Mar 31 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter that handles more attacks than Donald J. Trump. Cyberattacks, that is!
Today’s hottest cyber security stories:
There’s a storm a-brewing: a cyber-storm, that is.
Well, that’s according to some cybersecurity would-be oracles who, once again, are sat cross-legged around their crystal ball foreseeing visions of cyber-apocalypse.
But how genuine/trustworthy are these predictions, exactly? Is it a bit like a sleazy salesman going door to door selling snow shovels in preparation for a downfall that never comes? It’s possible, no?
Roll up! Roll up!
“Hey there, large corporations! Better start investing more in cybersecurity because that big cyber-storm’s coming any day now and you wouldn’t want to be left drifting down shit’s creek without a paddle now, would you?”
We jest but it’s always worth questioning the motives/intentions of the guys doing the grandstanding. Even if it’s not for financial gain, everyone wants to feel important in what they’re doing and this can, at times, lead to exaggerations and even an inflation of one’s own self-worth (professionally speaking).
Okay, enough pontificating. What’s the 411?
So, having painstakingly analysed all 36 pages of the Global Cybersecurity Outlook 2023: Insight Report, the cyber gods have zeroed in on the following key takeaways:
Jürgen Stock, the secretary-general of the International Criminal Police Organization (INTERPOL), said: “This is a global threat, and it calls for a global response and enhanced and coordinated action.
“The key to winning the battle against cybercrime is, of course, to work together to make it a priority across the geopolitical fault lines.”
Chatbots are making it more difficult to detect phishing emails by fixing spelling and grammar mistakes that can give away fraudulent attacks, according to various experts.
In related news, the international policing organisation Europol has issued a warning about the potential criminal use of large language models like the notorious ChatGPT.
Phishing emails, which (as we know!) deceive individuals into sharing sensitive information or downloading malicious software, are a common tool used by cybercriminals.
Last year, 50% of adults in England and Wales reported receiving a phishing email, and phishing attempts are the most common form of cyber-threat for UK businesses.
While poor spelling and grammar have been a dead giveaway for the phishing attempts of yesteryear, AI chatbots are now able to correct these mistakes and bypass spam filters and human readers.
As a result, this key line of defence (the smell test, shall we call it?) against phishing attacks is becoming less and less effective.
Corey Thomas, chief executive of the US cybersecurity firm Rapid7 said: “Every hacker can now use AI that deals with all misspellings and poor grammar.
“The idea that you can rely on looking for bad grammar or spelling in order to spot a phishing attack is no longer the case. We used to say that you could identify phishing attacks because the emails look a certain way. That no longer works.”
ChatGPT and other AI chatbots are a bit of a double-edged sword when it comes to our online safety, as far as we can tell.
On the one hand, we covered a story earlier in the week about how Microsoft (and others) are using AI to increase cybersecurity and combat phishing attacks. However, on the flipside, AI chatbots are obviously a great tool for the cybercriminals too, as this report illustrates.
Does that mean they’ll cancel each other out and things will, more or less, stay the same. We hope so, Well, sort of. Same is better than worse, no?
On that bombshell, onto today’s final story…
So, another day, another state-sponsored ‘threat actor’ (read: hacking group). Today, however, it’s the Chinese that are up to no good and not, as is all too often the case, the dastardly (#NotAll) North Koreans.
These guys, dubbed RedGolf, have been on the scene for some time but have made headlines across the cybersphere today for their use of a custom Windows and Linux backdoor called KEYPLUG (hence, our NSFW headline. Aren’t we a hoot?).
Recorded Future, the world’s largest cyber-intelligence company, said: “RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range of industries globally.”
“The group has shown the ability to rapidly weaponize newly reported vulnerabilities (e.g., Log4Shell and ProxyLogon) and has a history of developing and using a large range of custom malware families.”
Most of these cyber-strikes have been detected in Asia, followed by Africa, Europe, the Middle East, Oceania, North America, and South America.
Japanese cybersecurity firm Trend Micro said: “There are strong indications of intertwined traditional intelligence tradecraft and cyber collection efforts, indicative of a highly coordinated and sophisticated cyber espionage operation.”
Geez, can’t we just all get along?!
So long and thanks for reading all the phish!