Tag Archive for: AIPowered

This new SSD claims to have built-in AI-powered ransomware protection


What just happened? Data security company Cigent Technology has announced a new line of SSDs that are said to have built-in anti-ransomware technology to protect data from being encrypted by malware. Called the Cigent Secure SSD+, it is said to be the world’s first solid-state drive equipped with baked-in protection against ransomware.

Based in Fort Myers, Florida, Cigent Technology is a cybersecurity firm that protects businesses and individuals from zero-day ransomware and data theft. The company first announced its new ‘self-defending’ SSD in May 2021, claiming its technology can make data invisible if an attack is detected. To do that, the company uses what it calls the Dynamic Data Defense Engine software that uses encryption and offers file-level Zero-Trust access controls.

On the hardware side, the Cigent Secure SSD+ comes with a dedicated AI-powered microprocessor that uses machine learning to monitor disk activity and employs advanced algorithms to thwart ransomware attacks. It has built-in safeguards to prevent the disabling of security controls by malicious software. In case the safeguards are breached and the security controls are disabled, the Secure SSD+ hides all the protected data, making it essentially invisible, and hence inaccessible to attacks. Cigent is also promising to roll out updates to prevent the drive from being cloned, wiped, or accessed if the system is booted from an alternate OS.

The Cigent Secure SSD+ currently only supports Windows, but the company says that support for Linux is ‘coming soon.’ In terms of specifications, the device has an M.2 2280 double-sided form factor and needs to be installed as the boot drive in an endpoint system for it to work as advertised. The rest of the specs, including read/write speeds, are yet to be specified, but it will likely be revealed closer to its launch. The Secure SSD+ will be available for purchase from May 2023 in 480GB, 960GB, and 1920GB capacities.

In addition to the new SSD, Cigent also offers its Data Defense software as a SaaS platform that responds to ransomware attacks with a ‘Shields Up’ status that requires multi-factor authentication to access all protected files. The company…

Source…

Does AI-powered malware exist in the wild? Not yet


AI is making its mark on the cybersecurity world.

For defenders, AI can help security teams detect and mitigate threats more quickly. For attackers, weaponized AI can assist with a number of attacks, such as deepfakes, data poisoning and reverse-engineering.

But, lately, it’s AI-powered­ malware that has come into the spotlight — and had its existence questioned.

AI-enabled attacks vs. AI-powered malware

AI-enabled attacks occur when a threat actor uses AI to assist in an attack. Deepfake technology, a type of AI used to create false but convincing images, audio and videos, may be used, for example, during social engineering attacks. In these situations, AI is a tool to conduct an attack, not create it.

AI-powered malware, on the other hand, is trained via machine learning to be slyer, faster and more effective than traditional malware. Unlike malware that targets a large number of people with the intention of successfully attacking a small percentage of them, AI-powered malware is trained to think for itself, update its actions based on the scenario, and specifically target its victims and their systems.

IBM researchers presented the proof-of-concept AI-powered malware DeepLocker at the 2018 Black Hat Conference to demonstrate this new breed of threat. WannaCry ransomware was hidden in a video conferencing application and remained dormant until a specific face was identified using AI facial recognition software.

Does AI-powered malware exist in the wild?

The quick answer is no. AI-powered malware has yet to be seen in the wild — but don’t rule out the possibility.

“Nobody has been hit with or successfully uncovered a truly AI-powered piece of offense,” said Justin Fier, vice president of tactical risk and response at Darktrace. “It doesn’t mean it’s not out there; we just haven’t seen it yet.”

Pieter Arntz, malware analyst at Malwarebytes, agreed AI-malware has yet to be seen. “To my knowledge, so far, AI is only used at scale in malware circles to improve the effectiveness of existing malware campaigns,” he said in an email to SearchSecurity. He predicted that cybercriminals will continue to use AI to enhance operations, such as targeted spam, deepfakes and social…

Source…

Cohesity, Palo Alto to Help AI-Powered Ransomware Detection and Recovery


Cohesity, a leader in next-gen data management, has joined forces with Palo Alto Networks to integrate its Cohesity Helios next-gen data management platform with Palo Alto Networks’ Cortex XSOAR security orchestration, automation and response (SOAR) platform for improved ransomware detection and recovery.

A key factor in defeating cyber-attacks such as ransomware is how quickly the attack can be recognised and remediation steps initiated. Thisintegration providesdetailedautomatic alerts whenthe AI-powered Helios platform detects anomalies in thebackup data that could indicate an emerging attack. 

Once alerted by Cohesity, Cortex XSOAR initiatesan automated playbook totriageand mitigate the impact of a potentialcyber-attack. Integrating anext-gen data management platform with a SOAR (Security Orchestration, Automation and Response) capability can help greatly accelerate threat detection and response and decrease an organisation’s risk exposure.

The integration of Cohesity Helios and Palo Alto Networks’ Cortex XSOAR is designed to address and help alleviate the above issues.

Cohesity offers comprehensive anti-ransomware capabilities to help safeguard backup data from cybercriminals. The Cohesity architecture helps ensure that backup data is immutable and cannot beaccidentally or maliciously overwritten. Its software, driven by AI-powered insights, continuously monitors for any anomalies in an organisation’s data. If the worst happens, Cohesity helps locate and recoveraclean copy of data to reduce downtime, minimise loss, and ensure business continuity.

Brian Spanswick, CISO, Cohesity
Any delay in ransomware response and recovery could result inextendeddowntime,data loss, and business disruption. This integrationcanhelp moreeffectively link data management and data security processes — key to staying one step ahead of ever-persistent ransomware attacksandimproving an organisation’s cyber resilience.

Matt Chase, director, Cortex Alliances at Palo Alto Networks
The integration of Cortex XSOAR with Cohesity’s next-gen data management platform is a significant advancement in helping our joint customers protect themselves from the impact of ransomware…

Source…

“China Is Watching” – With AI-Powered Satellites & Thousands Of Cameras, Can Beijing Strike Key US, UK Targets With Pinpoint Accuracy?


Last month, Fraser Sampson, Britain’s Commissioner for Biometrics and Surveillance Cameras, wrote to Cabinet Minister Michael Gove to convey his concerns about the dominance of Chinese video surveillance equipment in Britain.

He said he had “become increasingly concerned at the security risks presented by some state-controlled surveillance systems covering our public spaces.”

Two Chinese companies, Hikvision and Dahua, have grabbed a huge share of Britain’s CCTV market. While both, Hikvision, which has revenues of $9.3 billion, and Dahua, whose revenues are $3.7 billion, are private companies but they have major shareholders with ties to the Chinese Communist Party (CCP).

Also, Hikvision is known to be controlled by China Electronics Technology Group Ltd. (CETC), one of the major Chinese military-industrial groups, and is China’s largest electronics defense contractor. Under the Chinese Communist Party (CCP) regime, all military-industrial groups have to obey the orders of the regime.

Tiangong_Space_Station-China
File Image: Tiangong Space Station – China

Thousands Of Cameras In Britain

The UK-based campaign group Big Brother Watch sent 4,500 freedom of information (FoI) requests to public bodies asking whether they had Hikvision or Dahua cameras employed on their premises.

Of the 1,300 who responded, 800 confirmed that they did, including nearly three-quarters of councils, 60% of schools, half of NHS trusts and universities, and nearly a third of police forces.

Moreover, Big Brother Watch found that there are 164,000 Hikvision cameras and 14,000 Dahua cameras in public spaces apart from the government bodies.

Reports suggest that many of these cameras have advanced features such as microphones, the capacity for facial and gender recognition, and distinguishing between people of different racial groups.

hypersonic
File Image: Hypersonic Missile

Some cameras can also analyze behavior, such as detecting if a fight might be breaking out. Others can even judge moods, track via heat-sensing, and learn behavior patterns to highlight any unusual activity.

Backdoors Discovered In Chinese-Made Cameras

Serious security flaws have been detected in the past in cameras produced by both of these companies, which could…

Source…