By: Brent Burgess 9/18/201
Around three weeks ago SecureWorks, a cybersecurity research group, discovered a massive phishing scheme that has been recently targeting many universities. This phishing attack has targeted over 76 universities in 14 countries, including Australia, Canada, China, Israel, Japan, Switzerland, Turkey, the United Kingdom, and the United States. Most of these spoof sites had domains which attempted to replicate the universities’ library pages, getting access to accounts attempting to enter their library resources, and obtaining 31 terabytes of academic knowledge. When the information was entered, they were redirected to the actual university library site where they either were signed in or asked to repeat their credentials. The 16 domains were created between May and August of this year. Many of these stolen research papers were then sold by texting an encrypted message to WhatsApp or Telegram.
These phishing attacks were found to be perpetrated by the Cobalt Dickens hacking group which has been found to be closely associated with the Iranian government. In March of this year, the United States had indicted the Mabna hacking group and nine members in connection with the group. This group’s previous attacks appeared to have the same infrastructure as the Cobalt Dickens attacks, implying some of the same members were involved. These universities which create cutting-edge research are high priority targets due to the value of their information presents as well as the difficulty of securing them. This hack has taken place shortly after the United States decided to re-establish economic sanctions with the United States implying a potential political motivation.
“This widespread spoofing of login pages to steal credentials reinforces the need for organizations to incorporate multi-factor authentication using secure protocols and implement complex password requirements on publicly accessible systems.” -SecureWorks
https://www.zdnet.com/article/iran-hackers-target-70-universities-in-14-countries/ https://www.express.co.uk/news/world/1017903/US-sanctions-Iran-hackers-nuclear-power-cybersecurity-donald-trump/ https://www.securityweek.com/iranian-hackers-target-universities-large-attack-campaign-secureworks https://www.secureworks.com/blog/back-to-school-cobalt-dickens-targets-universities
A recent paper from Oscar Chang and Hod Lipson, a grad student and a professor of Columbia University, respectively, has made significant progress in neural network development by successfully building and training a self-replicating neural network.
Self-replicating machines has been long theorized and applied in technological advancements such as polymers and robotics, and despite being widely recognized as a prime objective for the development of a true AI (self-replicating is viewed as a precursor step to reflection and adaptation), no serious progress had been made until 2017 with the development of HyperNetworks. This paper continues a series of meaningful advances in the improvement of AI.
While its yet to have been implemented or public acknowledged as having been implemented, these self-replicating neural networks have the potential to greatly improve the quality of neural networks designed for computer security. The ability to self-replicate and reflect upon the self-replication could allow for much more intelligent and much more resilient defense algorithms, as it may be capable of repairing itself if an adversary was able to alter it or lock itself from being able to alter itself upon a certain condition whilst still being capable of executing.
However, while the results of self-replicating neural networks do seem promising, information regarding their actual effectiveness is scarce. This does raise some personal questions regarding how well a self-replicating neural network could handle a “day 0” alteration through a malicious adversarial examples attack. Either way, the advancement is very promising.
Chang & Lipson Paper: https://arxiv.org/abs/1803.05859
HyperNetworks Paper: https://arxiv.org/abs/1609.09106
Security without communication is worthless. This is because if the public doesn’t understand security terms, they will be affected. This can be due to the fact that security policies use very technical terms to describe things. They were technical enough that people were either affected that they didn’t follow the terms correctly, or they didn’t care. For example, the industry doesn’t use the prefix “cyber” on its own as most people don’t interpret it as hacking. Another technical term is “black market”, which means the dark web in the general way. The new cyber security guide aims to bridge the communication gap, so anybody can understand it.
This is because in order for one to get his/her way of things, he/she must communicate it in a way that the other person thinks. For example, if one talks about his/her position to someone who isn’t in the same field they may or may not understand what the position does. Or, when you are helping someone with their homework, it is best to explain it in their way of thinking, so they can understand your message. This is because in security, if one says it the technical way and the general public doesn’t understand, people in security are wasting his/her time explaining. The solution to this problem is the “new cyber security style guide”. This means that it will use terms that the general public uses and understands so security protocols can be followed in a correct manner.
In an effort to boost it’s defenses, South Korea has enlisted 120 of it’s most talented programmers, offering full scholarships for 7 years of military service. Korea University’s national cyber-defense department will produce it’s first batch of graduates next year.
This program is just a part of a broader build-up though. South Korea is increasing the size of it’s cyber command to 1,000 people and increased information security spending by almost %50 between 2009 and 2015.
Unfortunately though, the South is racing to catch up. North Korea started training it’s hackers in the early 90’s and, according to the chief of S.K.’s defense security command, has 1,700 highly skilled and specialized hackers. He also called North Korea a ‘global cyber power.’
The South has been playing catch up for awhile actually, it wasn’t until a ‘suspected’ North Korean attack in 2009, that paralyzed a large number of government websites, that the South set up a cyber-defense command. In 2013 North Korean hackers attacked South broadcasters and banks. An estimated 32,000 computer servers were paralyzed, and the country lost an estimated 750 million dollars in economic damage.
Luckily South Korea seems to be training some excellent talent in their national cyber-defense department. This is shown by their students winning the ‘Hackers World Cup’ this year in August at Defcon in Las Vegas.
Recent attacks on Target, Home Depot, and Sony have brought up the need for precaution for attacks through technology. It first started with Target, stealing millions of credit card numbers through a malware program that was uploaded to the security system in Target. Then the same thing was done with Home Depot. Then cyber-terrorism as people call it, went to the next level with Sony. North Korea attempted to destroy the computer network, it wasn’t just to steal information. These are not the only instances in which hackers have tried to infiltrate U.S computer systems. By the likes of Russia, China, North Korea and Iran have tried to hack into U.S companies for espionage purposes or financial gain. As of right now there is no effective strategy to counter these infiltrations.
There are legislation’s taking place to address the threat that is currently endangering our country. As of right now, there is a federal civilian interface at the department of homeland security. They cover 16 different sectors and a private sector. However, this isn’t nearly enough, as the assistant director from the FBI cyber security division Joseph Demarest, told Congress “the sophisticated malware used in the Sony hack “would have slipped and gotten past 90 percent of the net defenses that are out there today in private industry and been a challenge to state governments.” Which means that our standing in Cyber security is very weak, and we are very vulnerable to cyber-terrorism.