Artificial intelligence and machine learning cybersecurity technologies hold the key to stopping today's advanced threats. Enterprises are failing to keep up with the evolving threat landscape, massive data breaches and global cyberwarfare, the speed and magnitude of which are constantly increasing. Too many businesses still rely on internal resources and hardware that has a short shelf life and limited capacity. Hackers, on the other hand, are innovative. The only way to fight back is to use their own tactics against them, replacing antiquated and obsolete systems with adaptive technology.
A bug in Google's Home and Chromecast gadgets could show cyber criminals where you live. The glitch allows hackers to access the exact location of your Wi-Fi router via a malicious link that could be sent to you via email or social media. It was found by security researcher Craig Young, who said the issue allows cyber criminals to find your address or make scam messages more convincing. These include fake calls from the IRS or demands for cash from hackers making phony claims that they have webcam footage of the victim watching pornography. Google said it plans to fix the security flaw, which leaks your location with an accuracy of up to a few feet, in an update next month.
Announced as part of the state's 2018-19 Budget on Tuesday, NSW will be contributing AU$52.6 million over four years to the rollout of the biometric capability across New South Wales, enabling access to new face matching technology for law enforcement. "This technology will increase the capability to identify suspects or victims of terrorist or other criminal activity, including identity crime," the Budget papers say. The Australia-wide initiative will allow state and territory law enforcement agencies to have access to the country's new face matching services to access passport, visa, citizenship, and driver licence images from other jurisdictions. The Face Verification Service (FVS) is a one-to-one image-based verification service that will match a person's photo against an image on one of their government records; while the Face Identification Service (FIS) is a one-to-many, image-based identification service that can match a photo of an unknown person against multiple government records to help establish their identity. The Australian government in February introduced two Bills into the House of Representatives that would allow for the creation of the system to match photos against identities of citizens stored in various federal and state agencies: The Identity-matching Services Bill 2018 (IMS Bill) and the Australian Passports Amendment (Identity-matching Services) Bill 2018.
The American Civil Liberties Union is leading the effort against Amazon's Rekognition product, delivering a petition with 152,000 signatures to the company's Seattle headquarters Monday, telling the company to "cancel this order." They're asking Amazon to stop marketing Rekognition to government agencies over privacy issues that they say can be used to discriminate against minorities.
Don't look now, but your Google Home speaker or Chromecast could give away your whereabouts... for a little while, that is. Google has promised a fix for an authentication vulnerability that lets attackers obtain your location using the company's devices as a conduit. While the necessary Home app on your phone normally performs most tasks through Google's cloud services, others (such as setting a device name and WiFi connection) are sent directly to the Home or Chromecast without authentication. If you use domain name system rebinding software, you can exploit this to obtain nearby wireless networks and use Google's location lookup services to obtain a position to an accuracy of a few feet. An intruder doesn't need to be connected to your local network -- they just need to prompt you to open a link while you're connected to the same network as one of Google's affected devices.
In 2017, the world witnessed a cyberattack of hideous proportions. The WannaCry ransomware attack infected hundreds of thousands of computers in more than 150 countries, throwing a wrench in the digital gears of many businesses and bringing several industries to their knees with malicious software designed to block access to files until a "ransom" was paid. One industry that was hit particularly hard was health care, including organizations such as the National Health Service (NHS) in the U.K. and Merck in the U.S. One study found that last year, 78 percent of health-care providers reported a ransomware or malware attack. And perhaps we shouldn't be surprised: Patient records are filled with valuable and private information, and ineffective cybersecurity measures make it far too easy to hold those records hostage. Health care is an easy target for malware.
Earlier this year, Enterprise Times talked with Orli Gan, Head of Products for Threat Detection at Checkpoint. Gan had just given a keynote where she told the audience that AI was not a silver bullet for cyber security. It's an interesting view that is aimed at resetting expectations of what the technology is able to deliver today. Orli believes that the challenge is the immaturity of the technology. The current generations of algorithms have deficiencies and flaws that mean today, they are not as accurate as we need them to be.
Over the last decade the discussion around nonprofit technology (#nptech) has primarily been social media, mobile technology, and online fundraising, however as the internet enters its next phase, nonprofits need to better understand some of the more complicated concepts that will shape the internet and its use in the decades to come. Advancements in internet technology will change how we live, how we serve, how we fundraise, and how we interact with humans, the natural world, and machines. A blockchain is a decentralized, distributed and public digital ledger that is used to record transactions across many computers so that the record cannot be altered retroactively without the alteration of all subsequent blocks and the collusion of the network. A cryptocurrency is a digital or virtual currency that uses cryptography for security. A cryptocurrency is difficult to counterfeit because of this security feature.
Sophos, a network and endpoint security company, has announced Sophos Email Advanced, the first email protection solution to offer predictive security with active threat protection (ATP), anti-phishing email authentication, and outbound scanning and policy support. SophosLabs research discovered that 75 percent of malware in an organisation is unique to that organization which indicates the majority of attacks are zero-day. The only way to combat that is with the deep learning neural network that is integrated into the Sophos Email sandboxing technology to quickly identify never-before-seen malicious files sent in email. Email continues to be a primary attack vector for cybercriminals to launch a spear-phishing, localized or'spray and pray' campaign. Sophos processes data from more than ten million inboxes protected by Sophos Email every day.
Machine learning is helping businesses to move towards a more proactive, as opposed to reactive, approach to cybersecurity, meaning that they will no longer be one step behind attackers and reducing the risk of a data breach. This is particularly important due to the recent implementation of the GDPR. In order to keep up with cyber threats, as much data as possible is collected in order to gain insights into their causes. However, organisations often find it difficult to keep up with the analysis of such large volumes of data. Machine learning automates this analysis so that we can get more out of the data that is collected and give organisations an advantage over attackers.