Last week, we highlighted significant reports and alerts on government-funded research into hacker behaviour and targeted attacks, alarming findings on the threats posed by artificial intelligence, and an impending shortage of IT skills.
Last week, we highlighted significant reports and alerts on government-funded research into hacker behaviour and targeted attacks, alarming findings on the threats posed by artificial intelligence, and an impending shortage of IT skills.
With the rise in ransomware incidents and the advent of more sophisticated AI-driven attacks, the need for robust cybersecurity has never been greater. Here are this week’s essential insights on cybersecurity that you need to know.
The Intelligence Advanced Research Projects Activity (IARPA), part of the Office of the Director of National Intelligence, has launched a government-funded study to better understand and exploit hackers' biases and vulnerabilities to improve cybersecurity.
Five research teams, led by Charles River Analytics, GrammaTech, Peraton Labs, Raytheon Technologies Research Center, and SRI International, are involved in this project.
Approximately 150 experts, including scientists, software engineers, psychologists, and social scientists, are working to develop tools that predict and influence hacker behaviour.
"We think we can affect the attackers’ judgment and reaction and behavior to the benefit of the offenders,” said Kimberly Ferguson-Walter, program manager.
Researchers face the challenge of studying hackers, who are not easily accessible subjects. To overcome this, they will analyse white-hat hackers and simulate hacker environments using employees and students with advanced computer skills.
The project's first phase, lasting about 18 months, aims to identify key decision-making biases and human limitations relevant to cybercriminals.
The subsequent phases will focus on understanding and measuring ways to alter hackers' behaviour, developing software tools to counteract these biases, and integrating artificial intelligence to enhance these defences.
Ferguson-Walter hopes to create "an arsenal of new kinds of defences" for the US intelligence community and potentially for commercial use.
A new report from Deep Instinct reveals that 97% of senior cybersecurity experts believe their organisations will eventually face an AI-driven security incident.
The "Voice of SecOps" report, which surveyed 500 senior cyber experts from various industries including finance, healthcare, and critical infrastructure, highlights the growing concern over AI-powered attacks.
These experts are witnessing an escalation in the sophistication and frequency of AI-related threats, prompting an urgent need for robust cybersecurity strategies.
In parallel, a report by CyberArk underscores the critical issue of identity-related breaches, with 93% of organisations experiencing two or more such incidents in the past year.
The report highlights that machine identities are the primary drivers of identity growth and are seen as the riskiest type of identity. Alarmingly, only 38% of organisations classify all human and machine identities with sensitive access as privileged users, pointing to a significant gap in security practices.
A recent IDC Research survey warns of an impending IT skills shortage that is expected to affect 90% of organisations within the next two years.
This shortage is obstructing digitization projects and the adoption of new technologies, including generative artificial intelligence (genAI).
The survey, which included over 800 North American IT leaders, revealed that nearly two-thirds have experienced missed revenue growth objectives, quality problems, and a decline in customer satisfaction due to a lack of skilled personnel.
"Getting the right people with the right skills into the right roles has never been so difficult," says Gina Smith, PhD, research director for IDC's IT Skills for Digital Business practice.
"As IT skills shortages widen and the arrival of new technology accelerates, enterprises must find creative ways to hire, train, upskill, and reskill their employees. A culture of learning is the single best way to get there."
However, organizations are facing significant challenges in expanding their employees' skills, including resistance to training.
Common complaints include that courses are too long, learning options are too limited, and there is insufficient alignment between skills and career goals. Addressing these issues is crucial to overcoming the skills crisis and ensuring long-term business success.
The recent cyberattack on Frontier Communications by the rising ransomware gang RansomHub, posted this week on its leak site, casts a dark shadow over the telecommunications industry.
With over 2 million individuals' sensitive information compromised, this incident underscores a grim reality: even large, well-resourced companies are vulnerable to the relentless and evolving threats posed by cybercriminals.
Despite implementing containment measures and reporting the breach to the SEC, Frontier’s inability to prevent such a significant data compromise highlights critical weaknesses in cybersecurity defences that many companies continue to face.
An April cyberattack on a large telecommunications company has been claimed by a ransomware gang that is gaining steam as a cybercriminal operation.
Experts from NCC Group said RansomHub was the third most prolific ransomware gang that operated in March, with at least 27 attacks.
The group’s emergence has reinforced a longstanding assertion by security researchers that ransomware gangs are nebulous operations, with affiliates moving between different operations and selling stolen data or access to different groups.
This attack is indicative of a broader and more troubling trend. RansomHub, which has already claimed several high-profile victims, including Change Healthcare and Christie’s, represents a new breed of ransomware gangs that are not only sophisticated but also aggressive and opportunistic.
Their ability to exploit the shutdowns or failures of other ransomware groups, like LockBit and AlphV, by recruiting their displaced affiliates, signals an adaptive and resilient threat landscape.
Mandiant's latest report reveals a significant uptick in ransomware activity in 2023 compared to the previous year. The analysis shows a 75% increase in posts on data leak sites (DLS) and over a 20% rise in Mandiant-led ransomware investigations.
The resurgence in ransomware incidents is primarily driven by the profitability of these operations, with over $1 billion USD paid to attackers in 2023.
Notably, about one-third of new ransomware families identified were variants of previously known ransomware, indicating an evolution in existing threats rather than the emergence of entirely new ones.
Attackers are increasingly using legitimate remote access tools instead of traditional malware like Cobalt Strike BEACON to facilitate their operations.
Mandiant's observations highlight that ransomware is often deployed rapidly, with almost one-third of incidents seeing ransomware deployed within 48 hours of initial access.
The majority of these attacks occur outside of regular work hours, predominantly in the early morning. This trend suggests attackers are strategically timing their operations to maximise impact and minimise the likelihood of detection.
The report emphasises the need for robust cybersecurity measures and offers practical guidance in its white paper, "Ransomware Protection and Containment Strategies," to help organisations harden their defences and protect critical infrastructure, identities, and endpoints.
The ransomware landscape in 2023 saw the highest volume of posts on shaming sites since tracking began in early 2020, with Q3 2023 alone breaking records with over 1,300 posts.
Despite significant law enforcement actions against prolific RaaS groups like ALPHV and LOCKBIT in late 2023 and early 2024, threat actors continue to demonstrate resilience.
New ransomware groups, such as RansomHub, are actively recruiting affiliates from disrupted operations, mirroring tactics used by LockBit RaaS.
While the full impact of these law enforcement actions is yet to be seen, the immediate aftermath indicates a temporary reduction in activity from some groups and the rise of new entrants eager to capitalise on the void left by dismantled networks.
Global cyber affairs are in overdrive! Australia’s $50M social media crackdown, Nvidia’s $35B AI earnings, and claims of AI breaching parliamentary security highlight a whirlwind week. With 2025 looming, the pace of tech, trade, and policy shifts is only set to accelerate.
Biden’s climate incentives face uncertainty as Trump’s renewed tariffs push Chinese solar giants like Trina Solar to relocate production to the US via partnerships. This shift signals a new energy arms race, intensifying global competition in 2025.
Big Tech returns to offices, Musk shapes AI policy, and Trump’s comeback fuels debates on tech-politics fusion. Biden-Xi talks spark questions on U.S.-China relations as global power shifts. From Silicon Valley to the White House, this week reshaped the future in surprising ways!
President Joe Biden and Chinese President Xi Jinping prepare for their final APEC summit meeting in Lima, marking a critical moment for U.S.-China relations. With President-elect Donald Trump poised to take office, this encounter signals the end of an era in global political dynamics.
