DHS warns about 2024’s cyberthreats | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Welcome to The Cybersecurity 202! I’m obsessed with “Baldur’s Gate 3,” y’all.

Reading this online? Sign up for The Cybersecurity 202 to get scoops and sharp analysis in your inbox each morning.

Below: Israeli cyber firms developed a surveillance tool with no known defenses, and the Supreme Court is asked to pause a social media contact order. First:

It’s never too early to start thinking about next year’s cyberthreats

Cybercrime, attacks on critical infrastructure, cyberespionage, misinformation and disinformation, election interference and emerging technologies will be the biggest cyberthreats in 2024, according to a Department of Homeland Security report released Thursday.

The annual report presents a sweeping picture of all homeland threats, ranging from illegal drugs to terrorism to immigration challenges. But woven throughout are predictions about the way cyber factors into economic security, public safety and security, and critical infrastructure security.

“Sharing information with the public on the threats we face is a vital part of protecting our homeland from today’s evolving security challenges,” Homeland Security Secretary Alejandro Mayorkas said in a statement. “The annual Homeland Threat Assessment is a publicly available resource on the most pressing challenges facing the nation. By sharing our analysis of the threat landscape, we will enable our partners across state, local, tribal, and territorial government, along with the private and non-profit sectors, to make better-informed decisions that account for these security challenges.”

Let’s run down the key cyber elements of the assessment.

“Financially motivated criminal cyber actors will likely impose significant financial costs on the US economy in the coming year,” the report predicts.

Email hacking schemes are still the costliest kind of attack, but ransomware attackers have rebounded in 2023 after plateauing last year, according to DHS. That’s in part due to increased targeting of big organizations and more sophisticated techniques.

“Ransomware attackers extorted at least $449.1 million globally during the first half of 2023 and are expected to have their second most profitable year,” according to the report.

“Domestic and foreign adversaries will likely continue to target our critical infrastructure over the next year, in part because they perceive targeting these sectors would be detrimental to US industries and the American way of life,” DHS observed. “While cyber attacks seeking to compromise networks or disrupt services for geopolitical or financial purposes continue apace, we noted an uptick over the last year of physical attacks on critical infrastructure.”

Expect attacks on the U.S. stemming from its support of Ukraine in its war against Russia to continue, DHS said.

And besides ransomware’s economic impact, it has a disruptive effect on critical infrastructure such as K-12 school districts, the department noted.

Russia, China and Iran are again the top culprits for conducting cyberespionage within U.S. critical infrastructure, DHS said.

“Adversaries continue to use cyber and physical espionage tactics to access and steal sensitive information from US critical infrastructure networks,” it said. “Such information enables pre-positioning for future attacks, gaining insight into our attack response capabilities, and exfiltrating sensitive data for criminal profit or follow‑on intelligence activities.”

The defense, energy, nuclear, aviation, transportation, health care, education, media and telecommunications industries are top Russian targets, the report says. Health care and public health, financial services, the defense industrial base, government facilities and communications are top Chinese targets, the report says. (The report doesn’t mention top targets for Iran.)

Misinformation and disinformation

Russia, China and Iran are the most sophisticated practitioners of foreign influence campaigns, according to DHS. 

“Nation-state adversaries likely will continue to spread mis-, dis-, and malinformation aimed at undermining trust in government institutions, our social cohesion, and democratic processes,” DHS said of the coming year.

Since 2024 is a major election year, DHS expects the likes of China, Russia, Iran and domestic violent extremists to go on offense, DHS predicted.

“Nation-state threat actors likely will seek to use novel technologies and cyber tools to enhance their capabilities and malign influence campaigns, ultimately to undermine our confidence in a free and fair election,” DHS said. “Cyber actors likely will seek to exploit election-related networks and data, including state, local, and political parties’ networks and election officials’ personal devices and email accounts.”

Although election infrastructure has been strengthened, hackers will still be looking to exploit common attack methods, such as social engineering attacks that exploit human fallibility via spearphishing emails.

Artificial intelligence figures to enhance threats in a number of ways, the assessment states.

“The proliferation of accessible artificial intelligence (AI) tools likely will bolster our adversaries’ tactics,” it reads. “Nation-states seeking to undermine trust in our government institutions, social cohesion, and democratic processes are using AI to create more believable mis-, dis-, and malinformation campaigns, while cyber actors use AI to develop new tools and accesses that allow them to compromise more victims and enable larger-scale, faster, efficient, and more evasive cyber attacks.”

At the same time, smart city technologies present new opportunities for attack, particularly on local governments, according to DHS.

Israeli cyber firms develop ad-backed surveillance tool with no known defenses

Israeli technology firms have developed a new surveillance tool that leverages advertising placements to conduct surveillance and collect data on individuals, and such a capability currently has no known defense, Haaretz’s Omer Benjakob reports.

Benjakob writes: “The investigation, which is based on interviews with over 15 sources from Israel’s offensive cyber, security systems and defense industries, further reveals that a small group of elite companies have taken things a step further: They have created technology that use ads for offensive purposes and injecting spyware.”

  • Unlike the proliferation of service-based spyware offerings, this is the first known instance of spying capabilities that are being offered through advertising technologies, the report notes.

No defenses against the capability are known because the practice is so ingrained into what is widely considered to be a mature and established digital advertising industry backed by major tech companies. 

  • “For example, with the aid of advertising technology, it’s possible to digitally mark all the cellphones belonging to people who passed through a particular airport at a specific time. This simple advertising tool can be used, for example, to conduct contact tracing and monitor infection chains during a pandemic,” the report says. 
  • But mapping those advertising identifiers allows spies to continuously profile an individual within a target audience. The technology works by users being “bombarded with ads, and through these ads, their dispersal across the world can be tracked,” Benjakob writes.

“An advertising profile for the target audience is compiled. After that, an ad campaign tailored to the audience is created, and it is bombarded with ads, thus allowing mass geo-surveillance,” the report says. During standard ad bidding, the spyware or malware is placed into a campaign, allowing surveillance, data collection or hacking to commence. 

The ad-backed spying products, which have been offered up to law enforcement agencies, are less scrutinized as “security-related” products and therefore do not fall under standardized spyware laws, Haaretz notes.

Wisconsin GOP votes to fire elections director, who sues to keep job

Republicans in the Wisconsin Senate on Thursday voted to fire elections director Meagan Wolfe, the swing state’s top election official who had argued the lawmakers did not have the authority to oust her, our colleague Patrick Marley reports. Wolfe has sued the GOP lawmakers and has sought validation from courts to keep her position.

  • The 22-11 vote “ignited a dispute over who is in charge of overseeing elections in a state that is expected to play a critical role in next year’s presidential contest and that may have to redraw its legislative districts within months,” Patrick writes.
  • “The Republicans’ own lawyers, as well as the state’s Democratic attorney general, told the senators before the vote that they didn’t have the authority” to remove her, the report adds.

The uncertainty of not having a nonpartisan elections leader in a paramount state is worrying, experts said. “The elections commission is training clerks around the state and issuing guidance, so to have uncertainty about who the top administrator is going into this crucial election season, I think is a real problem,” said Barry Burden, a political scientist at the University of Wisconsin at Madison and director of its Elections Research Center.

Supporters of former president Donald Trump, who narrowly lost Wisconsin in the 2020 presidential election, “raised complaints about the use of ballot drop boxes, absentee voting in nursing homes and other election policies,” according to the report. They also toyed with a discredited theory about being able to revoke the state’s 10 electoral votes.

  • Trump’s claims of fraudulent election results have hit a boiling point in some parts of the country. The former president faces indictments tied to his alleged efforts to subvert the 2020 outcome that put President Biden into the Oval Office.

Wolfe said she would continue to perform her duties while her lawsuit — which was filed with the help of Wisconsin Attorney General Josh Kaul (D) — proceeds.

Biden administration asks Supreme Court to pause social media contact limits

The Biden administration on Thursday asked the Supreme Court to pause a lower court order that acutely restricts the White House and certain federal agencies from actions that “coerce or significantly encourage” social media companies to remove or suppress posts, our colleague Cat Zakrzewski reports

The high court quickly responded Thursday, granting an administrative pause on the injunction. Responses to the Biden administration’s petition are due by Sept. 20, Cat’s report adds.

  • The U.S. Court of Appeals for the 5th Circuit ruled last week that the Biden White House, top government health officials and the FBI likely violated the First Amendment by improperly influencing tech firms’ decisions on removing or suppressing posts about covid-19 and elections. 
  • In that ruling, the scope of an injunction connected to the original July 4 order was narrowed to a smaller group of federal agencies — freeing the Cybersecurity and Infrastructure Security Agency in the process — and put communication restrictions on hold for 10 days to give the Biden administration time to appeal.

Experts have suggested the case would be a strong candidate for the high court’s review.

TikTok and U.S. rekindle negotiations, boosting app’s hopes for survival (Drew Harwell)

How the State Dept discovered that Chinese hackers were reading its emails (Politico)

CISA announces free security scans for public water utilities (StateScoop)

CISA advisory panel approves proposals addressing systemic risk, corporate cyber responsibility (Inside Cybersecurity)

Senate’s Schumer says Congress may need to prioritize AI election safeguards (Reuters)

Bizarre AI-generated products are in stores. Here’s how to avoid them. (Heather Kelly)

GOP lawmakers call for heavier sanctions against China’s Huawei, SMIC (Eva Dou)

Press group warned of hackers targeting Hungarian media. They were hit next (Reuters)

A second major British police force suffers a cyberattack in less than a month (The Associated Press)

Hackers backed by Iran caught in apparent global spy campaign (The Messenger)

Caesars paid ransom after suffering cyberattack (Wall Street Journal)

Groups linked to Las Vegas cyber attacks are prolific criminal hacking gangs (CyberScoop)

  • New America holds a discussion on the future of cybersecurity at 10 a.m.

Thanks for reading. See you tomorrow.


Click Here For The Original Source.

National Cyber Security