UNAPIMON works by meticulously disabling hooks in Windows APIs for detecting malicious processes.

Source: Panchenko Vladimir via Shutterstock

Researchers have spotted Earth Freybug, a China-linked threat actor, using a new malware tool to bypass mechanisms organizations might have put in place to monitor Windows application programming interfaces (APIs) for malicious activity.

The malware, which researchers at Trend Micro discovered and named UNAPIMON, works by disabling hooks in Windows APIs for inspecting and analyzing API-related processes for security issues.

**Unhooking APIs**

The goal is to prevent any processes that the malware spawns from being detected or inspected by antivirus tools, sandboxing products, and other threat detection mechanisms.

"Looking at the behavior of UNAPIMON and how it was used in the attack, we can infer that its primary purpose is to unhook critical API functions in any child process," Trend Micro said in a report this week.

"For environments that implement API monitoring through hooking, such as sandboxing systems, UNAPIMON will prevent child processes from being monitored," the security vendor said. This allows malicious programs to run without being detected.

Trend Micro assessed Earth Freybug as being a subset of APT41, a collective of Chinese threat groups variously referred to as Winnti, Wicked Panda, Barium, and Suckfly. The group is known for using a collection of custom tools and so-called living-off-the-land binaries (LOLbins) that manipulate legitimate system binaries such as PowerShell and Windows Management Instrumentation (WMI).

APT41 itself has been active since at least 2012 and is linked to numerous cyber espionage campaigns, supply chain attacks, and financially motivated cybercrime. In 2022, researchers at Cybereason identified the threat actor as stealing large volumes of trade secrets and intellectual property from companies in the US and Asia for years. Its victims have included manufacturing and IT organizations, governments, and critical infrastructure targets in the US, East Asia, and Europe. In 2020, the US government charged five members believed to be associated with the group for their role in attacks against more than 100 organizations globally.

**Attack Chain**

In the recent incident that Trend Micro observed, Earth Freybug actors used a multistaged approach to delivering UNAPIMON on target systems. In the first stage, the attackers injected malicious code of unknown origin into vmstools.exe, a process associated with a set of utilities for facilitating communications between a guest virtual machine and the underlying host machine. The malicious code created a scheduled task on the host machine to run a batch script file (cc.bat) on the host system.

The batch file's task is to collect a range of system information and initiate a second scheduled task to run a cc.bat file on the infected host. The second batch script file leverages SessionEnv, a Windows service for managing remote desktop services, to side-load a malicious dynamic link library (DLL) on the infected host. "The second cc.bat is notable for leveraging a service that loads a nonexistent library to side-load a malicious DLL. In this case, the service is SessionEnv," Trend Micro said.

The malicious DLL then drops UNAPIMON on the Windows service for defense evasion purposes and also on a cmd.exe process that quietly executes commands. "UNAPIMON itself is straightforward: It is a DLL malware written in C++ and is neither packed nor obfuscated; it is not encrypted save for a single string," Trend Micro said. What makes it "peculiar" is its defense evasion technique of unhooking APIs so that the malware's malicious processes remain invisible to threat detection tools. "In typical scenarios, it is the malware that does the hooking. However, it is the opposite in this case," Trend Micro said.

**About the Author(s)**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

China-Linked Threat Actor Taps 'Peculiar' Malware to Evade Detection

Fortanix is working on technologies to build a security wall around AI search.

The inner functioning of AI-powered search is more complex than plain-text search via Google when it comes to extracting answers from websites and databases. Fortanix is trying to build a security wall to protect the search query and the extraction of data from artificial intelligence (AI) systems.

Generative AI technologies will ultimately provide fine-grained responses based on associativity of information and retrieve information from sources users may not be aware of, says Richard Searle, vice president of confidential computing at Fortanix.

"What we're finding ... is that there is a deeper focus happening in the AI domain around privacy, consent, and permissioning of information," Searle says. "These are obviously the core cases."

Essentially, Fortanix is building a security wall around the way AI search queries are handled. More specifically, it is building security around prompts, where users provide AI search queries. The security wall extends to data retrieval from large language models, which are delivered to customers.

"We think there's a significant market there," Searle says. "The partners that we're working with within the AI space are talking about search to their customers already today."

Fortanix's private AI search is pinned on confidential computing, which creates secure vaults that are accessible to authorized parties only via keys. The data is processed inside, without leaving the vault.

"Data is going to be subject to not only the data protection regulations that we have today, but also these emerging AI regulations," Searle says.

Fortanix's technology is a component in the emerging field of confidential AI. Confidential AI is extended to AI scenarios typically associated with GPUs and accelerators, said Mark Russinovich, chief technology officer for Microsoft Azure, during a panel discussion at the Open Confidential Computing Conference in March.

**Protecting Vector Databases**

Private search with AI relies on data extraction from knowledge graphs or vector databases, which could draw information from a wide range of sources, including static conventional databases.

At Nvidia's GPU Technology Conference, also in March, the company's CEO, Jensen Huang, defined vector databases as a new style of database that takes structured data or unstructured data that can be reindexed by encoding the meaning of data.

"Now this becomes an AI database, and that AI database in the future, once you create it, you can talk to it," Huang said.

Fortanix's goal is to initiate privacy for the search initiator — a human or machine user — and protect the privacy and integrity of the information that might be within the vector embeddings.

"Confidential computing, I think, has a very important role to play," Fortanix’s Searle says.

**Private Search Differs From Conventional Search**

Confidential AI prevents the leak of AI information, which helps meet regulatory requirements. The layer also anonymizes the information so a user's intent or identity is protected. That is the opposite of conventional search, where user information and motives drive Google Ads and analytics.

A higher level of AI privacy is a cornerstone for industries such as healthcare and banking, which are tied to regulatory issues.

"Imagine that you want to do search in a scientific domain — you might want to be able to use data from a different institution to the one you're working in that has some specific expertise in a particular field. Showing the privacy of that data and the accuracy of this research is important," Searle says.

**State of Confidential AI**

Confidential AI is an emerging concept, and search fits into that profile. Intel and AMD have chips with hooks for secure enclaves. Microsoft, Google, and Amazon are providing confidential computing virtual machines in their cloud services.

Companies can bring data sets together to train a foundational model effectively, and these data sets are becoming high-value assets for top corporations, said Ian Buck, vice president and general manager of Nvidia's hyperscale and high-performance computing division, during the panel discussion.

The IT industry is rapidly approaching the deployment of confidential computing in data centers, edge computing, and PCs, but there's a lot more to do with confidential AI, said Greg Lavender, Intel's chief technology officer, during the panel.

"Privacy and safety and responsible AI are going to be big forcing functions for this as the government adopts AI technologies from the industry," he said.

**About the Author(s)**

Agam Shah has covered enterprise IT for more than a decade. Outside of machine learning, hardware, and chips, he's also interested in martial arts and Russia.

Fortanix Builds Private Search for AI

The National Vulnerability Database can't keep up, and the agency is calling for a public-private partnership to manage it going forward.

Source: GK Images via Alamy Stock Photo

After warning it can't keep up with the exploding number of bugs being submitted to the National Vulnerability Database (NVD), the National Institute of Science and Technology (NIST) has asked for additional resources from the US government and the private sector.

The agency said in February it was experiencing delays updating the NVD. This week, it admitted the delays have ballooned into a bona fide backlog. NIST said it is working to address the highest priority vulnerabilities first.

"This is based on a variety of factors, including an increase in software and, therefore, vulnerabilities, as well as a change in interagency support," NIST said in a statement regarding its NVD backlog.

Staff at NIST are being shuffled around to triage the vulnerability analysis delays, but longer-term solutions are required, the agency explained. One specific suggestion NIST highlighted was the creation of a public-private consortium to support the NVD, made up of "industry, government, and other stakeholder organizations that can collaborate on research."

**NIST Needs a New Approach**

NIST's NVD is foundational to security operations, according to Jason Soroko, senior vice president of product at Sectigo. And getting additional analysts working through the backlog is critical, he added.

"The problem is scale," Soroko says. "NIST is going to open up the program to a consortia of vetted organizations from the industry in order to deal with the backlog of vulnerabilities that need to be analyzed and understood before being put into the NVD database. The move is a good one."

NIST needs a new approach if the agency is going to be able to keep up with the explosion in CVEs, explains Saumitra Das, vice president of engineering at Qualys.

"NIST NVD has been a cornerstone of vulnerability management for a long time," Das says. "However, the exponential growth in CVE issuance has created pressure which will necessitate a different and prioritized approach as mentioned in this statement. Budget cuts happening for the first time in a decade are possibly part of this issue as well, apart from the sheer volume."

Because NIST and the NVD have been so important to cybersecurity in the past, John Bambenek, president at Bambenek Consulting, says he's hopeful that with an assist from the cybersecurity industry, NVD can get back on track.

"The NVD is a major success story for NIST and cybersecurity, and hopefully a pivot to a private-public sector partnership can be reached quickly to scale up the program," Bambenek says. "This announcement illustrates that the explosion in vulnerability possibilities has grown so large that not even the US government can adequately keep their hands around the problem."

NIST Wants Help Digging Out of Its NVD Backlog

The initiative is meant to provide more resources and better strategies for healthcare entities that face an increasing amount of cybersecurity challenges.

Source: Olekcii Mach via Alamy Stock Photo

The Department of Health and Human Services (HHS) has begun an initiative to better organize and equip its healthcare cybersecurity programs through a one-stop shop.

This latest resource is created through the HHS Administration for Strategic Preparedness and Response (ASPR), which leads the US during disasters and public health emergencies relating to health and medical preparation.

This initiative comes after a United Healthcare subsidiary was targeted by BlackCat ransomware group in February, causing days of outages and chaos across the healthcare supply chain. The cyberattack was considered one of the most serious of its kind within the healthcare sector, and led to United paying the ransom demanded by the threat actors. 

The incident prompted a letter from the chairman of the Senate's Homeland Security and Governmental Affairs Committee, Sen. Gary Peters (D-Mich.). He asked HHS what steps it was taking to prevent such a catastrophe from happening again. The ASPR said it will create new cybersecurity strategies for the healthcare sector and inform healthcare entities of best practices and resources.

"There's too many doors into cybersecurity when engaging with the federal government generally, let alone HHS," said Brian Mazanec, the deputy director for ASPR's Office of Preparedness, in a statement. "Within HHS, there are a lot of different players. So we're in the process now of really establishing this front door through ASPR to all of those resources."

**About the Author(s)**

HHS Plans for Cyber 'One-Stop Shop' After United Healthcare Attack

Campaign distributes malware disguised as legitimate installers for popular workplace collaboration apps by abusing a traffic-tracking feature.

Source: Bits and Splits via Shutterstock

Attackers are once again abusing Google Ads to target people with info-stealing malware, this time using an ad-tracking feature to lure corporate users with fake ads for popular collaborative groupware such as Slack and Notion.

Researchers from AhnLab Security Intelligence Center (ASEC) discovered a malicious campaign that uses a statistical feature to embed URLs that distribute malware, including the Rhadamanthys stealer, they revealed in a blog post published this week. The feature lets advertisers insert external analytic website addresses into ads to collect and use their visitors' access-related data to calculate ad traffic.

However, instead of inserting a URL for an external statistics site, attackers are abusing the feature to enter sites for distributing malicious code, the researchers found.

Ads related to the campaign have already been deleted. But when they were still active, "clicking on the banner would take unsuspecting users to the address that would trick them into downloading a malicious file," according to ASEC.

In the campaign, Rhadamanthys is disguised as an installer for popular groupware often used by corporate teams for workplace collaboration. Once the malware is installed and executed, it downloads malicious files and payloads from the attacker's server.

**Redirects to Stealer Downloads**

The ASEC post breaks down how attackers crafted the campaign to show banner ads that contain tracking URLs invisible to the end user that redirect users to an attacker-created and -controlled URL. This ultimate landing page is similar to the actual website of a groupware tool such as Slack or Notion, and it prompts visitors to download and execute the malware, which is distributed in an installer form.

Typical installers used by the campaign are the Inno Setup installer or Nullsoft Scriptable Install System (NSIS) installer; specifically, attackers used the following executable files: Notion\_software\_x64\_.exe Slack\_software\_x64\_.exe; Trello\_software\_x64\_.exe; and GoodNotes\_software\_x64\_32.exe.

"Once it is executed, the malware uses websites that can save texts such as textbin or tinyurl to access the malicious payload addresses," ASEC said in its blog post, which lists the URLs attackers used to fetch these addresses, which are subsequently delivered to users.

The ultimate payload of the campaign is the Rhadamanthys stealer, which gets injected into legitimate Windows files via the "%system32%" path, according to ASEC. This allows the stealer to exfiltrate users' private data without their knowledge, the researchers noted.

Rhadamanthys is popular with attackers and is available for purchase on the Dark Web under a malware-as-a-service model. It acts as a typical stealer to collect system information, such as computer name, username, OS version, and other machine details. It also queries the directories of installed browsers — including Brave, Edge, Chrome, Firefox, Opera Software — to search for and steal browser history, bookmarks, cookies, auto-fills, login credentials, and other data.

**Pay Attention to Ad-Delivered URLs**

The campaign is certainly not the first time that attackers have abused Google Ads and its associated features to deliver Rhadamanthys and other malware, and it likely won't be the last. In fact, a campaign identified in January 2023 also used website redirects from Google Ads and fake-download lures for popular remote-workforce software, such as Zoom and AnyDesk to deliver Rhadamanthys.

Attackers have even abused the "dynamic search ads" feature of the service to amplify the effect of malicious campaigns by creating targeted ads to deliver a flood of malware.

Indeed, as "all search engines that provide tracking to calculate ad traffic can be used to distribute malware," users must stay vigilante when accessing links from ads delivered by Google, ASEC warned. Specifically, they should "pay attention to the URL that is seen upon accessing the website, not the URL that is shown on the ad's banner" to avoid falling for a malicious campaign, according to the post.

ASEC also posted a comprehensive list of URLs associated with various stages of the campaign to help administrators identify if any corporate users have been affected by it.

**About the Author(s)**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

It's critical for security teams to stay vigilant not only when it comes to major security issues, but also with minor lags in security best practice.

Tim Chase, Global Field CISO, Lacework

April 2, 2024

3 Min Read

Source: Anna Berkut via Alamy Stock Photo

COMMENTARY

The saying "put yourselves in the shoes of a hacker" has long been part of defensive security strategies. Today, in the fast-paced and evolving threat landscape, this statement is truer than ever for chief information security officers (CISOs) and security teams at scale.

As cyber threats continue to evolve in 2024, CISOs and security teams must be prepared for everything from supply chain risks to zero-day exploits to deepfakes to cloud targeting and more. By ensuring visibility across your infrastructure, encouraging employee training, and supporting bug bounty programs, your organization will harden its security posture and be better prepared to fend off rising threats this year. Let's dive a bit deeper into each: 

**Creating Security Allies Out of Your Team**

Recent cyberattacks have shown us that the level of sophistication and damage caused by malicious actors is not slowing down. The MOVEit data breach that leaked the personal information of more than 11 million people shows the raw scale of modern attacks. Similar breaches at MGM and Caesars were exacerbated by the FBI struggling to stop the cyber gang behind the incident. 

While the security team can't befriend everyone in an organization, they can focus on education internally in order to train staff on risks and create clear communication that covers important issues. If hackers are staying up to date and getting educated on the latest threats and risks, we should as well. Creating a "security champions" program across the organization is a great way to embed security. One team member from marketing, finance, legal, etc., can plug in to your team and be a liaison for security that helps push pertinent cybersecurity information out across the company.

**Supporting Bug Bounty Programs**

Rather than being anxious and shunning bug bounty programs, CISOs and security teams should reward good behavior. I encourage employees to attend hackathons — even if it's only to observe or learn at first. It's one step in the right direction for security education. For more hands-on cybersecurity learning, I also like to arrange company-wide competitions and games that encourage employees to figure out how cybercrime could potentially happen.

There is no better way to prepare for a real breach than with a simulation. It forces the team to work together, strategize, and agree on a solution. The increased need for internal cybersecurity education and support for bug bounty programs is only going to continue growing in order to keep up with rising threats.

**If All Else Fails, Focus on Visibility**

Visibility is a foundational principle that suggests you can't secure what you don't know about. Lack of a security team's visibility is a gold rush for hackers because they typically infiltrate an organization's network via hidden or sneaky entry points. If you don't have visibility, there will undoubtedly be a way in. Without visibility into all traffic within an organization's infrastructure, threat actors can continue to lurk in the network and grant themselves access to the organization's most sensitive data.

With 93% of malware hiding behind encrypted traffic but only 30% of security professionals claiming to have visibility, it's no wonder that there were more ransomware attacks in the first half of 2023 than in all of 2022. Once a cybercriminal has made their way into the network, time is limited. Only with visibility can the cybercriminal be stopped from wreaking havoc and gaining access to company data.

When cybersecurity professionals can better understand the mysterious nature of hackers and how they work, they can better protect their own systems and valuable customer data. It's critical to stay vigilant not only when it comes to major security issues, but also with minor lags in security best practice. We saw this with the recent breach of Hewlett Packard, which was undertaken by the same group behind 2020's SolarWinds breach. Some of the most sophisticated cybercriminals are also incredibly opportunistic, taking advantage of any split-second lapse in otherwise-tight security plans. Ensure you take the steps above to stay ahead of looming threats. 

**About the Author(s)**

Global Field CISO, Lacework

Tim Chase is the Global Field CISO at Lacework and has worked in information security for over 15 years in various roles, including leading security teams focusing on Cloud and AppSec. He has extensive experience working at the board and executive level to promote security and guide decision-making.

Instilling the Hacker Mindset Organizationwide

Ransomware groups tore into manufacturing other parts of the OT sector in 2023, and a few attacks caused eight- and nine-figure damages. But worse is yet to come in 2024.

Source: Imagebroker via Alamy Stock Photo

At least 68 cyberattacks last year caused physical consequences to operational technology (OT) networks at more than 500 sites worldwide — in some cases causing $10 million to $100 million in damages.

Unsurprisingly, these weren't Stuxnet-like events, but the opposite.

According to a new report from industrial control system (ICS) vendor Waterfall Security Solutions, which studied real-world cyberattacks on OT organizations, most of the hackers known to be targeting the OT sector these days are hacktivists. And the majority of disruptions are not caused by such direct manipulation of OT systems but are downstream consequences of IT-based attacks, most often involving ransomware.

That doesn't mean, though, that the impacts are any less severe. Incidents involving Johnson Controls and Clorox last year ended up costing those companies around $27 million and $49 million, respectively. One cyberattack that led to the temporary suspension of operations at MKS Instruments in Massachusetts cost $200 million, and one of its suppliers — California-based Applied Materials Inc. — reported losing another $250 million as a result.

The number of attacks with physical consequences increased by nearly 20% last year, according to the report.

**IT Attacks With OT Consequences**

In the past decade and a half, only around a quarter of cyberattacks with OT consequences were caused by actually hitting the OT network, according to the report Waterfall published in collaboration with OT incident threat database ICS STRIVE.

"A large fraction of attacks that caused OT consequences did so by compromising machines in the IT network exclusively," explains Andrew Ginter, vice president of industrial security for Waterfall, and a co-author of the report. "OT was often shut down in 'an abundance of caution' because the business was not willing to keep running powerful, dangerous physical processes with compromise only one or two network hops away."

After its attack last March, for example, the German manufacturer Hahn Group GmbH switched off all of its systems as a safety precaution. A full, clean restoration of its systems took weeks thereafter. A number of other manufacturers last year followed that same playbook, even when safety wasn't at risk, in order to contain damage to further systems, sites, and customers.

"OT was also often shut down because physical operations needed facilities on IT networks that ransomware had crippled — e.g., container-tracking systems for shipping or passenger signage for large rail stations," Ginter points out.

One prime case occurred last January, when UK Royal Mail printers were disabled and hijacked to print LockBit ransom notes. Mail export services were briefly suspended nationwide, in an event that ended up costing £42 million.

"These dependencies are something many OT practitioners do not think about," Ginter explains. An IT network compromise can also affect physical operations, even if an OT network is secured, if the OT process rely on processes in the IT network.

**Cyber Threat to Water Treatment**

More than half of publicly reported cyberattacks with OT consequences in 2023 affected the manufacturing sector. But if there's one sector to worry about more than the rest it's, arguably, water.

Late last November, around 180 households in the Irish villages of Binghamstown and Drum lost water for two days, thanks to a loss of water pressure at a local pumping station. The cause was a cyberattack likely carried out by Iran's Cyber Av3ngers, part of a wider campaign targeting Unitronics pump controllers.

Though such stories are still rare, water facilities combine a dangerous mix of low difficulty and high impact for hackers.

"In the USA, the vast majority of the more than 20,000 drinking water treatment utilities are tiny. Minute. The vast majority of the more than 200,000 wastewater treatment systems — same thing. And realistically, with whatever budget these utilities have, almost all of it goes to people with trucks and backhoes digging holes in the ground," Ginter explains. "Couple that with continued pressure to automate those water systems to reduce costs — a lot of these systems are regulated \[because they're local monopolies\], and every regulator wants to reduce costs and reduce rates, so there is constant pressure to automate. All modern automation involves computers, meaning more targets for cyberattacks."

These systems have no security budget, so with the increased threat of hacktivist attacks and pressure to automate their operations, they are in peril, he notes, creating "a growing problem for all of the small communities in the nation."

**About the Author(s)**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

Cyberattacks Wreaking Physical Disruption on the Rise

How security teams in the region fortify their defenses amid short-staffing — and increased DDoS, phishing, and ransomware campaigns — during the Muslim holy month.

Source: MQ Naufal via Alamy Stock Photo

The holy month of Ramadan is a period where Middle East-based companies step up cybersecurity with extra vigilance and outsourced support amid shortened working hours and increased e-commerce activity.

The ninth month of the Muslim calendar is observed around the world as followers take the time to reflect and practice fasting, and cybersecurity teams often operate with skeletal staffing. Ramadan is also a period where Muslim shoppers tend to up their spending on speciality foods, gifts, and special offers.

All of this also creates a perfect storm for bad actors to conduct fraudulent activities and scams.

Endpoint protection firm Resecurity has observed a significant increase in cyber malevolence during Ramadan, which began on March 10. The company estimates the total financial impact from these cyberattacks and cyberscams against the Middle East has reached up to $100 million so far during this year's Ramadan. This figure accounts for fraud perpetrated against expatriates, residents, and foreign visitors and includes wire fraud, fraudulent campaigns, e-commerce fraud, and phishing. 

In particular, Resecurity notes a rising trend where cybercriminals impersonate local shipping companies like Aramex, SMSA Express, and Zajil Express to deceive Internet users. They target victims through SMS, iMessage, and WhatsApp with phony parcel delivery messages that pressure the victim to pay immediately for their "delivery."

"\[Users\] are strongly advised to refrain from sharing personal and payment information on questionable sites or with individuals posing as bank or government employees," Resecurity warned in its report.

Shilpi Handa, associate research director of security, Middle East, Turkey, and Africa (META) at IDC, agrees there is a "noticeable increase" in DDoS, phishing, and ransomware attempts during the holy month.

**Cyber Risk Preparation**

Even so, cybersecurity professionals in the region are well-versed on the cyber risk escalation during Ramadan. Security preparations typically begin well in advance of Ramadan, Handa notes.

"Many organizations proactively enhance their outsourced contracts during this period, particularly focusing on bolstering 24/7 security operations," she says, adding that deploying a remote and diverse workforce is particularly advantageous during Ramadan as around-the-clock security shifts can be fully covered by a mix of Muslim fasters and non-Muslim staff.

Organizations that expect to be short-staffed during Ramadan should prioritize their critical infrastructure to ensure operational continuity and lessen the frequency of active threat hunting if resources are stretched, Handa says. Companies also should enhance security measures for email and corporate networks because those historically have been targeted in the Middle East, she adds.

In the last few years, the UAE Cybersecurity Council has taken to issuing special advisories during Ramadan. On March 4 this year, the UAE launched its National Campaign for Cybersecurity, aimed at raising awareness and promoting cybersecurity best practices among the public.

Ezzeldin Hussein, regional senior director, solution engineering, META at SentinelOne, advises companies to prioritize cross-training within cybersecurity teams to ensure that essential tasks can be handled by multiple team members. And set clear protocols for incident response and escalation paths to streamline decision-making processes amid possible reduced staffing levels, he adds. 

Ali Haider, a New York-based senior security consultant at Secureworks, says companies should take extra steps to promote a culture of vigilance and awareness among employees and encourage them to report any suspicious activities or security concerns. 

Haider, who worked in the UAE and Saudi Arabia for over a decade, recommends that companies coordinate with the relevant law enforcement agencies. "Maintain open communication channels and coordinate security efforts as needed. Collaborating with authorities can enhance security effectiveness and facilitate a coordinated response to security incidents," he says.

**Ramadan and Year-Round**

Of course, robust cybersecurity measures should be deployed all-year round, not just for Ramadan, Haider cautions.

"Attackers may exploit potential vulnerabilities, such as reduced staffing or distracted teams. However, businesses should maintain vigilance and strengthen cybersecurity measures year-round," he says. "Ultimately, a proactive approach is key to safeguarding against cyberattacks, regardless of the time of year."

**About the Author(s)**

Alicia Buller is a London-based business and technology journalist with several years' experience working in Dubai. She specialises in cybersecurity and Middle Eastern affairs.

Cybersecurity Threats Intensify in the Middle East During Ramadan

Common Good Cyber is a global consortium connecting nonprofit, private sector, and government organizations to fund organizations focused on securing Internet infrastructure.

Source: Nico El Nino via Alamy Stock Photo

Much of our everyday lives, from banking to turning on the lights, would be impossible if the elaborate infrastructure underpinning the Internet were unavailable. However, unlike the electrical grid or financial institutions, there's no single entity responsible for maintaining and securing the Internet.

Instead, that task falls upon a diverse group of organizations and individuals that preserve this public utility with little funding or subsisting on tight budgets. The stakes are incredibly high, but the amount of resources available for keeping this infrastructure secure falls short.

"Everybody thinks it's somebody else's responsibility," says Philip Reitinger, president and CEO of the Global Cyber Alliance. "We agree that cybersecurity requires a whole-of-society effort, but the challenge for us is that there's so little funding available to keep the Internet trustworthy and secure."

**Exploring a New Funding Model**

In an effort to combat this dilution of responsibility and dearth of financial support, global policymakers and representatives from nonprofits, philanthropy, and fundraising organizations recently launched Common Good Cyber, an initiative aimed at building sustainable funding models to support those that secure the Internet for everyone. These stakeholders also took part in a February workshop in Washington, DC, to discuss the critical role of under-resourced organizations that safeguard the Internet. The workshop emphasized the need for collaboration and alignment in funding efforts to sustain cybersecurity initiatives.

"Key components of the Internet are maintained by volunteers, nonprofits, and NGOs, and others who work with razor-thin budgets and resources," said Kemba Walden, president of Paladin Global Institute and former US acting national cyber director, in her keynote address at the workshop. "Consider this: The underpinnings of our digital infrastructure, the infrastructure that enables civil society to thrive in our economy today and to grow, rest on a network of volunteers, nonprofits, NGOs and others.

The goal of Common Good Cyber is to find new ways to build adequate funding into law and policy, business policies and government, and other funding vehicles sufficient to meet the common need for cybersecurity. Supporting organizations include the Cyber Civil Defense Initiative, the Global Cyber Alliance, the Cyber Threat Alliance, the CyberPeace Institute, the Forum of Incident Response and Security Teams, the Institute for Security and Technology, and the Shadowserver Foundation.

Craig Newmark, philanthropist and founder of Craigslist and the Cyber Civil Defense Initiative, says funding and supporting Internet security projects is a patriotic duty.

"So many people have sacrificed a lot to defend us all. I have been pushing people like the folks at Global Cyber Alliance, the folks at the Aspen cybersecurity group, and people at Consumer Reports," Newmark says, listing three organizations that are part of the Cyber Civil Defense Initiative. "The notion is that we work together — to fight the fight together — to complement what the government does, kind of like what my parents did during World War II, when everyone was expected to play a role."

While governments can do some things very well, there are some areas where the government can’t do the whole job and citizens have to step up, Newmark adds.

"People like me who think of ourselves as genuine patriots, we need to help out the people who are doing the actual work, who are sometimes sacrificing a lot," he says. "In my case, while I'm trying to figure out how to mobilize the whole country, it's time to fund some organizations that are going to be doing the hard, tedious work, figuring out how regular people can protect themselves."

For Newmark, the greatest challenge lies in getting the message out and making people take action.

"The message is the big hard part — working together to protect the country," he said. "We need to protect our water and power supplies and transportation. We need to work together on making those things really happen, and I think that's a big contribution of Common Good Cyber."

**Four Action Items to Take**

Four actionable ideas came out of the workshop, Reitinger says.

Participants will seek to create joint funding organizations that have the capacity to collect money from multiple organizations and distribute them through a governance mechanism to organizations in need. Funding sources could come from government or private entities, he says, and be modeled after organizations that fight infectious diseases like HIV or malaria.

In line with the joint fund concept, nonprofits could be connected for federated fundraising, "a little like the United Way," Reitinger says. The fund could then be divided among the nonprofit entities, giving each "a little more bang for your buck, and a little bit stronger of an overall message."

Common Good Cyber also wants organizations to work together to build its business case by collecting data on who is doing what to support the Internet's infrastructure. There is a genuine need to understand the size of the sector "and the value that all these organizations provide … I think that's going to be essential," Reitinger says. "The business case to say, this is what this infrastructure does."

The creation of a hub or accelerator to provide resources to the groups securing the Internet was the final piece of the puzzle discussed. "All of these nonprofits that do critical things have to sort of start up from ground zero," Reitinger says. "And there are some resources that they can pull on. But maybe we start to aggregate those so we can help nonprofits do things like fundraising. Everybody wants to use money in the most effective way possible. So let's make that a little easier to do."

Common Good Cyber's next steps include producing a report on the workshop and speaking at this year's RSA Conference in San Francisco and a workshop in Europe in October. The group hopes to have a set of implemented solutions people can rely on in about a year.

"This is a problem that really needs solving, because we're all suffering from inadequate funding for cybersecurity supporting the common good. Cybersecurity really needs to be a fundamental human right," Rettinger says. "It's just a problem that really requires solving, and I hope we can continue to get the focus from government, industry, and nonprofit stakeholders. It's not going to get better on its own. It's going to get worse."

**About the Author(s)**

Contributing Writer

Jennifer Lawinski is a writer and editor with more than 20 years experience in media, covering a wide range of topics including business, news, culture, science, technology and cybersecurity. After earning a Master's degree in Journalism from Boston University, she started her career as a beat reporter for The Daily News of Newburyport. She has since written for a variety of publications including CNN, Fox News, Tech Target, CRN, CIO Insight, MSN News and Live Science. She lives in Brooklyn with her partner and two cats.

Funding the Organizations That Secure the Internet

Microsoft adds tools to protect Azure AI from threats such as prompt injection, as well as to give developers the capabilities to ensure generative AI apps are more resilient to model and content manipulation attacks.

Source: Tada Images via Shutterstock

Microsoft has announced several new capabilities in Azure AI Studio that the company says should help developers build generative artificial intelligence (GenAI) apps that are more reliable and resilient against malicious model manipulation and other emerging threats.

In a March 29 blog post, Microsoft's chief product officer of responsible AI, Sarah Bird, pointed to growing concerns about threat actors using prompt injection attacks to get AI systems to behave in dangerous and unexpected ways as the primary driving factor for the new tools.

"Organizations are also concerned about quality and reliability," Bird said. "They want to ensure that their AI systems are not generating errors or adding information that isn’t substantiated in the application’s data sources, which can erode user trust."

Azure AI Studio is a hosted platform that organizations can use to build custom AI assistants, copilots, bots, search tools and other applications, grounded in their own data. Announced in November, the platform hosts Microsoft's machine learning models, as well as models from several other sources, including OpenAI, Meta, Hugging Face, and Nvidia. It allows developers to quickly integrate multimodal capabilities and responsible AI features into their models.

Other major players, such as Amazon and Google, have rushed to market with similar offerings over the past year to tap into the surging interest in AI technologies worldwide. A recent IBM-commissioned study found that 42% of organizations with more than 1,000 employees are already actively using AI in some fashion, with many of them planning to increase and accelerate investments in the technology over the next few years. And not all of them were telling IT beforehand about their AI use.

**Protecting Against Prompt Engineering**

The five new capabilities that Microsoft has added — or will soon add — to Azure AI Studio are Prompt Shields, groundedness detection, safety system messages, safety evaluations, and risk and safety monitoring. The features are designed to address some significant challenges that researchers have uncovered recently — and continue to uncover on a routine basis — with regard to the use of large language models (LLMs) and GenAI tools.

Prompt Shields, for instance, is Microsoft's mitigation for what are known as indirect prompt attacks and jailbreaks. The feature builds on existing mitigations in Azure AI Studio against jailbreak risk. In prompt-engineering attacks, adversaries use prompts that appear innocuous and not overtly harmful to try and steer an AI model into generating harmful and undesirable responses. Prompt engineering is among the most dangerous in a growing class of attacks that try to jailbreak AI models or get them to behave in a manner that is inconsistent with any filters and constraints that developers might have built into them.  

Researchers have recently shown how adversaries can engage in prompt-engineering attacks to get GenAI models to spill their training data, spew out personal information, generate misinformation, and potentially harmful content, such as instructions on how to hot-wire a car.

With Prompt Shields, developers can integrate capabilities into their models that help distinguish between valid and potentially untrustworthy system inputs, set delimiters to help mark the beginning and end of input text, and use data marking to mark input texts. Prompt Shields is currently available in preview mode in Azure AI Content Safety and will become generally available soon, according to Microsoft.

**Mitigations for Model Hallucinations and Harmful Content**

With groundedness detection, Microsoft has added a feature to Azure AI Studio that it says can help developers reduce the risk of their AI models "hallucinating." Model hallucination is a tendency by AI models to generate results that appear plausible but are completely made up and not based — or grounded — on the training data. LLM hallucinations can be hugely problematic if an organization were to take the output as factual and act on it in some way. In a software development environment, for instance, LLM hallucinations could result in developers potentially introducing vulnerable code into their applications.

Azure AI Studio's new groundedness-detection capability is basically about helping detect — more reliably and at greater scale — potentially ungrounded GenAI outputs.  The goal is to give developers a way to test their AI models against what Microsoft calls "groundedness metrics" before deploying the model into their products. The feature also highlights potentially ungrounded statements in LLM outputs, so users know to fact check the output before using it. Groundedness detection should be available in the near future, according to Microsoft.

The new system message framework offers a way for developers to clearly define their models' capabilities, profile, and limitations in their specific environments. Developers can use the capability to define the format of the output and provide examples of intended behavior, so it becomes easier for users to detect deviations from intended behavior. The feature isn't available yet but should be soon.

Azure AI Studio's newly announced safety evaluations capability and its risk and safety monitoring feature are both currently available in preview status. Organizations can use the former to assess the vulnerability of their LLM models to jailbreak attacks and generate unexpected content. The risk and safety monitoring capability allows developers to detect model inputs that are problematic and likely to trigger hallucinated or unexpected content, so they can implement mitigations against it.

"Generative AI can be a force multiplier for every department, company, and industry," Microsoft's Bird said. "At the same time, foundation models introduce new challenges for security and safety that require novel mitigations and continuous learning."

**About the Author(s)**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

Source

DARKReading