From identity theft to sophisticated malware attacks, cyber criminals keep coming up with new scam methods.

Widely-available generative artificial intelligence (AI) tools have now added a new layer of complexity to the cybersecurity landscape. Staying on top of your online security is more important than ever.

The rise of dark LLMs

One of the most sinister adaptations of current AI is the creation of "dark LLMs" (large language models).

These uncensored versions of everyday AI systems like ChatGPT are re-engineered for criminal activities. They operate without ethical constraints, and with alarming precision and speed.

Cyber criminals deploy dark LLMs to automate and enhance phishing campaigns, create sophisticated malware, and generate scam content.

To achieve this, they engage in LLM "jailbreaking" - using prompts to get the model to bypass its built-in safeguards and filters.

For instance, FraudGPT writes malicious code, creates phishing pages, and generates undetectable malware. It offers tools for orchestrating diverse cybercrimes, from credit card fraud to digital impersonation.

FraudGPT is advertised on the dark web and the encrypted messaging app Telegram. Its creator openly markets its capabilities, emphasising the model's criminal focus.

Another version, WormGPT, produces persuasive phishing emails that can trick even vigilant users. Based on the GPT-J model, WormGPT is also used for creating malware and launching "business email compromise" attacks - targeted phishing of specific organisations.

What can we do to protect ourselves?

Despite the looming threats, there's a silver lining. As the challenges have advanced, so have the ways we can defend against them.

AI-based threat detection tools can monitor malware and respond to cyber attacks more effectively. However, humans need to stay in the mix to keep an eye on how these tools respond, what actions they take, and whether there are vulnerabilities to fix.

You may have heard keeping your software up to date is crucial for security. It might feel like a chore, but it really is a critical defence strategy. Updates patch up the vulnerabilities that cyber criminals try to exploit.

Are your files and data regularly backed up? It's not just about preserving files in case of a system failure. Regular backups are a fundamental protection strategy. You can reclaim your digital life without caving to extortion if you're targeted by a ransomware attack - when criminals lock up your data and demand a ransom payment before they release it.

Cyber criminals who send phishing messages can leave clues such as poor grammar, generic greetings, suspicious email addresses, overly urgent requests, or suspicious links. Developing an eye for these signs is as essential as locking your door at night.

If you don't already use strong, unique passwords and multi-factor authentication, it's time to do so. This combination multiplies your security, making it dramatically more difficult for criminals to access your accounts.

What can we expect in the future?

Our online existence will continue to intertwine with emerging technologies like AI. We can expect more sophisticated cyber crime tools to emerge, too.

Malicious AI will enhance phishing, create sophisticated malware and improve data mining for targeted attacks. AI-driven hacking tools will become widely available and customisable.

In response, cybersecurity will have to adapt, too. We can expect automated threat hunting, quantum-resistant encryption, AI tools that help to preserve privacy, stricter regulations and international cooperation.

The role of government regulations

Stricter government regulations on AI are one way to counter these advanced threats. This would involve mandating the ethical development and deployment of AI technologies, ensuring they're equipped with robust security features, and adhere to stringent standards.

In addition to tighter regulations, we also need to improve how organisations respond to cyber incidents, and what mechanisms there are for mandatory reporting and public disclosure.

By requiring companies to promptly report cyber incidents, authorities can act swiftly. They can mobilise resources to address breaches before they escalate into major crises.

This proactive approach can significantly mitigate the impact of cyber attacks, preserving both public trust and corporate integrity.

Further, cyber crime knows no borders. In the era of AI-powered cyber crime, international collaboration is essential. Effective global cooperation can streamline how authorities track and prosecute cyber criminals, creating a unified front against cyber threats.

As AI-powered malware proliferates, we're at a critical junction in the global tech journey - we need to balance innovation (new AI tools, new features, more data) with security and privacy.

Overall, it's best to be proactive about your own online security. That way you can stay one step ahead in the ever-evolving cyber battleground.

This article is republished from The Conversation under a Creative Commons license. Read the original article.

• Bayu Anggorojati is Assistant Professor, Cyber Security Indonesia

Grant Thornton New Zealand's latest Not-for-Profit report says charities are particularly vulnerable to phishing attempts and ransomware attacks.

The report states that these attacks are all over the economic sector and show no signs of abating.

Report findings

The Not-for-Profit report says:

• only 43 percent of NFPs invested in cybersecurity in the two years to 2022
• only 27 percent plan to invest in cybersecurity over the next two to three years
• 37 percent of NFPs do not have effective procedures to detect and report data breaches

"NFPs face unique challenges that make it harder for them to invest in cybersecurity", Grant Thornton New Zealand's Barry Baker says.

"Naturally, they are always trying to minimise spending, as there's a lot of pressure to spend as much as possible on frontline assistance to those in need, and as little as possible on the behind-the-scenes processes that deliver that assistance.

"This often means eking an extra year or so out of technology. NFPs are still using laptops that should be replaced, relying on outdated software and legacy platforms - creating greater vulnerability to cyber attacks.

"Cybersecurity can also seem like a non-priority. When there hasn't yet been a data breach or hack, that can give NFPs a dangerous false sense of security."

Risks high

The potential risks cannot be overstated, Baker says. It's not a matter of if an organisation will be hacked, it's a matter of how bad it will be.

"For a charity, this could result in a complete halt on operations, snarling up frontline services and potentially demanding a ransom to restore systems.

"Worryingly, that ‘smash and grab' approach by bad actors is being superseded by a more insidious attack: the actors can get into your systems, look around undetected and steal any of your data, including donors' and/or members' personal data.

"Then there's the reputational fallout. Donors who see your name connected with a data breach can easily switch their contributions to another organisation."

Protecting the organisation

Taking cybersecurity risks seriously is vital, Baker says. It should be given the same attention as health and safety.

Importantly, private data from donors and donor transactions need to comply with certain PCI DSS standards, he says.

Baker suggests it may be worth investing in a third-party payment gateway to take over processing credit cards.

That "reduces the data you're keeping and the level of compliance required of the organisation," he says.

He also notes it's important to understand that tech problems aren't really about technology.

They're about people.

"This means thinking about not only systems, but up-skilling everyone who works in the organisation, including the board, and encouraging teams and suppliers to work together harmoniously.

"Only with cooperation and education can your organisation protect itself from the ongoing risks of cyberattacks."

Source

• Voxy

According to the Archdiocese of San Francisco, an online "Rosary for Peace in Ukraine" was disrupted by a suspected cyberattack. The incident has been reported to the FBI.

Instigated by Archbishop Salvatore J Cordileone, the rosary for peace followed the lead of Pope Francis. The pontiff called for a day of prayer and fasting for peace in Ukraine on Ash Wednesday.

A suspiciously large surge of requests to access the event temporarily knocked the archdiocese's website offline, the archdiocese said.

The pattern of this sudden surge in traffic is consistent with a method of cyber attacking called Distributed Denial of Service Attack, the statement said.

America is not ready for what is coming says Glenn S Gerstell is a senior advisor at the Center for Strategic and International Studies and the former general counsel of the National Security Agency and Central Security Service.

" Destructive malware has flooded hundreds of Ukrainian websites and computers since Vladimir Putin announced his invasion. It would be a mistake to assume such attacks will remain limited to Ukrainian targets.

"Last week President Biden warned Mr Putin against Russian cyberattacks on the United States' critical infrastructure. But American businesses aren't ready for a war in cyberspace", he says.

In Europe, thousands of internet users were thrown offline in what sources said was a likely cyberattack at the beginning of Russia's offensive in Ukraine.

According to Orange, nearly 9,000 subscribers of a satellite internet service provided by its subsidiary Nordnet in France are without internet following a "cyber event" on February 24.

In the US, Viasat said a "cyber event" had caused a "partial network outage" for customers "in Ukraine and elsewhere in Europe" who rely on its satellite.

General Michel Friedling, head of France's Space Command, said there had been a cyberattack.

"For several days, shortly after the start of operations in Ukraine, we have had a satellite network that covers Europe and Ukraine in particular, which was the victim of a cyberattack. Tens of thousands of terminals were rendered inoperative immediately after the attack," he said. Then added he was talking about a civilian network - Viasat.

The outages also knocked offline some 5,800 wind turbines in Germany and Central Europe with a combined output of 11 gigawatts.

A report by Germany's Federal Office for Information Security said that it was "conceivable that the outages were the consequence of a "cyberattack", German daily Handelsblatt reported.

Military and cyber specialists fear that the Russian-Ukrainian conflict could lead to an outbreak of cyberattacks. Known as "Cyber Armageddon", it would have major consequences for civilians in Ukraine and Russia, and globally through a spillover effect.

Sources

Catholic News Agency

NDTV

The New York Times

The apparent espionage effort also included hacking Catholic diocese of Hong Kong and the head of the Hong Kong Study Mission, who is seen as Pope Francis' de facto representative to China.

Security firm Recorded Future, which detected the attacks, says they began in May.

The Vatican and Beijing were expected to engage in talks this year over the renewal of a landmark 2018 deal that stabilised relations between China and the Church.

Recorded Future says the Chinese Communist Party has used similar tools and methods previously identified with Chinese state-backed hacking groups.

One attack was hidden inside a document that appeared to be a legitimate letter from the Vatican to Monsignor Javier Corona Herrera, the chaplain who heads the study mission in Hong Kong.

It is unclear whether the letter was fabricated or if a real document the attackers had obtained and then linked to malware that gave them access to the computers of the Hong Kong church offices and the Vatican's mail servers.

The electronic file looked as if it was on the official stationery of Archbishop Edgar Peña Parra and the letter carried a message from Cardinal Pietro Parolin.

Hackers and state authorities are said to have frequently used cyber attacks to try to gather information on groups of Buddhist Tibetans, Muslim Uighurs and Falun Gong practitioners outside China.

The Party has been tightening its grip on religious groups, in an effort to "Sinicise" the religions practised in the country.

China officially recognises five religions, including Catholicism. However the authorities often suspect religious groups and worshippers of undermining the control of the Communist Party and the state, and of threatening the country's national security.

China's Foreign Ministry spokesman Wang Wenbin says China is a "staunch defender" of cybersecurity.

Ample evidence rather than conjecture is needed when investigating cyber events, he says.

Beijing denies engaging in any state-backed hacking attempts. On the contrary - Beijing is a victim of such threats, it says.

The claims that Beijing spies hacked the Vatican emerged after a rare meeting between Beijing and the Vatican's foreign minister earlier this year in Germany. The meeting was the highest-level official encounter between China and the Vatican in decades.

Relations between the two have been improving and they have been expected to renew the provisional two-year deal on the operation of the Catholic Church in China this September.

However, there was no indication if the deal would be automatically extended because of the pandemic and for how long.

Source

• Reuters
• First Post
• The Wall Street Journal
• Image: Matters India