Cyber Security News Update 10/26/2018

AI is seen as the salvation and damnation of cyber security because it allows for innovations in both directions. The fear is that AI directed attacks will only be able to be matched by AI guided defences and that this dynamic will start a new resource arms race. Whatever group can group together the greatest computing power will be able to systematically take over their opponents, potentially adding their processing power to their own. Imagine a nightmare scenario where AI driven botnets attack and consume other botnets until there is simply THE botnet that is capable of out-thinking any defensive platform available. This is the sort of power AI allows for…maybe. A common misconception about AI is how smart they are, because AI’s are definitely faster than humans but only at certain tasks. AI’s outperform humans by several orders of margin when it comes to straightforward tasks with easily definable states such as “locate blue things” or “put the dish in the sink.” However, the human mind is capable of “soft logic” or out-of-the-box thinking, also known as “inspiration.” AI in cyber security would allow for the automation of menial tasks, such as producing a million mutations of an attack program after being instructed to do so. AI allows for a phishing scheme to update itself in near real-time if the AI has been taught how to do so by a human. AI represents the possibility of a single hacker having access to a virtual army of helpers, who can allow the hacker greater leeway to use their creative talent.
Source: Debunking AI’s Impact on the Cybersecurity Skills Gap

There is new evidence the TRITON virus, which targets industrial systems, may have been designed with the assistance of Russian state actors (such as APT 28). FireEye has stated that they think a Russian institute, which would have access to the highly confidential and secured OS that Triton is made to target, allowed the attackers to use their systems as testing grounds for the attack. The TRITON attack has been attributed to the TEMP.veles group which operates on the Moscow timezone from an address linked to the Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM) located in Moscow. FireEye has noted that its possible that CNIIHM employees acted without their employer’s knowledge, but that possibility is “highly unlikely.”
Source: FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

A report has shown that even among consumers who are uncomfortable with how companies that misuse their data, or have had a data breach that revealed their private data, less than 50% have changed their privacy settings to become more secure. Half of those who answered the survey reported that they joined public WiFi networks but failed to understand the risks of those networks. Public Wifi networks are dangerous and any data sent over them should be assumed to have been intercepted, and joining one creates a risk that your device will be infected or attacked.
Source: US Citizens are Regularly Exposing Themselves to Cyber-Threats, Despite Concerns