.
Once a surveillance system identifies people, their data can be combined with other data, collected or purchased: from cell phone records, GPS surveillance history, purchase data, etc. . Social media companies like Facebook have spent years learning about our personalities and beliefs by what we post, comment on, and “like.” This is “data inference” and, when combined with video, it provides a powerful window into people’s behaviors and motivations.
The resolution of the camera also improves. Gigapixel cameras are so good that they can capture individual faces and identify license locations in photos taken miles away. “Extended surveillance” cameras can be mounted on vehicles, airplanes and drones and can operate continuously. Cameras can be hidden in streetlights and other ordinary items. In space, satellite cameras have also improved considerably.
Data storage has become incredibly cheap and cloud storage makes it all so easy. Video data can easily be backed up for years, allowing computers to perform all this monitoring back in time.
In democratic countries, such surveillance is marketed as crime prevention / deterrence – or the fight against terrorism. In totalitarian countries like China, it is clearly used to suppress political activists and for public control in general. In any case, it is implemented without much public debate by authorities and businesses in the public spaces they control.
This is bad, because pervasive surveillance will radically change our relationship to society at large. More importantly, the inability to live in anonymity will have a huge deterrent effect on speech and behavior, which in turn will moderate the ability of society to experiment and change.
We often think that technological change is inevitable and that there is nothing we can do to stop it – or even lead it. This is simply not true. We are led to believe it because we do not see it often, understand it or have no say in how or when it is deployed. The problem is that the technologies of cameras, resolution, AI and machine learning are complex and specialized.
But as the pace of technological change increases, the unintended effects on our lives also increase. Just as we have been surprised by the threats to democracy caused by surveillance capitalism, AI-based video surveillance will have similar surprising effects.
As American lawyer, author and investigative journalist Glenn Greenwald puts it succinctly: “The way things are supposed to work is that we are supposed to know pretty much everything about what they (the government) are doing: c that’s why they are called civil servants.
They are supposed to know nothing about what we do, which is why we are called individuals. As always, God bless you all and stay safe and masked in the digital and physical worlds this weekend.
- ILAITIA B. TUISAWAU is a private consultant in cybersecurity. The opinions expressed in this article are its own and are not necessarily shared by this journal. Mr. Tuisawau can be contacted at [email protected]