web analytics

Clément Domingo: “We are not using AI correctly to defend ourselves” – Source: www.csoonline.com

clement-domingo:-“we-are-not-using-ai-correctly-to-defend-ourselves”-–-source:-wwwcsoonline.com
Rate this post

Source: www.csoonline.com – Author:

Cybercrime is evolving into a sophisticated, business-like ecosystem, with criminal groups operating like legitimate organizations. Ethical hacker Clément Domingo explains how they use affiliates, AI and more to launch attacks.

Following Kaspersky Horizon on 1 July in Madrid, Clément Domingo, ethical hacker and cybersecurity evangelist, explains the cybercrime landscape now looks like the legitimate startup world: structured organizations with affiliates and even team-building culture.

How a criminal startup works

“A cybercrime startup is similar to a classic startup, but dedicated to cybercrime in a very efficient way,” Domingo tells via email. “Most have what we call affiliates, which allows them to operate worldwide and attack any organization or entity. In most cases, the startup keeps 20% of the ransom and the accomplice takes 80%.”

These are companies that, as he details, offer all the necessary tools and procedures to commit cybercrime, such as stealing employee credentials, the best markets on the dark web, people in charge of human resources, finance, negotiation and much more.

“To give you an idea,” Domingo says, “they operate almost like any other company: they have offices, good equipment and even do team building activities…If you think about it… it’s crazy! Their infrastructure depends on the degree of maturity of the ransomware group. Some are very advanced. For example, many in the cybercrime ecosystem operate behind a bulletproof host (BHP), so their infrastructure, even if they provide malware, command and control or any other malicious element, is hard to take down because it’s something that doesn’t matter to the vendors behind it, as they get paid in cryptocurrencies. Talking about the cybercrime infrastructure can be overwhelming; you realize that they really know how to operate and hide….That’s why sometimes, sometimes law enforcement has such a hard time dismantling those infrastructures.”

The cybercrime “pool”

As Domingo acknowledges, cybercrime is increasingly precocious, and he provides a shocking and sobering fact: “I can testify that they are getting younger and younger… the average is 13 years old!”

Then, to face a process of “maturating” thanks to other activity partners. A training phrase to find out how far they are capable of going.

But the key revelation is that, in more than a few cases — and therein lies the danger according to Domingo — is that “some of them don’t do it for the money, but for the glory, to be able to say: “Look what a company I was able to hack into!” But the damage is enormous.”

Once they have discovered the world of cybercrime and, above all, that many companies, especially smaller ones, are willing to pay a few dollars or thousands of dollars, “they already start to take this activity seriously, which leads them to dedicate themselves to it professionally”. At this point, “glory and money appeal to some, but for others it is simply a matter of ideology. As far as I’ve seen in all the conflicts around the world, many cyberattacks are carried out to protest or claim something,” he says.

How to deter this “quarry”

“This is a very complicated question,” acknowledges Domingo. In his opinion, there are many ways to enter this world: through video game cheat codes or programming, not to mention spending hours on some Discord or Telegram channels; “which, by the way, is the new dark web,” he notes.

“From the many infiltrations I do, I can say that some people join the groups because they want to learn how to program or simply because they’re curious. Then, little by little, they receive approaches that, over time, crystallize into proposals to download a particular program, or if they’d be willing to do another one. It’s that simple how they enter this world.”

There is a key tool to combat this unprecedented increase in young people attracted to cybercrime: cyber education. “It’s very important. If these kids had seen earlier that interesting things can be done in cyberspace, perhaps they wouldn’t have rebelled in the first place. But to do that, our governments and schools must have programs to train them and places where they can learn while having fun, because cybernetics and artificial intelligence are fun when you know all their potential for doing good.”

“In my daily work as an ethical hacker, I go to many schools and also meet with young people to tell them about my background and try to awaken in them the desire to become ethical hackers,” he adds.

The impact of AI on cybercrime

AI is reshaping our entire ecosystem, our world, “and cybercriminals know that.”

Domingo acknowledges that they are increasingly using AI in their attacks and in the way they interact with their targets. It’s very easy to host or create your own dark evil — whatever you want, whatever you can think of — an AI that will be the brains of your cybercrime. When I look at what’s happening right now, I must confess that we’re not using AI properly to defend ourselves because it’s too early, and then we’ll complain or regret it when it’s too late. All the big companies competing in the AI ecosystem are obsessed with being the first to launch this new version of LLM/AI that can clone voices, faces, or whatever in seconds…without protecting it! What do cybercriminals do? The logical thing: use it against us.

But companies also need to take some of this into account. “Many people think AI is magic, so they can implement new AI-powered applications without securing the basics. So, once again, it’s easy for cybercriminals to abuse it. Recently, we’ve seen how some companies, like McDonald’s, used an AI that was hacked with the password 123456 and gave access to 64 million job applications worldwide.”

How cybercriminals set financial demands

“Most of the time, there’s a “polite cyber agreement” in the cybercrime ecosystem. What does that mean? If a company is attacked, they’ll be asked for between 1 and 10% of their annual revenue. However, they can also rely on what they read, hear, or see in the media, which leads them to hack a company and demand a ransom.”

Clément Domingo also notes that the number of SMEs being attacked has increased in recent months because, in his opinion, “some low-level cybercriminals have realized that it is more interesting to attack these companies and ask for a low amount than to attack a large one and ask for a high amount.”

So is it possible to stay one step ahead of them? “Of course it’s possible!” he answers, categorically. And he argues: “It’s what we call CTI (Cyber Threat Intelligence): the ability to detect all illegal signals and analyze many parameters that occur in a specific domain and also allow us to understand the geopolitical ecosystem and stay one step ahead.”

So here is his advice: “To defend our industries, our internet freedom and defeat these cybercriminals, you need to think like an attacker. But, to be honest, they are much better than us because we don’t fight with the same cyber weapons. The field of cybersecurity is very backward, and in some parts of the world, its complexity can be so great that it even complicates cyber defense. Hence the need to conclude by saying that people don’t understand anything about cybersecurity because many professionals rely on the technical aspects. And, unfortunately, if my grandmother doesn’t understand what the movie is about, it’s very difficult to prepare for what might come. Therefore, we must change the way we talk about cybersecurity because it is important for the future.

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.

Original Post url: https://www.csoonline.com/article/4024539/clement-domingo-ethical-hacker-we-are-not-using-ai-correctly-to-defend-ourselves.html

Category & Tags: Artificial Intelligence, Careers, Security, Startups – Artificial Intelligence, Careers, Security, Startups

Views: 1

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

CISO2CISO Notepad Series
How Can We Structure Cybersecurity Teams To Better Integrate Security In Agile At Scale?
How Can We Structure Cybersecurity...
OCCUPYTHEWEB
Linux Basics for Hackers by Occupytheweb
Linux Basics for Hackers by...
NIST
Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST – Eran Salfati and Michael Pease
Digital Forensics and Incident Response...
Think Big Blog
Top 10 TED Talks to Learn about Cyber Security
Top 10 TED Talks to...
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small...
Practical DevSecOps
API Security Fundamentals – Your Handy Guide to Building an Unhackable System by practical-devsecops.com
API Security Fundamentals – Your...
Marcos Jaimovich
Nuevo Firewall para IA , un Cacharro nuevo para nuestro SOC y los equipos de Ciberseguridad !
Nuevo Firewall para IA ,...
Vendict
The 2024 CISO Burnout Report by Vendict
The 2024 CISO Burnout Report...
Mohammad Alkhudari
Cybersecurity Strong Strategy step by step Guide collected by Mohammad Alkhudari 2024
Cybersecurity Strong Strategy step by...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...

LASTEST PUBLISHED POSTS

Cyberint
Retail Threat Landscape Report Q1-Q3 – November 2024 Summary by Cyberint a Check Point Company
Retail Threat Landscape Report Q1-Q3...
NCSC
Protecting Critical Supply Chains – A Guide to Securing your Supply Chain Ecosystem
Protecting Critical Supply Chains –...
Culture AI
Time to Adapt – The State of Human Risk Management in 2024 by Culture AI.
Time to Adapt – The...
National Cyber Security Centre
Engaging with Boards to improve the management of cyber security risk.
Engaging with Boards to improve...
Microsoft Security
2024 State of Multicloud Security Report by Microsoft Security
2024 State of Multicloud Security...
bugcrowd
Inside the Mind of a CISO 2024 The Evolving Roles of Security Leaders 2024 by bugcrowd
Inside the Mind of a...
Mohammad Alkhudari
Cybersecurity Strong Strategy step by step Guide collected by Mohammad Alkhudari 2024
Cybersecurity Strong Strategy step by...
Lacework
CISO’s Playbookto Cloud Security by Lacework
CISO’s Playbookto Cloud Security by...
MITRE - Carson Zimmerman
Ten Strategies of a World-Class Cybersecurity Operations Center by MITRE
Ten Strategies of a World-Class...
SILVERFRONT - AIG
Identity Has Become the Prime Target of Threat Actors by Silverfort AIG.
Identity Has Become the Prime...
CYZEA.IO
Enterprise Information Security
Enterprise Information Security
IGNITE Technologies
ENCRYPTED REVERSE
ENCRYPTED REVERSE

More Latest Published Posts

WORLD BANK GROUP
Global Cybersecurity Capacity Program
Global Cybersecurity Capacity Program
Gary Hinson
Getting started withsecurity metrics
Getting started withsecurity metrics
EDPS
Generative AI and the EUDPR.
Generative AI and the EUDPR.
Bright
2024 Guide to Application Security Testing Tools
2024 Guide to Application Security Testing Tools
HADESS
Hacker Culture
Hacker Culture
Quuensland Govermment
RISK ASSESSMENT PROCESS HANDBOOK
RISK ASSESSMENT PROCESS HANDBOOK
Ministry of MOS Security
HIPAA SIMPLIFIED
HIPAA SIMPLIFIED
Hacker Combat
How Are Passwords Cracked?
How Are Passwords Cracked?
CIS - Center for Internet Security
How to Plan a Cybersecurity Roadmap in Four Steps
How to Plan a Cybersecurity Roadmap in Four Steps
ACSC Australia
Information Security Manual
Information Security Manual
Kaspersky
Incident Response Playbook: Dark Web Breaches
Incident Response Playbook: Dark Web Breaches
ninjaOne
Endpoint Hardening Checklist
Endpoint Hardening Checklist
HADESS
Important Active Directory Attribute
Important Active Directory Attribute
ISA GLOBAL CYBERSECURITY ALLIANCE
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards
Rajneesh Gupta
IAM Security CHECKLIST
IAM Security CHECKLIST
sqrrl
Hunt Evil
Hunt Evil
Searchinform
How to protect personal data and comply with regulations
How to protect personal data and comply with regulations
Giuseppe Manco
Threat Intelligence Platforms
Threat Intelligence Platforms
CSA Cloud Security Alliance
Hardware Security Module(HSM) as a Service
Hardware Security Module(HSM) as a Service
IGNITE Technologies
CREDENTIAL DUMPING FAKE SERVICES
CREDENTIAL DUMPING FAKE SERVICES
IGNITE Technologies
A Detailed Guide on Covenant
A Detailed Guide on Covenant
NIST
Computer Security Incident Handling Guide
Computer Security Incident Handling Guide
IGNITE Technologies
DIGITAL FORENSIC FTK IMAGER
DIGITAL FORENSIC FTK IMAGER
Accedere
Cloud Security Assessment
Cloud Security Assessment
YL VENTURES
CISO Reporting Landscape 2024
CISO Reporting Landscape 2024
CISO Edition
Reporting Cyber Risk to Boards
Reporting Cyber Risk to Boards
CIOB
CIOB Artificial Intelligence (AI) Playbook 2024
CIOB Artificial Intelligence (AI) Playbook 2024
INCIBE & SPAIN GOVERNMENT
Nuevas normativas de 2024 de ciberseguridad para vehículos
Nuevas normativas de 2024 de ciberseguridad para vehículos