Google Targets Global Security with AI Cyber Defense Initiative

Google has unveiled a new policy, the AI Cyber Defense Initiative, designed to harness the power of artificial intelligence to improve global cybersecurity defenses. The proposed policy aims to counteract rapidly evolving threats by using AI to improve threat detection, automate vulnerability management and enhance incident response effectiveness. The Alphabet company introduced its new plan at the Munich Security Conference, where it also announced it has a pool of $2 million to award businesses and academic institutions for research initiatives involving large language models, code verification and other AI uses for cyber offense and defense. Continue reading Google Targets Global Security with AI Cyber Defense Initiative

U.S. Impacted by Significant Increase in Ransomware Attacks

Ransomware attacks have surged in the 12 months ending in June 2023, with the United States accounting for 43 percent of the 1,900 attacks reported — 7x greater than that of the second most popular target, the United Kingdom, at 196. The period marked a 75 percent increase in U.S. ransomware attacks, which were perpetrated by 48 different groups including CL0P, a gang believed to have ties to Russia. U.S. companies, governmental organizations and individual consumers were targeted during the period, with healthcare and educational institutions disproportionately impacted, according to a study by cybersecurity firm Malwarebytes. Continue reading U.S. Impacted by Significant Increase in Ransomware Attacks

Companies Turn to Cyber Insurance as Global Threats Surge

The cost of a data breach can run as high as $4.54 million today, up from $3.86 million in 2020, according to an IBM study that says the fastest-growing — and costliest — type of cyberattack is ransomware. That’s why more companies are turning to cyber insurance to hedge their bets. Last year, the global market for such policies was estimated to be in the $13.33 billion range, and projected to reach $84.62 billion by 2030. Because the increased frequency of attacks has resulted in increased payouts, insurance providers now often require proof of adequate security measures. Continue reading Companies Turn to Cyber Insurance as Global Threats Surge

U.S. Senate Aims to Add Cyber Amendments to Defense Bill

Hundreds of amendments are queued up for possible addition to the vast annual defense policy bill. Among those that senators are considering include regulations that address artificial intelligence, cybersecurity and proposals to test election systems for vulnerabilities. Adding cyber measures to the National Defense Authorization Act (NDAA) has become a tradition in recent years because it is “must-pass” legislation and renewed annually. Senate Majority Leader Chuck Schumer (D-New York) hopes to have the Senate’s version of the bill prior to the August recess that commences at the end of this week. Continue reading U.S. Senate Aims to Add Cyber Amendments to Defense Bill

Google Workbench Taps AI Tech for Next-Gen Cybersecurity

Generative AI for cybersecurity is an emerging category with Google an early entrant. At this week’s RSA Conference 2023 in San Francisco, Google unveiled Cloud Security AI Workbench, a toolkit powered by a customized AI language model called Sec-PaLM that is “fine-tuned for security use cases.” Accenture is the first client to sign up for Workbench. Google also announced it is combining its Google Cloud and Mandiant ecosystems to offer a turnkey solution to ward off threats “from incident response through proactive defense,” drawing on integrations from more than 100 leading cybersecurity vendors. Continue reading Google Workbench Taps AI Tech for Next-Gen Cybersecurity

Biden Advocates Tougher Cybersecurity for Private Enterprise

The Biden administration has issued rules requiring key U.S. companies to meet minimum cybersecurity standards. The new National Cybersecurity Strategy (NCS) calls on software makers and American industry to be more active in the fight to repel hackers and ransomware groups even as the FBI accelerates global efforts to disrupt bad actors. Although the strategy is a policy document rather than an executive order, it represents a major policy shift, escalating participation by both the public and private sectors, while anticipating legislative changes required to give teeth to the plan. Continue reading Biden Advocates Tougher Cybersecurity for Private Enterprise

Federal Government Creates Strike Force to Fight Tech Theft

The U.S. is increasing efforts to thwart technology theft, launching what some are calling a “hack back” attack against adversaries who use illegal means in attempts to steal developmental secrets or strike at supply chains. Operating from 12 metropolitan regions, the new Disruptive Technology Strike Force (DTSF) will enforce laws protecting U.S. advanced technologies from illegal acquisition and use by nation-states. The goal of the DTSF — a joint venture of the Department of Justice and the Commerce Department — is “to strike back against adversaries trying to siphon off our best technology,” deputy attorney general Lisa Monaco said. Continue reading Federal Government Creates Strike Force to Fight Tech Theft

TikTok Ups Transparency Efforts as Government Heat Builds

TikTok toured journalists through its new Transparency and Accountability Center last week. Located in Culver City, the facility features monitors displaying infographics that show how TikTok’s recommendation engine and content moderation affect the short-form videos that are the basis of its viral app. Computer workstations running a “code simulator” were made available so visitors could explore firsthand how the app’s algorithms influence video propagation. TikTok COO Vanessa Pappas told attendees that the new center, in development since 2020, aims to give lawmakers and others a more personal experience than the virtual tours previously offered. Continue reading TikTok Ups Transparency Efforts as Government Heat Builds

Senators Grill Live Nation on Antitrust After the Swift Debacle

Anticompetitive practices, outrageous ticket fees and poor customer service were among the allegations leveled at Live Nation Entertainment Tuesday at a contentious Senate Judiciary Committee Hearing over botched Taylor Swift concert ticket presales by the company’s Ticketmaster subsidiary. Senator Amy Klobuchar (D-Minnesota) called the Live Nation relationship to Ticketmaster “the definition of monopoly,” adding that venues fearful of losing the company’s concerts don’t have the ability to push back because Live Nation is “so powerful that it doesn’t even need to exert pressure, it doesn’t need to threaten because people just fall in line.” Continue reading Senators Grill Live Nation on Antitrust After the Swift Debacle

Massive Ransomware Attack Affects Hundreds of Businesses

Software company Kaseya was targeted by a cyberattack starting Friday that has since spread to hundreds of mainly small and medium-size businesses. On Monday, Kaseya chief executive Fred Voccola reported to Anne Neuberger, the deputy national security advisor for cyber and emerging technology, that the attackers demanded a $70 million ransomware payment and that his company wasn’t aware of any breach of critical infrastructure impacting national security. According to experts, the attackers may be members of REvil, a Russian cybercriminal group. Continue reading Massive Ransomware Attack Affects Hundreds of Businesses

New York State Calls for a Dedicated Social Media Regulator

On the heels of a cyberattack on Twitter this summer, the New York State Department of Financial Services (DFS) called for a dedicated regulator to oversee big social media platforms. In a 37-page report, the department described the July 15 attack in which accounts of Barack Obama, Joe Biden, Jeff Bezos, Elon Musk and others were hacked and used to promote a cryptocurrency scam. Three people have since been charged with posing as employees to launch that attack, which relied on relatively simple tactics. Continue reading New York State Calls for a Dedicated Social Media Regulator

NSA Discovers Windows Vulnerability — and Tells Microsoft

The National Security Agency (NSA) discovered a vulnerability in versions of Windows and, instead of retaining it, reported it to Microsoft, which is now patching the flaw in its handling of certificate and cryptographic messaging functions. The vulnerability could have enabled attackers to use malicious code that would pretend to be legitimate software. Microsoft also warned all current users of Windows 7 Home Basic, Home Premium, Professional or Ultimate to upgrade immediately. Continue reading NSA Discovers Windows Vulnerability — and Tells Microsoft

Las Vegas Was a Target of Cyberattack While Hosting CES

Early Tuesday morning, just as CES 2020 was getting underway, the team that monitors computers for Las Vegas detected a potential cyberattack as the city’s systems were reportedly compromised. While city officials tweeted about the breach, the information was light on details regarding which operations had been affected or the extent of the attack. The timing was unfortunate, since the annual CES confab is one of the largest events in Las Vegas. Last year, the show attracted more than 175,000 people and 4,400 exhibitors, including a number of Fortune 500 companies. Continue reading Las Vegas Was a Target of Cyberattack While Hosting CES

Chinese, Iranian, Russian Hackers Honing Their Attack Skills

The National Security Agency and security firm FireEye recently detected extensive attacks by Iran on U.S. banks, businesses and government agencies, prompting the Department of Homeland Security to declare an emergency during the government shutdown. The attacks from Iran took place at the same time that China renewed its efforts to steal trade and military secrets, from Boeing, General Electric Aviation and T-Mobile. Meanwhile, Microsoft detected a Russian government operation targeting think tanks critical of Russia. Continue reading Chinese, Iranian, Russian Hackers Honing Their Attack Skills

Facebook Says Spammers, Not Nation-State, Behind Breach

Facebook’s internal investigation into the recent data breach that affected 30 million user accounts has concluded that the hack was the work of spammers disguised as a digital marketing company, and not foreign nationals. Facebook believes the attack was initiated by a group of Facebook and Instagram spammers that intended to make money by means of deceptive advertising. The FBI is continuing its investigation into the hack, which is the worst security breach in the social network’s 14-year history. Continue reading Facebook Says Spammers, Not Nation-State, Behind Breach