The rise of GoldFactory: Addressing mobile threats with C8 Secure’s Mobile Protect

Craig Lusher, Product Principal [Secure Solutions], discusses the recently uncovered iOS Trojan designed to steal users’ facial recognition data, identify documents, and intercept SMS.

In an era where digital threats are increasingly sophisticated, the discovery of the GoldFactory iOS Trojan, as reported by Group-IB, underscores a critical challenge for businesses and individuals alike. This advanced iOS Trojan, designed to infiltrate iPhones through malicious applications, represents a significant escalation in the cyber threat landscape, particularly for users who assume iOS devices are immune to such risks.

The Trojan, named GoldFactory, exploits a method that bypasses Apple’s stringent app review process, enabling cybercriminals to distribute their malicious software via seemingly benign applications. Once installed, GoldFactory can execute a range of malicious activities, from stealing sensitive facial biometric information to executing phishing attacks, posing a substantial risk to data security and privacy.

C8 Secure’s response with Mobile Protect

In response to evolving mobile threats like GoldFactory, C8 Secure’s Mobile Protect service stands as a defence against mobile cyber threats. Our solution is designed to safeguard iOS and Android devices against a wide spectrum of cyber attacks, including sophisticated Trojans, malware, and phishing schemes.

Mobile Protect leverages cutting-edge technology to provide real-time threat detection and response, ensuring that even the most advanced Trojans, such as GoldFactory, are identified and neutralised before they can inflict harm. The service employs a multi-layered security approach, combining endpoint protection with continuous monitoring and threat intelligence, to offer comprehensive protection for mobile devices.

Addressing Business Challenges

The advent of Trojans like GoldFactory presents significant business challenges, from the risk of data breaches and financial loss to reputational damage. C8 Secure’s Mobile Protect service directly addresses these challenges by:

1. Ensuring data privacy and security: Mobile Protect guards sensitive data against unauthorised access and theft, crucial for maintaining customer trust and complying with data protection regulations.
2. Enhancing operational resilience: By safeguarding mobile devices against cyber threats, businesses can ensure uninterrupted operations, protecting against the downtime and financial losses associated with cyber attacks.
3. Supporting compliance efforts: Mobile Protect aids businesses in meeting compliance requirements, like GDPR, offering peace of mind in an increasingly regulated digital environment.

The detection of the GoldFactory iOS Trojan serves as a stark reminder of the evolving cyber threat landscape and the need for robust security measures. C8 Secure, through its Mobile Protect service, offers an effective solution to these challenges, providing businesses and their mobile users with the highest level of protection against mobile cyber threats.

As cybercriminals continue to innovate, the importance of proactive and comprehensive security measures cannot be overstated. With Mobile Protect, C8 Secure reaffirms its commitment to securing the digital frontier, ensuring that businesses can operate with confidence in a connected world.

RECENT POSTS

The year 2023 marked a significant evolution in the cybersecurity landscape as it adapted to an array of emerging digital threats.

READ MORE

Let’s Get Started

Navigating the 2024 cybersecurity frontier: Key trends to watch

As we enter the new year, the cybersecurity landscape is facing pivotal transformations. For example, the increasing frequency and complexity of cyber threats, like phishing with deepfakes, are pushing the boundaries of traditional security frameworks. Grasping these emerging threats is crucial for organizations in this changing digital world.

The critical nature of the changing cybersecurity landscape is highlighted by the expected economic repercussions of these threats. To put it into perspective, by the end of 2025, cyber attacks are expected to cost the global economy a staggering $10.5 trillion. A massive number – if cybercrime were a country, it would be the third-largest economy in the world, right after the U.S. and China.

For companies operating predominantly online, in industries such as in banking or gambling, this escalating cybersecurity battle is particularly critical. These companies handle sensitive user information and large financial transactions daily, making them attractive targets for cybercriminals.

That is why employing robust cybersecurity measures is a must, maintaining the trust and safety of their users, and of course their business’s credibility and success.

Looking ahead to 2024, we’re gearing up for new challenges and we must stay one step ahead of the game. Here are our predictions for key cybersecurity trends in 2024.

Cloud Service Attacks

One of the big areas for concern for the coming year is attacks on cloud services. The shift to cloud computing has provided businesses with faster operations and cost savings. In fact, management consulting company Gartner predicts a 20.7% increase in cloud service spending in 2024, reaching around $600 billion.

But with great power comes great responsibility, and the cloud is no exception. We’re talking about risks like less control over your data, disorganized cloud storage settings, weak cloud apps, data that doesn’t quite delete completely, and all those tricky compliance and migration issues. It’s a whole new battlefield, and businesses will have their work cut out for them, making sure their data stays safe from these cloud threats.

Key practices to protect cloud infrastructure against evolving security challenges include implementing granular identity and access management (IAM) based on a policy-driven, role-based approach with a zero-trust model.

It’s also vital to establish regular security audits and robust data backup and recovery plans, ensuring organizational resilience against data breaches. Meanwhile, proactive system monitoring through tools like vulnerability scanners and real-time security event monitoring through a 24/7 SOC is essential for early threat detection and response. Above all else, securing data through encryption and deploying web application firewalls are critical for protecting sensitive information and cloud-based applications.

AI and ML Integration

Artificial Intelligence (AI) and Machine Learning (ML) technologies are transforming cybersecurity. They empower systems to process large data volumes, spot patterns, and quickly detect anomalies, transforming threat detection and prevention.

For online gambling companies, this advancement is key. Leveraging AI and ML, they’re enhancing their cybersecurity to tackle rising threats. For example, this approach can detect anomalies in network traffic and user behaviors to provide instant threat identification, helping to ensure the safety of players and transactions.

It’s also pivotal in large-scale fraud prevention and anti-money laundering by scrutinizing extensive data to pinpoint suspicious activities, thereby preserving the company’s integrity and customer trust. Plus, robust cybersecurity in industries such as online gambling is often vital for meeting regulatory demands, maintaining player and regulatory body trust, and reducing legal and financial risks.

Quantum Computing Cybersecurity

Quantum computing is deconstructing how we deal with data and solve tricky problems. Unlike regular computers that work with bits as 0s or 1s, quantum computers use qubits. These qubits, thanks to quantum superposition, can be in several states at once. This lets quantum computers tackle massive data sets and complex problems much faster than traditional computers.

Quantum computing’s growth brings both pros and cons for cybersecurity. Its incredible speed could boost cybersecurity, making encryption stronger and threat detection smarter. It’s also great for handling secure data on a large scale.

But there’s a flip side. Quantum computing could crack current encryption methods like RSA and ECC in no time, putting many security systems at risk. This makes developing quantum-resistant encryption, or post-quantum cryptography, a very important initiative moving forward.

As 2024 unfolds, the cybersecurity world must adapt quickly to leverage quantum computing’s benefits while guarding against its threats. This means updating encryption methods and prepping systems to stand up to quantum technology’s advanced powers.

Cybersecurity Education

As we enter 2024 with rapid technology advancements, the cybersecurity sector is still wrestling with a big challenge: the skills gap. With cyber threats getting trickier, there is huge demand for skilled cybersecurity professionals. This gap is a risk not just to individual companies but to our global cyber-infrastructure as a whole.

To tackle this, there are some initiatives underway. Educational institutions are beefing up their cybersecurity courses, offering degrees and certs that arm students with the latest in cyber defence smarts. These programs are big on practical, hands-on learning, getting students ready for the real deal in cybersecurity.

Also, ongoing learning and professional development are key in a cybersecurity career. There are loads of training programs, workshops, and seminars offered by organizations and industry groups to keep current pros up to speed on the newest cybersecurity trends, tools, and tricks. These programs often focus on specific areas like network security or incident response.

Moreover, we’re seeing more teamwork between the public and private sectors in cybersecurity education. Businesses are teaming up with schools to create training programs that match the industry’s needs. This is great for students, who get spot-on skills for today’s market, and for the industry, which gets a workforce ready to tackle today’s and tomorrow’s cyber challenges.

Blockchain Adaptation

Blockchain technology is gaining traction as a powerful tool for boosting cybersecurity. Known for its decentralized nature, blockchain brings key security features like immutability, transparency, and tamper resistance to the table. These qualities are ideal for securing digital transactions and shielding data from cyber threats.

A major way blockchain is bolstering cybersecurity is by preventing data tampering. Once data is on a blockchain, changing it without network consensus is nearly impossible, thwarting hackers’ attempts to tamper with it. This is especially crucial for protecting sensitive information like personal IDs, financial records, and critical infrastructure data.

Additionally, blockchain is reshaping identity management systems, offering more secure and decentralized options. Storing identity data on a blockchain allows for tighter control over data access, lowering identity theft and fraud risks.

We expect blockchain to play a bigger role in safeguarding Internet of Things (IoT) devices in the coming year. Integrating blockchain enables each IoT device to become a secure, independent node, boosting the network’s resilience against attacks that exploit centralized weaknesses. Moreover, blockchain-based smart contracts are poised for increased adoption in securing digital agreements. These automated contracts promise enhanced security for online transactions, ensuring adherence to terms and reducing breach risks.

For the online gambling industry, blockchain-based cybersecurity presents a significant advantage. By integrating blockchain, online gambling companies can ensure the integrity and transparency of gaming outcomes, financial transactions, and player data. This also fortifies their platforms against cyber attacks and enhances trust among users by providing a verifiable and tamper-proof record of all transactions.

C8 Secure’s comprehensive, proactive cybersecurity approach

At C8 Secure, our comprehensive cybersecurity services are designed to address these evolving challenges. We provide innovative solutions that integrate the latest technology advancements to ensure your business stays secure against constantly evolving cyber threats.

With our proactive, layered security approach to cybersecurity, including continuous threat monitoring and comprehensive prevention technologies, we help safeguard your critical data and maintain your customers’ trust. Whether it’s combating sophisticated DDoS attacks, managing cloud security, or staying compliant with the latest regulations, our team’s expertise is your frontline defense ally in this ongoing cyber war.

RECENT POSTS

The year 2023 marked a significant evolution in the cybersecurity landscape as it adapted to an array of emerging digital threats.

READ MORE

Let’s Get Started

GambleForce: A new cyberthreat in online gambling

Craig Lusher, Product Principal [Secure Solutions]

As identified by Group-IB’s Threat Intelligence unit, the recent discovery of GambleForce, a cybercriminal group targeting gambling websites globally, has underscored the urgent need to bolster cyber defenses, especially across Asia. Unlike their Western counterparts, many Asian companies operate with differing business attitudes and cybersecurity practices that render them more vulnerable to attacks.

Rapid expansion and innovation are often prioritized over cybersecurity by Asian corporations. Also, the range of regulatory standards in Asian countries can result in inconsistent cyber readiness. According to a 2023 IBM report, APAC was the most attacked region in 2022, with 31% of attacks globally. A 2023 Check Point report indicates that the weekly average number of attacks in APAC in Q2 2023 increased by 22% year-on-year.

GambleForce employs common yet dangerous techniques, namely SQL injection – injecting malicious SQL code into public web pages – exploiting vulnerabilities in content management systems. While simple, these methods let them bypass authentication and access sensitive data.

Between September and December 2023, it is understood that GambleForce targeted 24 companies across 8 Asian countries, stealing user credentials and database contents. This demonstrates why strong web security is non-negotiable today. SQL injection and related injection attacks have remained highly popular vectors because they take advantage of insecure coding, misconfigurations, and outdated platforms. According to the 2022 Web application vulnerabilities report by Statista, SQL injection attacks constitute approximately 33% of all web application attacks. This statistic highlights the prevalence of such attacks and the necessity for robust defence mechanisms like those provided by C8 Secure.

C8 Secure’s WAAP (Web Application & API Protection) is a specialized web application firewall (WAF) designed specifically for the gambling sector’s regulatory and threat context. It actively blocks attacks like SQL injection by analyzing web traffic for anomalies indicating malicious behavior. Technically, WAAP works by only allowing pre-defined, legitimately formed and permitted code to run. It analyses all input/output data and database queries to detect and block anomalous activity indicating an attack. For example, WAAP would prevent the GambleForce group’s SQL injection attempts by identifying the malicious inputs and stopping them from reaching the database layer.

In addition to WAAP, C8 Secure offers a full suite of managed security services tailored to the online gambling industry’s regulatory and threat landscape:

• MSOC & SIEM: Managed SIEM and 24/7 security monitoring provide early attack detection and rapid response by our cybersecurity experts.
• EDR/ MDR: Managed Endpoint detection and response catches compromises on end-user devices, preventing threats from spreading laterally.
• VAPT: Regular vulnerability scans and penetration testing proactively uncover configuration issues or software flaws before attackers can exploit them.
• IDPS: Intrusion Detection and Prevention Systems block known malware, suspicious network activity, and other threats at the network perimeter.

These capabilities work together to lock down security posture, maintain compliance, provide awareness and empower rapid response – giving operators the protection they need against threat groups like GambleForce.

For more information on how we can protect your online gambling platform from sophisticated threats like GambleForce, contact info@c8secure.com

RECENT POSTS

ChattyGoblin: A new threat to iGaming and how C8 Secure can help

19 Jul, 2023

The iGaming industry is under a new threat. A malicious campaign, dubbed “ChattyGoblin,” has been targeting Southeast Asian gambling operations since October 2021.

READ MORE

Let’s Get Started

A year in review: Cybersecurity trends and challenges in 2023

The year 2023 marked a significant evolution in the cybersecurity landscape as it adapted to an array of emerging digital threats. The rise in cybercrime, data breaches, and hacking incidents has had a substantial impact on both individuals and businesses worldwide.

Reports indicate a stark 125% increase in global cyber attacks since 2021, a trend that persisted into 2022 and underscored the pressing demand for enhanced cybersecurity defenses. On average, it takes security professionals approximately 277 days to identify and neutralize a cyber attack, highlighting the complex nature of managing and mitigating these digital threats effectively.

As for the cybersecurity challenges this year, they have primarily arisen due to several key factors:

• Geopolitical events

Geopolitical occurrences have had a profound impact on the cyber threat landscape. Notably, Russia’s invasion of Ukraine has resulted in significant repercussions, leading to an eightfold increase in Russian-based phishing attacks targeting the email addresses of European and U.S.-based businesses. During the first quarter of 2022, there was an 11% increase in breaches affecting approximately 3.6 million Russian internet users.

• Influence of Artificial Intelligence (AI)

Regenerative AI is leveraged to create more sophisticated cyber threats in 2023, including deep fake phishing scams. This is compounded by a reported shortage of skilled cybersecurity professionals worldwide.

AI adoption in the cybersecurity market is growing at a Compound Annual Growth Rate (CAGR) of 23.6%. By 2027, it is expected to reach a market value of $46.3 billion. However, smaller businesses, organizations, and particularly healthcare institutions that can’t afford substantial investments in cutting-edge cybersecurity technologies like AI find themselves at heightened risk.

• Extortion via ransomware attacks

Extortion through ransomware attacks remains a persistent and evolving threat. Attackers frequently demand cryptocurrency payments, which makes it hard for law enforcement to trace the money.

These attacks not only disrupt businesses but also result in significant financial losses and potential damage to an organization’s reputation.

• The proliferation of the Internet of Things (IoT)

The proliferation of the Internet of Things (IoT) has also created numerous new targets for malicious actors to exploit. This presents an urgent need for both industry and government sectors to comprehend the implications of emerging cyber threat tools, including AI and machine learning, and to fortify defenses against potential attacks.

Cybercrime trends 2023

The Cybercrime Trends report for this year provides a clear look at today’s cybersecurity situation. Staying informed about the latest trends in cybercrime is important for individuals and businesses alike seeking to safeguard their digital assets and privacy.

Here are some of the key trends and developments in the world of cybercrime for 2023:

1. Escalating cybersecurity costs

With increasingly sophisticated attack methods, organizations and businesses worldwide are compelled to invest in advanced security measures, update training, and hire dedicated cybersecurity personnel.

Breaches can incur costs that spiral into millions when rectifying the breach and recovering from downtime. The 2022 average breach cost was $4.35 million, and it’s projected to reach $10.5 trillion in global economic impact by 2025.

IBM’s 2023 report reveals the U.S. data breach average cost at $9.48 million, up slightly from 2022. Globally, data breach costs averaged $4.45 million, marking a 2.4% increase. Smaller businesses face significant cost hikes, with estimated increases of 21.4% for organizations with 500-1,000 employees and 13.4% for companies with fewer than 500 employees.

2. Phishing: The most prevalent form of cybercrime

Phishing remains the top choice for hackers, involving the extraction of valuable data and malware propagation. Recent statistics show that more than half (53.2%) of criminal online activities are linked to this cybercrime.

Every day, around 3.4 billion spam emails are sent. Advancements in technology have made phishing more accessible and effective, often coupled with ransomware attacks. Although phishing through email has been a constant threat since the early days of the internet, hackers have developed specialized versions of phishing tailored to various communication channels.

For example, spear phishing targets specific groups or roles within a company, using more sophisticated language and terminology to deceive potential victims. On the other hand, whaling focuses on high-level executives, such as the C-suite.

During the initial quarter of 2023, nearly 60% of emails reported by employees were aimed at stealing login credentials. This resulted in downtime, disruptions to business operations, and the loss of sensitive data, which were widespread repercussions of cyber assaults for the majority of businesses.

3. Ransomware surge

Chainalysis has reported a significant increase in ransomware-related cryptocurrency crimes, resulting in earnings of $450 million in the first half of 2023. On a global scale, 64% of organizations targeted by ransomware have chosen to pay the ransom. If this trend continues, attackers could extort nearly $900 million in 2023, surpassing 2022’s figures.

However, Lindy Cameron, the head of the UK NCSC (National Cyber Security Centre), and John Edwards, the Information Commissioner, discourage paying ransoms because it does not guarantee a positive outcome. Victims might not regain access to their data or computer systems, and the threat of lingering infections remains. Paying ransoms may make companies more vulnerable to future attacks.

4. Widespread cyber incidents and breaches

This year, Deloitte conducted a Global Cybersecurity Outlook Survey that takes into account both reported and potential undisclosed occurrences. The survey reveals a significant uptick in the number of organizations grappling with cyber incidents and breaches, marking a 3% escalation when contrasted with the figures from 2021.

5. Global cybercrime victimization

The Annual Cybersecurity Attitudes and Behaviours Report 2023 reveals that one in three Americans has fallen victim to cybercrimes. There is a 7% global increase in the perception of being potential cybercrime victims compared to 2022.

The survey further reveals that 50% of respondents from the surveyed nations perceive themselves as potential targets for cybercriminals. This underscores the imperative need for sustained efforts to fortify cybersecurity measures.

6. Concern over data compromise

This year, American adults have voiced heightened concerns about the possibility of their data being compromised and stolen from the companies they frequently engage with. The percentage of those expressing ‘very concerned’ sentiments has risen to 41% at present, up from an average of 36% in the final quarter of 2022.

Currently, nine out of ten Americans indicate at least ‘some level of concern’ regarding the security of their personal data from potential hacking.

Strategic cybersecurity measures for businesses

With the growing risks associated with interconnected devices, Forbes reports that businesses in these sectors need to adopt strong cybersecurity measures, including incident response plans, risk assessments, and regular security audits.

Advanced cybersecurity tools and techniques like machine learning and AI have been implemented to enhance threat detection and response. Services like C8 Secure, for instance, have embraced AI-driven anomaly detection and security analytics within their SIEM, MDR and Cloud WAAP solutions.

Here’s how these technologies help:

1. Assessing cybersecurity risks

This involves analyzing and evaluating cybersecurity risks associated with vital infrastructures like power grids or water treatment facilities. C8 Secure’s advanced systems can swiftly pinpoint unusual network or website activities that might signify a cyber attack. By doing this, organizations can focus their security efforts and resources where they matter most.

2. Analyzing threat intelligence

By studying data on potential threats, companies can detect patterns and trends that may indicate an imminent cyber attack. This helps organizations prioritize security actions and prepare their defenses before an attack occurs.

C8 Secure’s MDR (Managed Endpoint Protection and Response) Solution, powered by advanced behavioral anomaly detection capabilities aligned to the MITRE ATT&CK framework.  This next generation of endpoint security is supported by artificial intelligence and SOAR technologies designed to detect and prevent malware attacks targeting desktops, laptops and servers. Through the analysis of device behavior patterns in real time, the solution can swiftly identify potential threats and take preventive actions.

3. Detecting anomalies

Machine learning and AI can be used to spot unusual activity that may signal a cyber attack by recognizing normal system behaviors. This predictive approach combines data from various sources like networks, application logs, and threat feeds to foresee potential cyber threats.

4. Automating incident response

In today’s continually evolving digital environment, the importance of security process automation allows companies to swiftly respond to specific types of cyberattacks, such as malware infections, ransomware or DDoS attacks. This quick response helps contain and prevent the spread of attacks to other systems.

Learn more about C8 Secure here

RECENT POSTS

ChattyGoblin: A new threat to iGaming and how C8 Secure can help

19 Jul, 2023

The iGaming industry is under a new threat. A malicious campaign, dubbed “ChattyGoblin,” has been targeting Southeast Asian gambling operations since October 2021.

READ MORE

Let’s Get Started

Spotting and understanding digital impersonation through deepfakes

October is Cybersecurity Awareness Month. This year marks 20 years of the event, created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online.

This educational article has been created to support you in spotting and understanding deepfakes.

Ever stumbled upon the term “digital impersonation?” It’s an expansive field, encompassing everything from deceptive social media profiles to manipulated videos.

Among these, deepfakes stand out as a particularly alarming player in internet risks. Not just for harmless pranks, deepfakes can be weaponized in scams, identity theft, and even international espionage.

That’s why learning to identify a deepfake transcends being a mere intriguing skill set. It emerges as an essential layer of self-defense for any individual exploring the intricate and often deceptive terrain of today’s internet.

What are deepfakes?

Simply put, deepfakes are synthetic or fabricated media created using machine learning algorithms. These algorithms are designed to produce hyper-realistic representations of real people saying or doing things they never actually said or did. By doing so, deepfakes can trick viewers, listeners, and even experts, thereby creating a distortion of reality.

The science behind deepfakes leverages neural networks, an offshoot of artificial intelligence. These algorithms can mimic anyone with enough data, such as photos, voice recordings, or videos. While there’s an undeniable “wow” factor to this, the technology also harbors the potential for misuse, notably in spreading misinformation or sowing discord.

How are they made?

In the realm of entertainment, deepfakes can replace actors in scenes or even revive deceased celebrities. Special effects teams utilize machine learning models to achieve these results.

However, deepfakes have a darker side. Imagine a manipulated video where a political leader seemingly declares war. Such deepfakes are typically created by collecting numerous images and audio clips and then using deep learning algorithms to synthesize them into a new, false context.

Creating a deepfake involves using two neural networks—generative and discriminative. The generative network produces the fake media, while the discriminative network evaluates its authenticity. They work together, essentially “teaching” each other until the generative network can produce a convincing deepfake.

Illicit examples of deepfakes

Can deepfakes cause a problem? The short answer is yes. They have the potential for far-reaching, damaging consequences.

Imagine a deepfake video portraying you committing a crime you never committed. The video goes viral before you even have a chance to defend yourself. Your reputation, painstakingly built over years, could be destroyed in mere minutes. Now extend that risk to everyone you know – family, friends, colleagues – the potential for personal life disruption is vast and scary.

Deepfakes don’t just stop at causing personal turmoil. They have the potency to wreak havoc on an entire nation’s political landscape. Imagine manipulated videos of politicians making false promises or engaging in scandalous behavior circulated widely right before an election.

This is no longer about mere mudslinging. It’s an advanced form of electoral manipulation that can misinform voters and significantly skew public sentiment. False narratives could be propagated at unprecedented scales, leading to electoral misconduct and even political instability.

In a business context, deepfakes also pose an alarming risk. Consider a fabricated video where a CEO falsely announces a corporate merger or a significant financial downturn that isn’t real. The video goes public, and before fact-checkers can catch up, the company’s stock takes a nosedive. Investors panic, pull out their funds, and the entire market fluctuates based on a lie. Not only does the targeted corporation suffer, but the ripple effect could lead to sector-wide downturns and even impact national economies.

What is the solution?

Deepfakes have moved from being a fascinating display of technology to a pressing concern that threatens our personal, political, and economic security. As these digitally manipulated videos become increasingly realistic and accessible, how do we counteract the potentially catastrophic impact of deepfakes? It requires a multi-layered approach that involves legal action, technological innovation, and collective vigilance.

Regulatory frameworks

The first line of defense against the deepfake epidemic starts in the courtroom. Laws must evolve to meet the complex challenges posed by deepfakes. Legal systems worldwide need to incorporate comprehensive penalties for the malicious creation and distribution of deepfakes.

Legislation should focus not only on the culprits behind these creations but also penalize platforms that willingly or negligently allow the distribution of such content. These laws would serve as a deterrent, signaling a zero-tolerance stance on using deceptive media to harm individuals or disrupt societal structures.

Public awareness campaigns

While laws can control the after-effects, prevention starts with education. Widespread public awareness campaigns are crucial to inform people about the existence of deepfakes and the risks associated with them. Schools, universities, and public institutions should offer seminars, workshops, and courses on digital literacy that cover the recognition of deepfakes.

Public service announcements can be aired on television and social media platforms to reach a broader audience. The ultimate goal is to arm the public with the knowledge to discern real content from manipulated media.

Advanced detection algorithms

In the ongoing battle against deepfakes, technology fights fire with fire, making it imperative for detection methods to advance at a similar pace. Several companies are developing advanced software solutions that use artificial intelligence (AI) and machine learning to detect deepfakes. These algorithms scrutinize various aspects of a media file, such as inconsistencies in lighting, facial movements, and audio, to determine its authenticity.

While not foolproof, these technologies are continually evolving to improve accuracy. Incorporating such algorithms into social media platforms and news websites can serve as an additional layer of protection against the dissemination of false information.

Community vigilance

No solution is entirely effective without community involvement. Crowdsourced reporting platforms can play a pivotal role in identifying and removing deepfakes, especially on social media. These platforms allow users to flag suspicious content for review.

With millions of eyes scrutinizing content, the chances of a deepfake going unnoticed decrease dramatically. Community vigilance complements technological solutions, adding a human element to detection efforts.

Key indicators for spotting deepfakes

As deepfakes blur the line between reality and digital fabrication, the need for discerning the genuine from the manipulated becomes increasingly urgent. Fortunately, these digital deceptions often leave behind subtle clues, such as:

• Audiovisual mismatch: Deepfakes often display incongruities between audio and visuals. A careful viewer might spot lip-syncing errors or awkward facial expressions that don’t match the tone of speech.
• Blinking anomalies: One tell-tale sign is unnatural blinking. Human blinking is subtle yet consistent, something deepfakes often fail to replicate.
• Inconsistencies in lighting and shadows: Deepfakes frequently exhibit errors in lighting and shadows, providing clues to their artificial nature.
• Pixelation and image distortions: Look for sudden blurs, pixelation, or strange distortions around facial features. These are often clues that you’re viewing a deepfake.
• Audio glitches: Static noise or unnatural modulation in voice can also indicate a deepfake.
• Metadata analysis: Although easily modified or omitted, examining the file’s metadata can offer insights into whether the file has undergone deepfake manipulations.

Expert tools for Deepfake detection

There are specialized software tools for those who want to rely on something other than human analysis. These solutions use AI algorithms to identify inconsistencies in framerate, audio, and even the direction of light and shadows.

Platforms like Deepware Scanner offer free, open-source tools for deepfake detection. These programs analyze videos frame-by-frame to ascertain their legitimacy.

There are also commercial solutions for corporate or governmental use. Businesses and governments can work with cybersecurity firms to analyze and get a detailed breakdown of potential manipulation techniques in the media file.

Conclusion

In an age where digital technologies are both awe-inspiring and potentially perilous, the rise of deepfakes underscores the importance of vigilance, education, and innovative solutions. As these sophisticated fabrications continue to challenge our perception of reality, individuals, communities, and industries must collaborate to ensure the digital realm remains trustworthy. Arm yourself with knowledge, stay updated on the latest detection methods, and remember that a discerning eye is one of the most valuable tools. Embrace the advancements, but always proceed with informed caution.

RECENT POSTS

ChattyGoblin: A new threat to iGaming and how C8 Secure can help

19 Jul, 2023

The iGaming industry is under a new threat. A malicious campaign, dubbed “ChattyGoblin,” has been targeting Southeast Asian gambling operations since October 2021.

READ MORE

Let’s Get Started

Rise of AI/ML-driven cyber attacks: New era of cybercrime

Patrick Gardner, Managing Partner at C8 Secure, a Continent 8 company

The rise of AI/ML-driven cyber attacks is changing the face of cybersecurity, posing new challenges for governments, companies and users.

Cyber attacks have evolved and become more sophisticated over time. At first, they focused on exploiting software and network vulnerabilities for unauthorized access or causing disruptions.

One notable example is the Morris worm, created in 1989 by Robert Morris, which was the first-ever denial-of-service (DoS) attack. While its purpose was to gauge the size of the internet, it significantly slowed down every computer it infected and caused some to crash.

This incident led to the creation of Computer Emergency Response Teams or CERTs to respond to future cyber emergencies. The Morris worm also resulted in the first conviction under the Computer Fraud and Abuse Act 1986.

The 90s saw a significant rise in communication technologies, especially the internet. However, these technologies’ lack of trust and safety controls has made them vulnerable to cyber attacks. At that time, cybercrime expanded rapidly. Attackers also developed more complex forms of viruses, and the Internet became saturated with them, as well unwanted ads and pop-ups. This, in turn, led to the development of more sophisticated antivirus software.

The new millennium witnessed more sophisticated cyber attacks, including advanced persistent threat actors (APTs) sponsored by nation-states. It caused significant damage to critical sectors of the global digital economy.

Cybersecurity has become a concern for government agencies and large corporations. There were notable cyber crimes such as the DDoS attacks by “Mafiaboy” on major commercial websites in 2000 and the data leak of 1.4 million HSBC Bank MasterCard users in 2005.

In the present, the rise of AI has influenced the evolution of cyber attacks. While AI and machine learning (ML) have revolutionized cybersecurity by providing advanced tools and techniques for threat detection and prevention, cybercriminals also leverage these technologies to launch sophisticated attacks. According to NATO, this makes AI a “huge challenge” and a “double-edged sword” for the cybersecurity industry.

Cybercriminals can exploit AI to identify weaknesses in software and security systems, generate phishing emails, design changing malware and observe user behavior undetected.

AI-powered cyber attacks

AI cyber-attacks involve cybercriminals using AI algorithms, models or tools to carry out complex and hard-to-detect cyber attacks. These attacks can be categorized into phases, including access and penetration, exploitation, command and control, surveillance and delivery, all of which may involve AI-driven techniques.

Since the beginning of the Covid-19 pandemic, cybersecurity firms have noticed a substantial surge in cybercrime specifically in the gaming and gambling industries. With the prevalence of AI technologies, it is possible that cybercriminals are using or will use AI-powered phishing attacks to trick players into sharing their login credentials, personal information or financial details.

Malicious actors also can develop AI-powered cheat programs or hacking tools that give players unfair game advantages, bypass security measures, manipulate in-game mechanics or exploit vulnerabilities.

This industry is not the only target of cyber attacks. In April 2018, hackers orchestrated a cyber attack on an online marketplace for freelance labor TaskRabbit, using an AI-controlled botnet. The attack targeted the website’s servers and involved a distributed DDoS technique.

The personal information of approximately 3.75 million users, including their Social Security numbers and bank account details, was compromised. The severity of the attack led to the temporary shutdown of the website until security measures could be reinstated. During this period, the breach affected an additional 141 million users.

In 2019, the popular social media platform Instagram experienced two cyber attacks. In August, numerous users discovered that their account details had been altered by hackers, denying them access to their profiles. Then, in November, a flaw in Instagram’s code resulted in a data breach. It exposed users’ passwords in the URL of their web browsers.

While Instagram has not provided extensive information regarding the hacks, there have been speculations that hackers might be utilizing AI systems to analyze Instagram user data for potential weaknesses.

Cybercriminals also have been utilizing AI voice technology to create fake audio clips that mimic a person’s voice, leading to identity theft, fraudulent phone calls and phishing emails. In March 2019, an unnamed CEO became the first reported victim of this fraud when he was scammed out of €220,000 by an AI-powered deepfake of his boss’s voice.

The Economic Times recently reported that a work-from-home scam targeted people with false job opportunities. Using AI, the scammers contact victims through missed calls on platforms like WhatsApp and pose as HR personnel from reputable Indian companies. They offer easy tasks and attractive earnings, requiring victims to click on YouTube video links, like the videos and send screenshots.

Initially, victims receive a small reward to build trust. Eventually, the scammers would then convince them to deposit larger sums with promises of higher returns and ultimately scam them out of their money.

Role of regulations in mitigating AI and ML cyber threats

Regulations play a crucial role in mitigating AI and ML cyber threats, especially in light of the increasing use of AI in cyber attacks. They set rules and standards for users, organizations and AI systems. They create boundaries that define what is legally and ethically acceptable when using AI and ML technologies. It also promotes responsible and secure practices while holding those involved accountable for their actions.

To ensure the safety of AI systems and protect fundamental rights, the European Union is working on a new law called the EU Artificial Intelligence (AI) Act, which is expected to start in the second half of 2023. It will have a transitional period of 36 months before it becomes fully effective.

The Act will apply primarily to providers and users of AI systems. It introduces regulations for different categories of AI systems, including prohibited, high-risk, general-purpose, limited-risk, and non-high-risk systems.

Companies that create high-risk AI systems will have specific responsibilities, such as conducting impact assessments, implementing risk management plans, and reporting serious issues. The users of these systems will also be required to assign human oversight and report any significant incidents.

The UK has no comparable comprehensive law like the EU AI Act. In March 2023, the UK released a White Paper outlining its proposed strategy for AI regulation. The White Paper was open for consultation until June 21, 2023.

Unlike the EU Act, the UK’s approach is described as “pro-innovation.” Rather than introducing new AI legislation, the White Paper suggests implementing a principles-based framework that regulators in all sectors can adopt. This framework aims to offer flexibility in regulating AI while promoting innovation.

The future of AI

While there are significant benefits to using AI and ML in cybersecurity from a detection and prevention point of view, there are also drawbacks and challenges in the development of AI, and the concern that it will be used in an irresponsible and unethical manner. This ultimately puts companies at risk.

C8 Secure is dedicated to assisting the industry in addressing the challenges posed by AI cyberattacks. It offers essential tools and expertise to create a secure and reliable environment.

Through a comprehensive understanding of the ever-changing realm of AI cyberattacks and the tactics employed by cybercriminals, we can anticipate future threats and develop resilient safeguards.

With C8 Secure, you can confidently move forward, assured that your operations are protected against the risks posed by AI-driven cyber threats.

Learn more here

RECENT POSTS

ChattyGoblin: A new threat to iGaming and how C8 Secure can help

19 Jul, 2023

The iGaming industry is under a new threat. A malicious campaign, dubbed “ChattyGoblin,” has been targeting Southeast Asian gambling operations since October 2021.

READ MORE

Let’s Get Started

Canadian Gaming Summit – Panel Q&A

In June, Continent 8’s Innovation Director, David Brace, participated in a panel at the Canadian Gaming Summit.

The panel ‘Cybersecurity: managing risk in a brand new market’, delved into the lack of strategy new iGaming operators have in tackling cybercriminals and hackers. He was joined by Sunil Chand (VP Cyber & Information Security, OLG), Jarvis Pelletier (VP IT & Gaming Systems, SIGA) and Carmi Levy (Director of Comms, Step Software) as they explored lessons learned from land-based operators and outside industries in safeguarding revenue, reputation and most importantly, the customer.

The interactive and popular session included questions from the audience. Unfortunately, time ran out to answer all of these, so David has provided answers to some of the questions below.

If you had to focus and invest on only one of the following, which would you prioritize on educating and managing: Players, Staff, Device/Hardware, Other?

Staff are your biggest strength and biggest weakness when it comes to cybersecurity. In fact, human error accounts for almost 90% of all cyber incidents. No matter how advanced the technology or how detailed the processes are, they are rendered ineffective if the people using them are not adequately trained and aware. This is why cybersecurity training and awareness programs for employees are crucial.

Employees need to understand the importance of following security protocols and be aware of the potential risks, such as phishing attempts or suspicious links. In addition, the cybersecurity team itself needs to be well-trained, up-to-date with the latest threats and countermeasures, and capable of responding quickly and effectively to incidents.

What are some examples of ransomware attacks, and what was the outcome?

One of the highest-profile attacks recently was the Kaseya VSA ransomware attack, which is part of a larger trend of supply chain ransomware attacks where bad actors target software or managed service providers. In this instance, the organisation REvil used an exploit in Kaseya’s remote monitoring agent to install ransomware on devices belonging to between 800 – 3,000 different organizations. A ransom of $70m in Bitcoin was demanded for the master key to decrypt all those affected devices, it is understood that the ransom was not paid, and that Kaseya engaged a number of cybersecurity forensic organisations to assist with mitigation and decryption of the systems. It took a substantial amount of time for some organisations to fully restore their systems, indicating that those organizations did not have up-to-date or complete cybersecurity protection and playbooks.

What’s rationally more realistic in a fast-paced gaming market? Planning for the worst or trying to avoid it, which could be perceived as friction?

All organisations must find a balance when it comes to cybersecurity, if you plan for and mitigate against every eventuality, you can’t operate as a customer-facing business. This is where risk management becomes a key part of a cybersecurity strategy; organizations should be in a continuous cycle of: Identify -> Assess -> Mitigate -> Monitor -> Review.

Risk management is a key part of Assess and Mitigate phases as all organizations will hit a point where the mitigation has such an impact on business services that the risk is accepted as part of operating a successful business. Instead, as part of this acceptance of risk, many organizations will choose heightened Monitoring and Reviewing in place of full mitigation, enabling them to still operate whilst being aware of the potential risk.

With AI evolving and phishing schemes getting more authentic how can should we adapt and become more agile to minimize risk? 

As Phishing attacks are a form of social engineering, your primary method of dealing with them will always be a rolling education program for both your internal users and your external customers. Internal users should be regularly trained to identify suspicious emails and engage with the security team to validate such items. External users should be educated on your policies for handling PII, especially on the information you will not ask them to share via email or other electronic messaging.

Technology will play a part in monitoring incoming traffic and communications for suspicious activity, as with all aspects of security, it should be regularly updated and reviewed as part of the cybersecurity regimen.

Learn more about C8 Secure here.

RECENT POSTS

ChattyGoblin: A new threat to iGaming and how C8 Secure can help

19 Jul, 2023

The iGaming industry is under a new threat. A malicious campaign, dubbed “ChattyGoblin,” has been targeting Southeast Asian gambling operations since October 2021.

READ MORE

Let’s Get Started