Categories: Technology

IT experts warn: these are the biggest dangers surrounding the internet

Reputable IT security companies warn in current reports about developments that could be dangerous for all of us. An overview.
Daniel Schurter

The American IT security company Crowdstrike published its ‘Global Threat Report 2024’ on Wednesday. It’s all about the most dangerous gangs of cybercriminals and elite state hackers.

And competitor IBM X-Force also points to increasing cyber threats in its new report.

Watson summarizes the most important findings.

2024 is a party for enemies of democracy and state hackers

In 2024, people in 55 countries will participate in national government and parliamentary elections. This includes some of the most populous countries in the world, such as the US, India, Indonesia, Mexico and Bangladesh. And according to the CrowdStrike report, there are 44 democratic elections taking place.

Some of the most contentious areas:

  • Russia and Iran are likely to use cyber operations against the United States and the European Union (EU), which they view as major geopolitical adversaries.
  • China is likely to conduct anti-election operations in its perceived regional sphere of influence, such as elections in Indonesia, South Korea and Taiwan.
  • Russia will most likely behave in the same way in the elections in Belarus, Lithuania, Finland and Georgia.
  • India and Pakistan likely waged extensive campaigns against each other during their elections in April and February 2024 respectively, the report said.

Europe is target number 1 for cyber criminals

Explosive: Europe is the region in the world most affected by cyber attacks, according to the new “X-Force Threat Intelligence Index” from IBM security experts.

  • In 2023, X-Force recorded the highest number of incidents in Europe compared to previous years, with an increase of 31 percent compared to 2022.
  • Malware was the most common cause, accounting for 44 percent of European incidents. Europe also had the most recorded ransomware attacks in the world. Every fourth attack was against a European company or organization.
  • The three most important consequences for European companies, according to experts, are the interception of login data Credential harvesting (28%), blackmail (24%) and data leaks (16%).
  • This fits the so-called Stealth attacks have increased enormously in the past year. The CrowdStrike report finds a sharp increase in attempted attacks that are not automated, but rather interactively controlled by an attacker: this is because hackers are increasingly using stolen credentials to gain access to victim systems.

The misuse of generative AI is becoming increasingly clear…

CrowdStrike experts warn: Given the ease with which AI tools can generate deceptive yet persuasive narratives, enemies of democracy worldwide are likely to use such tools to achieve their goals.

Text and image generators in particular are likely to be used to create deceptively real content and distribute it via social media platforms.

Generative AI can also help plan, prepare and execute devastating hacker attacks. In 2023, CrowdStrike said it found that nation-state actors – that is, elite hackers – and hacktivists were experimenting with generative AI and attempting to abuse it.

However, it is difficult for IT security companies to prove the use of generative AI for criminal purposes. It is important to remember that the attackers act opportunistically and seek the path of least resistance. As long as enough victims can be fooled using traditional attack methods, AI tools will likely be a byproduct.

However, according to the

The threat of identity theft will only increase as attackers invest in AI to optimize their tactics.

Attackers are striking faster and faster – even in the cloud

According to the CrowdStrike report, the rate at which hacker attacks are carried out continues to increase “at an alarming rate.” The average breakout time – i.e. the time it takes attackers to get from one compromised computer to another after breaking into the network – is now just 62 minutes. Last year it was 79 minutes.

Hackers are working more and more efficiently: after successful initial access, an experienced attacker only needs a few minutes to use the first tools and figure out how to move unnoticed into someone else’s system.

As more and more companies move their operations to the cloud, hackers are increasingly focusing on similar targets: Using valid access credentials, attackers target cloud services – a challenge for defenders, who must distinguish between normal and malicious user behavior.

According to the current CrowdStrike report, cloud attacks have increased by 75 percent, with cloud-related cases increasing by 110 percent year-over-year.

Attacks on critical infrastructure reveal errors

Private companies and government organizations that ensure the functioning of our society with their products and services are among the most difficult but also most lucrative targets for attackers.

The findings of IBM X-Factor are all the more alarming: more than 80 percent of attacks on critical sectors could have been prevented with relatively simple means. And via:

  • Quickly install security updates (patches).
  • Mandatory multi-factor authentication of users
  • Limit what individual users are allowed to do in the network (“least privilege” principle).

According to the report, this shows that the standard that the security industry has always called ‘basic security’ is more difficult to achieve than claimed.

The latest findings from Switzerland fit in with this…

PS: How safe is Switzerland?

The Swiss internet landscape has major security gaps. A security scan by Dreamlab Technologies found more than 2.5 million potential vulnerabilities in IT infrastructure connected to the public internet. The research was presented on Tuesday on the occasion of the Swiss Cyber ​​Security Days. The company Dreamlab Technologies used the CyObs software solution to scan the ‘external attack surface’ and inventory all IT infrastructures connected to the Internet.

About a million of these potential vulnerabilities were classified as critical or high. “These are vulnerabilities that have been documented and are known to hackers,” said Marc Peter, professor at the University of Applied Sciences Northwestern Switzerland (FHNW) and CEO of Dreamlab Technologies.

These are security holes in software that have already been discovered, reported and recorded in a database. “Even the federal government is affected,” says Peter. In the current study, the experts found several gaps in ‘admin.ch’ pages. According to the IT expert, most security holes in the Swiss federal government’s internet infrastructure can be traced back to outdated versions of software products.

These security gaps can be exploited by cybercriminals, for example to blackmail people or companies, steal industrial secrets or publish fake news, Peter explains.

“It’s like going on holiday as a private individual without closing the windows of your apartment.”

Politicians as well as private individuals and companies must address these safety problems.

Sources

With material from the Keystone-SDA news agency

  • crowdstrike.com: CrowdStrike Global Threat Report 2024
  • securityintelligence.com: X-Force Threat Intelligence Index 2024 reveals stolen credentials pose the biggest risk, with AI attacks on the horizon

Daniel Schurter

Source: Watson

Share
Published by
Ella

Recent Posts

Terror suspect Chechen ‘hanged himself’ in Russian custody Egyptian President al-Sisi has been sworn in for a third term

On the same day of the terrorist attack on the Krokus City Hall in Moscow,…

1 year ago

Locals demand tourist tax for Tenerife: “Like a cancer consuming the island”

class="sc-cffd1e67-0 iQNQmc">1/4Residents of Tenerife have had enough of noisy and dirty tourists.It's too loud, the…

1 year ago

Agreement reached: this is how much Tuchel will receive for his departure from Bayern

class="sc-cffd1e67-0 iQNQmc">1/7Packing his things in Munich in the summer: Thomas Tuchel.After just over a year,…

1 year ago

Worst earthquake in 25 years in Taiwan +++ Number of deaths increased Is Russia running out of tanks? Now ‘Chinese coffins’ are used

At least seven people have been killed and 57 injured in severe earthquakes in the…

1 year ago

Now the moon should also have its own time (and its own clocks). These 11 photos and videos show just how intense the Taiwan earthquake was

The American space agency NASA would establish a uniform lunar time on behalf of the…

1 year ago

This is how the Swiss experienced the earthquake in Taiwan: “I saw a crack in the wall”

class="sc-cffd1e67-0 iQNQmc">1/8Bode Obwegeser was surprised by the earthquake while he was sleeping. “It was a…

1 year ago