Friday Five: Malicious AI Campaigns, the Pentagon’s 2023 Cyber Strategy, & More
In the midst of the DHS and Pentagon releasing their Threat Assessment Report and unclassified Cyber Strategy, respectively, three major social media giants came under fire this past week. Catch up on all of these stories in this week’s Friday Five!
DHS WARNS OF MALICIOUS AI USE AGAINST CRITICAL INFRASTRUCTURE BY CHRISTIAN VASQUEZ
The Department of Homeland Security's annual Threat Assessment Report warns of AI-driven disruptions to critical infrastructure, including election interference and industrial systems targeting. Adversaries--notably China--are increasingly using AI for influence campaigns and malware development with the goal of disrupting the energy, transportation, and healthcare sectors, emphasizing industrial control systems' vulnerability. China's focus extends to efficient and evasive attacks in the transportation sector. The DHS has established an AI Task Force to assess these risks in response, but Russia, China, and Iran continue espionage, cyberattacks, and potential election interference.
NEW PENTAGON CYBER STRATEGY EMPHASIZES INDUSTRY AND GLOBAL PARTNERSHIPS BY CHRIS RIOTTA
An unclassified version of the 2023 Defense Department cyber strategy, which was released this past week, emphasizes industry and global partnerships to bolster cybersecurity. Shaped by past operations and Russia's actions in Ukraine, it highlights private sector engagement to enhance cyber resilience, outlining four key priorities including safeguarding critical infrastructure and conducting defensive cyber operations. U.S. Cyber Command will cooperate with interagency partners and the private sector to counter adversaries. The strategy commits to strengthening allies' cyber capabilities and integrating cyber into traditional warfare. Recognizing threats from China, Russia, North Korea, Iran, extremists, and cybercriminals, it plans to identify and monitor malicious cyber groups.
FACEBOOK MESSENGER PHISHING WAVE TARGETS 100K BUSINESS ACCOUNTS PER WEEK BY BILL TOULAS
Hackers are employing a vast network of fake and compromised Facebook accounts to distribute Messenger phishing messages, targeting Facebook business accounts with password-stealing malware. A recent report reveals that roughly one out of seventy targeted accounts become compromised. The attackers initiate the attack by sending phishing messages via Messenger to Facebook business accounts, masquerading as copyright violation notices or product information requests. These messages contain an archive that, if executed, fetches a downloader for a Python-based password stealer. This malware collects login data and cookies, sending them to the attackers through Telegram or Discord bot API. The compromised accounts are then used for fraudulent activities. The campaign, attributed to Vietnamese hackers, is alarming in scale, with approximately 7% of Facebook's business accounts targeted.
TIKTOK SLAPPED WITH $368 MILLION FINE OVER CHILD PRIVACY VIOLATIONS BY SERGIU GATLAN
The Irish Data Protection Commission (DPC) has fined TikTok €345 million ($368 million) for breaching the privacy of users aged 13 to 17. The investigation, which began in September 2021, focused on TikTok's data practices from July 31 to December 31, 2020. The DPC found multiple violations of the European Union's General Data Protection Regulation (GDPR), including defaulting child user accounts to public visibility, a flawed 'Family Pairing' feature, lack of transparency for young users, and the use of "dark patterns" that nudged users toward privacy-compromising options. TikTok has been reprimanded, fined, and given three months to align its practices with regulatory standards. This follows a €5 million fine by France's data protection authority (CNIL) in January for insufficiently informing users about cookies.
FORMER TWITTER EXECUTIVES: PRIVACY AND SECURITY PRACTICES DETERIORATED UNDER MUSK BY TONYA RILEY
Court documents reveal that Elon Musk's ownership of Twitter, now called X Corp., has sparked concerns among former employees regarding security and privacy practices that may violate a 2011 Federal Trade Commission (FTC) agreement. The FTC is investigating whether X Corp. has breached this agreement by not upholding security and privacy measures, especially after Musk laid off numerous employees post-acquisition. Former executives testified about Musk's disregard for security concerns, impacting the company's ability to protect user data, and other concerns were raised about the Twitter Blue subscription service potentially being exploited by scammers. X Corp. had previously sought to terminate the 2011 agreement, alleging FTC overreach, but the Justice Department opposes this request.