Here are the top cybersecurity stories from the previous month, compiled in this monthly roundup.
Top news on cybersecurity: the largest-ever DDoS attack poses a threat to businesses globally; AI could raise cybersecurity concerns, according to a UK assessment; Hackers target aid organizations operating in Gaza and Israel.
The World Economic Forum will hold its Annual Meeting on Cybersecurity later this month. Leading figures in cybersecurity from industry, government, academia, and international organizations will be present at the conference.
1. The world's largest-ever DDoS attack poses a threat to businesses:
Businesses like Google and Amazon claim to have defeated the largest distributed denial of service (DDoS) assault ever, but they are cautioning internet consumers that if cybersecurity precautions are not taken, these kinds of attacks could cause significant damage.
By flooding a website with requests for data, a denial-of-service attack seeks to render it inoperable. This frequently causes internet services to go down and websites to crash.
According to Google, the attack started in August and peaked at 398 million requests per second, making it 7.5 times larger than the previous largest attack.
With over 201 million requests per second, the attack was three times larger than anything Cloudflare, a cybersecurity company, has ever encountered. The online services section of Amazon reported experiencing "a new type of DDoS event".
According to all three businesses, the attackers took use of a flaw in HTTP/2, a more recent iteration of the HTTP network protocol. In order to make themselves less susceptible to these kinds of attacks, they are now advising other businesses to upgrade their web servers.
"Any enterprise or individual that is serving an HTTP-based workload to the internet may be at risk from this attack," according to Google. "Organizations should verify that any servers they run that support HTTP/2 are not vulnerable, or apply vendor patches for CVE-2023-44487 to limit the impact from this attack vector."
2. Cybersecurity threats will increase due to AI - UK study
A recent UK government report on frontier AI states that generative AI is expected to exacerbate cybersecurity threats.
According to Safety and Security Risks of Generative Artificial Intelligence to 2025, the technology would enable "faster-paced, more effective and larger-scale cyber-intrusion via tailored phishing methods or replicating malware". However, it does not anticipate complete automation of hacking by 2025.
According to the document, digital hazards including impersonation, online fraud, and cyberattacks are the security dangers most likely to arise as a result of AI and will have a greater impact than other threats. In general, it believes that in the upcoming years, generative AI is more likely to make already-existing hazards worse than creating entirely new ones.
Nevertheless, the report also claims that generative AI would strengthen the defenses against cyberattacks.
The UK report is in line with initiatives being made by a number of international organizations to develop inclusive AI regulatory frameworks.
For example, the World Economic Forum established the AI Governance Alliance in June to offer guidelines for the responsible development, deployment, and design of AI systems. Earlier this month, the UN also established a worldwide advisory body to provide reports on the international regulation of AI.
3. News summary: This month's top cybersecurity articles
Hackers have interfered with relief organizations' work and capacity to accept donations, affecting help to Israel and Gaza. According to Reuters, these so-called "hacktivists" have also interfered with emergency alerts in the area, targeted infrastructure, and caused DDoS attacks that have damaged a big number of websites.
The CEO of the Italian defense and electronics company Leonardo believes that governments in Europe should keep critical data on government-managed cloud services instead than private sector systems. "A secure nation requires a public cloud, for data related to finances, health, and defense," Roberto Cingolani stated to the lower house of parliament in Italy.
Microsoft claims that one of the "most dangerous financial criminal groups" in the world is now the Octo Tempest cybercrime collective. Since early 2022, it has been extorting money from businesses across several sectors through its extensive "social engineering campaigns" in exchange for the release of stolen data. According to Microsoft, the gang impersonates users to fool technical administrators into changing passwords using multifactor authentication.
Splunk is a cybersecurity company, and Cisco Systems is making its largest acquisition to date. With the $28 billion acquisition, Cisco will take over a business known for its "data observability" work, which aids businesses in identifying possible cybersecurity threats.
A cybersecurity toolkit with tools specifically designed for the public health and healthcare industries has been made available by the US Department of Health and Human Services and Cybersecurity and Infrastructure Security Agency (CISA). The enormous breadth of identification and financial information that healthcare institutions have makes them "high-value yet relatively easy targets" for cybercriminals, according to the CISA.
A cyber-security researcher has brought attention to the problem by taking advantage of a security flaw on a CIA social media account. An issue with the way web links occasionally showed up on X, the former name for Twitter, made it possible for the expert to divert informants attempting to get in touch with the CIA to his own Telegram channel.
4. More about Agenda's cybersecurity
Cybercriminals nearly usually target victims abroad in order to lower the likelihood that they would be apprehended. Additionally, while extortion and fraud made possible by the internet are already terrible enough, there are an increasing number of illegal cyberattacks that have direct physical effects.
As digital technologies become more widely used in manufacturing processes, there are more opportunities for hackers to take advantage of. Through the Forum's Cyber Resilience in Manufacturing initiative, over thirty members from the manufacturing ecosystem collaborate to create shared strategies and resources aimed at enhancing the cyber resilience of the manufacturing industry. Manufacturers can strengthen their organizational cyber resilience by implementing these five guidelines.
Malicious actors might be able to defeat the security mechanisms that guard the majority of information and communication systems today thanks to quantum computing. Although the "Y2Q" issue and the "Y2K" or "millennium bug" are similar, there are some significant distinctions, including where the threat is coming from and how to address it.
People's digital footprints are growing as a result of the growth of the internet, sometimes containing information that they would prefer the internet to forget. As a result, several areas have implemented "right to be forgotten" laws, which enable individuals to request that their personal information be deleted from the internet. This is how it operates.