Ransomware and AI Signal New Cybersecurity Concerns [Weekly Cybersecurity Brief]

Last week, we covered some of the latest contributors to the evolving threat landscape shaping cybersecurity concerns. This week proves that evolution is not slowing down. A new FBI warning and the potential for poisoned AI have alarms ringing for the industry and those impacted by it.

As reported by The Hacker News, the FBI recently issued an alert about BlackCat ransomware-as-a-service (RaaS). According to the FBI, at least sixty organizations around the world were targeted as of March by this style of ransomware known for its incorporation of malware written in the Rust programming language. The FBI also noted in its advisory that, “Many of the developers and money launderers for BlackCat/ALPHV are linked to DarkSide/BlackMatter, indicating they have extensive networks and experience with ransomware operations.” To address this issue, the agency is urging that any company experiencing a ransomware case report so immediately. Even if such an attack has not occurred yet, the FBI is recommending that domain controllers, servers, active directories, and other systems be reviewed for out-of-the-ordinary activity.

BlackCat ransomware is not the only risk capturing attention. AI is also stirring some cybersecurity concern. AI is certainly not new, but its use has vastly expanded over the past decade. And as Tim Culpan wrote in a piece for Bloomberg picked up by The Washington Post, “The combination of AI and cybersecurity was inevitable as both fields sought better tools and new uses for their technology.” However, as they become more intertwined, there is a threat that could potentially damage both. That threat comes in the form of AI or data poisoning, which comes down to the compromising of machine learning. Machine learning is used in both AI and cybersecurity functions. If a hacker were to access this process, they could feed it malicious code that makes the whole thing vulnerable. As cybersecurity organizations look to tackle this trend, it is suggested that, in the meantime, AI developers maintain vigilance over training data.

In addition to causing alarm, AI is also the focus of some new research projects that the Department of Energy (DOE) announced it will be helping to fund. As a release from the DOE states, the agency is allocating $12 million to go toward six programs that are working on “innovative cybersecurity technology to help ensure energy delivery systems are designed, installed, operated, and maintained to survive and recover quickly from cyberattacks.” The funding provided by the Office of Cybersecurity, Energy Security, and Emergency Response (CESER) will support studies across topics such as advancing anomaly detection, artificial intelligence and machine learning and physics-based analytics. A few of the schools participating include Florida International University, which is home to a project exploring artificial intelligence (AI)-based detection tools, Iowa State University where a group is studying “defense-in-depth security and resilience for cyber-physical systems using AI-integrated, attack-resilient, and proactive system technologies and solutions,” based on the DOE’s description. Other schools taking part include New York University, Texas A&M Engineering Experiment Station and Virginia Polytechnic Institute and State University.

 Key Takeaways:

“FBI Warns of BlackCat Ransomware That Breached Over 60 Organizations Worldwide” – Ravie Lakshmanan, The Hacker News

https://thehackernews.com/2022/04/fbi-warns-of-blackcat-ransomware-that.html

  • The FBI recently issued an alert about BlackCat ransomware-as-a-service (RaaS).
  • According to the FBI, at least sixty organizations around the world were targeted as of March by this style of ransomware known for its incorporation of malware written in the Rust programming language.
  • The FBI also noted in its advisory that, “Many of the developers and money launderers for BlackCat/ALPHV are linked to DarkSide/BlackMatter, indicating they have extensive networks and experience with ransomware operations.”

“The Next Cybersecurity Crisis: Poisoned AI” – Tim Culpan, The Washington Post/ Bloomberg

https://www.washingtonpost.com/business/the-next-cybersecurity-crisis-poisoned-ai/2022/04/24/9615126e-c426-11ec-8cff-33b059f4c1b7_story.html

  • The concern over data poisoning is rising as AI and cybersecurity become increasingly connected.
  • If a hacker were to access the process of machine learning, they could feed it malicious code that compromises the system.
  • As cybersecurity organizations look to tackle this trend, it is suggested that, in the meantime, AI developers maintain vigilance over training data.

“DOE Announces $12 Million to Enhance Cybersecurity of America’s Energy Systems” – Department of Energy, Energy.gov

https://www.energy.gov/articles/doe-announces-12-million-enhance-cybersecurity-americas-energy-systems

  • The Department of Energy is allocating $12 million to go toward six programs that are working on “innovative cybersecurity technology to help ensure energy delivery systems are designed, installed, operated, and maintained to survive and recover quickly from cyberattacks.”
  • The funding provided by the Office of Cybersecurity, Energy Security, and Emergency Response (CESER) will support studies across topics such as advancing anomaly detection, artificial intelligence and machine learning and physics-based analytics.
  • A few of the schools participating include Florida International University, which is home to a project exploring artificial intelligence (AI)-based detection tools, Iowa State University where a group is studying “defense-in-depth security and resilience for cyber-physical systems using AI-integrated, attack-resilient, and proactive system technologies and solutions,” based on the DOE’s description.
Share