Defensive vs. offensive AI: Why security teams are losing the AI war
Here’s an overview of some other cybersecurity stories getting our attention:
CircelCI warns of security breach—Rotate your secrets!
Nation states and hacker gangs are working to weaponize artificial intelligence. Hackers are leveraging AI-based attacks to exploit companies that lack expertise in artificial intelligence and machine learning. Threat actors are recruiting skilled talent to create new malware and test attack techniques, and are altering their attack strategies in real time using AI. Just 24% of cybersecurity teams are fully prepared to deal with an AI-related attack, according to a Gartner survey. Organizations continue to struggle attracting and retaining cybersecurity experts with AI and ML expertise. Conversely, nation-state actors and cybercriminal gangs are growing their AI and ML teams at a rapid pace.
Slack’s private GitHub code repositories stolen over holidays
Continuous Integration (CI)/Continuous Delivery (CD) platform CircleCI warns users to rotate their secrets as it investigates a recent security incident. The company is confident no threat actors are currently active within its systems, but is advising customers to take preventative measures to protect their data. These measures include rotating secrets stored in CircleCI, invalidating API tokens and auditing internal logs for unauthorized access between 21 December 2022 and 4 January 2023. The warning came on the same day that CircleCI published an update on the reliability of its services. CircleCI had previously suffered data breaches, as well as attacks by phishers.
Ferrari, BMW, Rolls Royce, Porsche and more fix vulnerabilities giving car takeover capabilities
Slack has suffered a data breach, although customer data has not been affected. The company discovered that a “limited” number of employee tokens had been stolen, and misused to gain access to its externally hosted GitHub repository. Some of Slack’s private code repositories were breached, but no downloaded repositories contained customer data or means of accessing it. Slack’s primary codebase was also unaffected. The company has invalidated the stolen tokens, rotated relevant secrets and is investigating the potential impact on customers. The attack did not exploit a vulnerability inherent to Slack, according to the company.
Why we need global rules to crack down on cybercrime
Several major car brands have fixed vulnerabilities that could have enabled the full takeover of their vehicles, according to security researchers. The bugs were found in Mercedes-Benz, BMW, Rolls Royce, Ferrari, Ford, Porsche, Toyota, Jaguar, Land Rover. Additional vulnerabilities were found in GPS tracking company Spireon and digital license plate firm Revive as well. The vulnerabilities included those giving access to internal company systems and customer data, as well as those that would allow an attacker to send commands to a vehicle. All of the companies fixed the vulnerabilities within a week and were responsive, according to researcher Sam Curry.
This World Economic Forum blog post argues for the increasing need for international rules to regulate cybercrime as it becomes more sophisticated and widespread, according to the forthcoming 2023 Global Risk Report. Cybercrime damages are estimated to have reached $6 trillion in 2021, and could reach $10.5 trillion annually by 2025, according to an industry group. The problem is exacerbated by a shortage of security experts, poor reporting habits and a lack of global agreements on how to regulate cyber threats. The United Nations is currently discussing a cybercrime treaty, which could cover issues including jurisdiction, extradition, asset seizure, and mutual assistance in investigations.
This post was first first published on Forcepoint website by Lionel Menchaca. You can view it by clicking here