Silicon Valley Focus – How Far Cyberattacks Have Evolved KellyOnTech
I have been focusing on reviewing projects lately. What type of projects are currently the hottest in Silicon Valley? It’s about cybersecurity.
According to the 2023 Comcast Enterprise Cybersecurity Threat Report, the most common type of attack continues to be phishing. 9 out of every 10 attempts to breach customer networks begin with phishing.
As the capabilities of artificial intelligence continue to improve, especially generative AI, it has brought more new threats to cybersecurity, including :
- Hackers exploit generative AI to develop malware.
- Leverage AI to create more phishing and scamming messages.
Generative AI can create phishing campaigns in any language with trustworthy text that accurately mimics the language, tone, and content of legitimate emails. There is also the Deep Fake introduced before, which stimulates well-known entrepreneurs, politicians, or celebrities. For example, the AI-generated nuke photos of international superstar Taylor Swift that caused an uproar earlier this year.
The cyberattacks don’t stop there. With the widespread use of ChatGPT, hackers have developed malicious packages and spread them into developers’ environments.
According to estimates from Cybersecurity Ventures, the cost of resisting cybercrime will soar from $3 trillion in 2015 to $10.5 trillion by 2025.
Data and SEO Poisoning
There is another type of cybersecurity that maybe even more worrisome, which is data poisoning.
What is data poisoning? It’s that hackers will attack or tamper with the data used to train machine learning and deep learning models. This virus can also attack models used to train AI and manipulate the algorithms by poisoning the data, thereby affecting the accuracy of AI decision-making and output.
Another type of cyberattack is the spread of fake installers through search engine optimization (SEO) poisoning or malvertising. Cybercriminals use poinsoned Google ads to deliver Python-based malware that steals information such as browser passwords and cryptocurrency wallets.
Bitcoin Can Be Attacked
Bitcoin’s security system is considered super secure against classical computers.
During a bitcoin transaction, two important things happen every time: one is the generation of a public key that can be used by everyone, and the other is the generation of a secure private key that is visible only to the payer. This key combination is digitally “written” into the system’s ledger of currency transactions, also known as the blockchain.
After that, the transaction is “locked”, thus preventing anyone from doing anything with the associated funds. But there is a time lag before the transaction is integrated into the blockchain, at which point the transaction is not completely secure.
Quantum Hacking
Is that the end of the story? Not yet, there is quantum hacking in the field of cybersecurity.
Quantum computing has come a long way. Quantum computing is estimated to have an impact on us in the next three to ten years, but no one really knows yet what its full impact will be. Worse, bad guys could use quantum computing or a combination of quantum computing and artificial intelligence to create new threats.
Cybersecurity Countermeasures
Have you broken out in a cold sweat? Therefore, the world now attaches great importance to cybersecurity, and the solutions include active defense, passive defense, and the integration of the two.
Cybersecurity used to be a reactive discipline, with IT experts waiting until an alert was raised or a cyberattack incident occurred before taking action. AI-driven tools mean that unknown malware is detected before it can cause harm. And AI-powered proactive threat hunting enables cybersecurity personnel to act quickly before a network is attacked.
On top of that, AI-driven cyber threat hunting can provide cybersecurity teams with information about security vulnerabilities, security weaknesses,and emerging vulnerabilities. This information enables IT staff to optimize resource allocation and ensure the most critical risk areas are addressed. Because information is often provided in real time, IT staff can adjust resource allocations as cyber threats change, improving risk management.
Additionally, artificial intelligence can correlate data points from different carriers to identify connections between seemingly unrelated cybersecurity events and analyze and attribute complex cyber threats. In this way, enterprises can gain a clearer understanding of what cyber threats they face and how to develop or modify cyber threat prevention and defense strategies.
The cyber vulnerability detection sequences typically include:
Automated alert analysis, rich context, metrics extraction (multiple sources, proprietary techniques), investigation response guidance recommendations, external attack surface management (OSINT open source, proprietary third party, adversarial intelligence), internal continuous penetration tests (active catalog), social engineering (effective adversarial tests, email security, creative phishing simulations), endpoint-ready simulations ( attack path narratives, malware, EDR/NDR efficacy).
There are no projects about cybersecurity that I have seen recently that are particularly eye-catching. I will continue to follow up on information in this field.
