PRESS RELEASE

The Chief Digital and Artificial Intelligence Office (CDAO) has successfully concluded a Crowdsourced AI Red-Teaming (CAIRT) Assurance Program pilot focused on the use of Large-Language Model (LLM) chatbots in the context of military medicine. The CAIRT program supports the Department of Defense (DoD) in generating grassroots, crowdsourced approaches to AI Assurance and AI Risk Mitigation. Through crowdsourcing, projects are able to elicit a large volume of data and involve a wide variety of stakeholders.

This CAIRT LLM pilot was conducted by Humane Intelligence, a tech company building a community of practice around algorithmic evaluations, in collaboration with the Defense Health Agency (DHA) and the Program Executive Office, Defense Healthcare Management Systems (PEO DHMS). Through red-teaming methodology―using adversarial techniques to internally test system robustness―Humane Intelligence was able to effectively detect specific system vulnerabilities. Additionally, red-teaming attracts participants who want to engage with new technologies and, as possible future beneficiaries, gain the opportunity to contribute to improving the systems. Previously, in the spring of 2024, the CDAO held a valuable red-teaming CAIRT exercise utilizing a financial bounty.

In the latest pilot program, Humane Intelligence utilized crowdsourced red-teaming for two prospective use cases in the context of military medicine:  clinical note summarization and a medical advisory chatbot. Over 200 participants, including clinical providers and healthcare analysts from DHA, the Uniformed Services University of the Health Sciences, and the Services, participated in the exercise, which compared three popular LLMs. The exercise uncovered over 800 findings of potential vulnerabilities and biases related to employing these capabilities in these prospective use cases. This exercise will result in repeatable and scalable output via the development of benchmark datasets, which can be used to evaluate future vendors and tools for alignment with performance expectations. Furthermore, these findings will play a crucial role in shaping DoD policies and best practices for responsible use of Generative AI (GenAI), ultimately improving military medical care. If, when fielded, these prospective use cases comprise covered AI defined in OMB M-24-10, they will adhere to all required risk management practices.

“Since applying GenAI for such purposes within the DoD is in earlier stages of piloting and experimentation, this program acts as an essential pathfinder for generating a mass of testing data, surfacing areas for consideration, and validating mitigation options that will shape future research, development, and assurance of GenAI systems that may be deployed in the future,” remarked CDAO’s lead for this initiative, Dr. Matthew Johnson.

As the recent pilot and others have revealed, continued testing of LLMs and AI systems through the CAIRT Assurance Program will be critical to accelerating the CDAO’s AI Rapid Capabilities Cell, improving GenAI mission effectiveness, and contributing to justified confidence across DoD use cases.

**About the CDAO**

The CDAO became operational in June 2022 and is dedicated to integrating and optimizing AI capabilities across the DoD. The office is responsible for accelerating the DoD’s adoption of data, analytics, and AI, enabling the Department’s digital infrastructure and policy adoption to deliver scalable AI-driven solutions for enterprise and joint use cases, safeguarding the nation against current and emerging threats.

For more information about the CDAO, please visit our website at ai.mil. You can also connect with the CDAO on LinkedIn (@ DoD Chief Digital and Artificial Intelligence Office) and X, formally known as Twitter (@dodcdao). Additional updates and news can be found on the CDAO Unit Page on DVIDS.

You May Also Like

CDAO Sponsors Crowdsourced AI Assurance Pilot in the Context of Military Medicine

Windows servers are vulnerable to a dangerous LDAP vulnerability that could be used to crash multiple servers at once and should be patched immediately.

Source: Andriy Popov via Alamy Stock Photo

One of two critical Active Directory Domain Controller vulnerabilities patched by Microsoft last month goes beyond the original denial-of-service (DoS) attack chain and can be used to crash multiple, unpatched Windows servers at once. And experts are concerned many organizations remain vulnerable.

Researchers at SafeBreach have put together an analysis of the DoS bug, tracked as CVE-2024-49113. This vulnerability, along with a similar remote control execution (RCE) bug, tracked as CVE-2024-49112, with a CVSS score of 9.8, was discovered in Active Directory's Lightweight Directory Access Protocol (LDAP) used to search the databases. Both were patched in December's Microsoft security update.

Microsoft hasn't provided many details about the LDAP flaws, despite their severity and potential impact, which is why SafeBreach said it decided to dig deeper and find out more.

"LDAP is the protocol that workstations and servers in Microsoft's Active Directory use to access and maintain directory services information," the SafeBreach report explained.

Additional analysis of the DoS LDAP bug showed the attack chain could also be used by a threat actor to achieve RCE but, worse yet, could be exploited to crash any Windows server, as long as the target system's domain controller has a DNS server connected to the Internet.

**Why The Microsoft LDAP Flaw Is So Dangerous**

Prior to December's Patch Tuesday update, every single organization running Windows Servers was vulnerable to the flaw, Tal Be'ery, chief technology officer and co-founder of Zengo Wallet, explains.

"So the question is, how many of these organizations patched all of their systems and mainly domain controllers?" he adds.

There's no indication yet the vulnerability is being exploited in the wild, but Be'ery points to PatchPoint's release of exploit code as a signal to threat actors.

"We assume that such code is already being used, but we don't have any positive evidence for it yet," he adds.

Threat actors typically have to work their way from a single, hacked device through what Be'ery compares to a Chutes and Ladders game-like maze, ultimately hopping their way from one compromise to the big prize — the domain controller stuffed full of credentials. It's the time these hackers spend trying to work their way deeper into the system that affords defenders opportunities to stop the cyberattack before it escalates.

"With this LDAP vulnerability hackers can go immediately straight from square 1 to 100 \[domain controllers\] before defenders can respond," he adds.

The SafeBreach research also confirmed Microsoft's December 2024 patches are effective, so administrators are urged to patch Windows Servers and all domain controllers immediately.

If servers can't be patched, Be'ery recommends defenders "use compensating controls such as LDAP and RPC firewalls to block the exploit of this vulnerability."

**About the Author**

Dark Reading

Becky Bracken is a veteran multimedia journalist covering cybersecurity for Dark Reading.

Unpatched Active Directory Flaw Can Crash Any Microsoft Server

PRESS RELEASE

The agreement on the legally binding treaty marked the culmination of a five-year effort by UN Member States, with inputs from civil society, information security experts, academia and the private sector.

UN Secretary-General António Guterres welcomed the adoption of the Convention – the first international criminal justice treaty to have been negotiated in over 20 years.

“This treaty is a demonstration of multilateralism succeeding during difficult times and reflects the collective will of Member States to promote international cooperation to prevent and combat cybercrime,” his spokesperson said in a statement.

The statement added that the Convention “creates an unprecedented platform for collaboration” in the exchange of evidence, protection for victims and prevention, while safeguarding human rights online.

“The Secretary-General trusts that the new treaty will promote a safe cyberspace and calls on all States to join the Convention and to implement it in cooperation with relevant stakeholders.”

New tool to protect people

Philémon Yang, President of the General Assembly, highlighted the importance of the new Convention.

“We live in a digital world, one where information and communications technologies have enormous potential for the development of societies, but also increases the potential threat of cybercrime,” he said.

“With the adoption of this Convention, Member States have at hand the tools and means to strengthen international cooperation in preventing and combating cybercrime, protecting people and their rights online.”

The resolution containing the Convention was adopted without a vote by the 193-member General Assembly.

A victory for multilateralism

Ghada Waly, Executive Director of the UN Office on Drugs and Crime (UNODC) also described the adoption of the treaty as a “major victory” for multilateralism.

“It is a crucial step forward in our efforts to address crimes like online child sexual abuse, sophisticated online scams and money laundering,” she said.

Ms. Waly reiterated the UN agency’s commitment to support all nations in signing, ratifying and implementing the new treaty, as well as providing them with the tools and support they need to protect their economies and safeguard the digital sphere from cybercrime.

The Convention

The Convention against Cybercrime acknowledges the significant risks posed by the misuse of information and communications technologies (ICT), which enable criminal activities on an unprecedented scale, speed, and scope.

It highlights the adverse impacts such crimes can have on States, enterprises, and the well-being of individuals and society, and focuses on protecting them from offenses such as terrorism, human trafficking, drug smuggling and online financial crimes.

It also recognises the growing impact of cybercrime on victims and prioritises justice, especially for vulnerable groups. It further underscores the need for technical assistance, capacity-building and collaboration among States and other stakeholders.

Read more about why the Convention against Cybercrime matters in this explainer.

Next steps

The Convention against Cybercrime will open for signature at a formal ceremony to be hosted in Hanoi, Viet Nam, in 2025. It will enter into force 90 days after being ratified by the 40th signatory.

UN General Assembly Adopts Cybercrime Treaty

PRESS RELEASE

DETROIT & TOKYO--(BUSINESS WIRE)-- VicOne, a leading automotive cybersecurity solutions provider, announced today it will co-host the zero-day vulnerability discovery contest, "Pwn2Own Automotive 2025," with Zero Day Initiative (ZDI). The event will take place from Wednesday, January 22 to Friday, January 24, 2025, at Tokyo Big Sight, West Hall, as part of the “17th AUTOMOTIVE WORLD 2025 – Advanced Automotive Technology Expo.” This will be the second Pwn2Own Automotive contest, following its highly successful debut in January 2024 where 49 zero-day vulnerabilities were discovered.

Pwn2Own Automotive helps build a foundation for automotive cybersecurity by strengthening cybersecurity measures and promoting the prevention of cyber incidents through the discovery of zero-day vulnerabilities. This event addresses growing concerns about vulnerabilities and increased attack risks with the growing adoption of software-defined vehicles (SDVs).

Through ZDI, the contest enables world-class security researchers to conduct real-world testing of the latest automotive technologies. By identifying zero-day vulnerabilities before they can circulate and become real-world cyber-attacks, the event facilitates swift countermeasures, helping prevent cyber threats and enhancing the overall security of automotive vehicles and products.

Additionally, the contest fosters innovation by recognizing the achievements of security researchers and offering over $1 million USD in total prizes. This incentivizes further research and development while providing hands-on experience that nurtures talent in the cybersecurity industry, ultimately contributing to an improved global cybersecurity landscape.

About Pwn2Own 2025 Automotive

Participants in "Pwn2Own Automotive 2025" will compete by earning points in four categories:

*   In-vehicle infotainment (IVI) systems
    
*   Electric vehicle (EV) chargers, and
    

Each contestant must demonstrate the ability to execute arbitrary code on the target devices or OS in their chosen category. They are allowed up to three attempts per target during the contest. Successful challenges earn points, and the participant or team with the highest points at the end of the contest is awarded the prestigious title of "Master of Pwn."

To qualify, the vulnerabilities targeted must be previously unknown, undisclosed, and unreported (according to the contest rules). Only the first participant to successfully complete a challenge in each category is eligible for a monetary reward. The order of the challenges is determined randomly through a draw.

“Through ZDI, we conduct research to address real-world cyberattack scenarios in the automotive sector. Hosting this contest in collaboration with VicOne, who has unmatched expertise and experience in automotive cybersecurity, is a key step in demonstrating our security research expertise within the automotive industry and the research community,” said

Brian Gorenc, VP of Threat Research at VicOne’s parent company, Trend Micro.

“Together with ZDI, VicOne is contributing to building a safer future for software-defined vehicles (SDVs). By discovering zero-day vulnerabilities, this event enables security researchers to uncover unknown, unpublished, and unreported vulnerabilities, facilitating early risk identification and mitigation within the automotive industry. Such efforts are critically important for the global automotive sector, especially as the evolution of SDVs accelerates,” said Max Cheng, CEO of VicOne

Registration Deadline

The deadline to register for the contest is 5:00 PM (JST) on January 16, 2025.

To complete registration, participants must submit a white paper detailing the vulnerability testing procedures and execution methods. Remote participation online is also available.

For more information about Pwn2Own Automotive and the contest rules, visit: https://www.zerodayinitiative.com/Pwn2OwnAuto2025Rules.html

VicOne and Partners at CES 2025

In addition, VicOne will be showcasing its award-winning comprehensive portfolio of cutting edge cybersecurity software and services for the whole automotive industry at the Las Vegas Consumer Electronics Show (CES), one of the most powerful tech events in the world (7-10 January 2025). Together with partners like P3 digital services, a leading provider of In-Vehicle Infotainment (IVI) systems, VicOne offers a safe and secure IVI environment for Android Automotive OS, with content protection for driver and all the vehicle’s passengers.

For more information about VicOne’s automotive cyber security portfolio please visit https://vicone.com/.

About VicOne

With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry. Purpose-built to address the rigorous needs of automotive manufacturers, VicOne solutions are designed to secure and scale with the specialized demands of the modern vehicle. As a Trend Micro subsidiary, VicOne is powered by a solid foundation in cybersecurity drawn from Trend Micro's 30+ years in the industry, delivering unparalleled automotive protection and deep security insights that enable our customers to build secure as well as smart vehicles. For more information, visit: www.vicone.com.

VicOne and Zero Day Initiative (ZDI) to Lead Pwn2Own Automotive

Wagenius posted about hacking more than 15 telecom providers on the Telegram messaging service.

Source: Gregg Vignal via Alamy Stock Photo

NEWS BRIEF

A US Army soldier was reportedly arrested Dec. 20 in Texas and charged with two counts of unlawful transfer of confidential phone records.  

Cameron John Wagenius, 20, is suspected of leaking presidential call logs belonging to AT&T and Verizon under an online alias of "Kiberphant0m."

Wagenius was initially flagged as being involved in the Snowflake hacking campaign along with Connor Riley Moucka, also known as "Judische," who was arrested last October as part of the Snowflake account hacking.

Kiberphant0m reportedly published stolen call logs for former President Donald Trump and Vice President Kamala Harris after Moucka was arrested, as well as offered data schema from the National Security Agency, call logs from US government agencies, and a SIM-swapping Verizon service.

He also posted on Telegram about hacking more than 15 telecom providers and maintaining a distributed denial-of-service botnet.

An indictment alleges that Wagenius was involved in the sale and transmission of confidential phone records; no further details have been released regarding his connection to the Snowflake attacks.

**About the Author**

Skilled writer and editor covering cybersecurity for Dark Reading.

US Soldier Arrested in Verizon, AT&amp;T Hacks

Ethical hacking group Chaos Computer Club uncovered exposed data of electrical vehicle owners across the company's VW, Audi, Seat, and Skoda brands.

Source: Anatoly Vartanov via Alamy Stock Photo

NEWS BRIEF

Volkswagen Group experienced a data breach last month, exposing sensitive personal information of roughly 800,000 electrical vehicle owners across its brands, including Volkswagen, Audi, Seat, and Skoda.

Initially reported by German publication Speigel, the breach has been attributed to an Amazon cloud storage system misconfiguration, which is managed by software subsidiary Cariad. The group reportedly left personal and location data openly accessible online for months on end, prompting the breach.

The anonymous hacker who discovered the breach reported it to Chaos Computer Club (CCC), a well known organization of ethical hackers in Europe. The CCC tested the open, insecure access before informing Cariad and Volkswagen.

The data exposed in the breach includes vehicle location information such as when EVs were switched on and off, along with location data, email addresses, phone numbers, and home addresses of car owners.

A wide variety of individuals have been affected by this breach, including at least two German politicians and the Hamburg police. While most affected vehicles were located in Germany, Spiegel's hired researchers found details about cars in Norway, Sweden, the UK, the Netherlands, France, Belgium, and Denmark.

Cariad reports that it acted quickly to solve the issue and closed off access the same day CCC contacted them. 

**About the Author**

Skilled writer and editor covering cybersecurity for Dark Reading.

Volkswagen Breach Exposes Data of 800K EV Customers

A novel technique to stump artificial intelligence (AI) text-based systems increases the likelihood of a successful cyberattack by 60%.

Source: Krot Studio via Alamy Stock Photo

A new jailbreak technique for OpenAI and other large language models (LLMs) increases the chance that attackers can circumvent cybersecurity guardrails and abuse the system to deliver malicious content.

Discovered by researchers at Palo Alto Networks' Unit 42, the so-called Bad Likert Judge attack asks the LLM to act as a judge scoring the harmfulness of a given response using the Likert scale. The psychometric scale, named after its inventor and commonly used in questionnaires, is a rating scale measuring a respondent's agreement or disagreement with a statement.

The jailbreak then asks the LLM to generate responses that contain examples that align with the scales, with the ultimate result being that "the example that has the highest Likert scale can potentially contain the harmful content," Unit 42's Yongzhe Huang, Yang Ji, Wenjun Hu, Jay Chen, Akshata Rao, and Danny Tsechansky wrote in a post describing their findings.

Tests conducted across a range of categories against six state-of-the-art text-generation LLMs from OpenAI, Azure, Google, Amazon Web Services, Meta, and Nvidia revealed that the technique can increase the attack success rate (ASR) by more than 60% compared with plain attack prompts on average, according to the researchers.

The categories of attacks evaluated in the research involved prompting various inappropriate responses from the system, including: ones promoting bigotry, hate, or prejudice; ones engaging in behavior that harasses an individual or group; ones that encourage suicide or other acts of self-harm; ones that generate inappropriate explicitly sexual material and pornography; ones providing info on how to manufacture, acquire, or use illegal weapons; or ones that promote illegal activities.

Other categories explored and for which the jailbreak increases the likelihood of attack success include: malware generation or the creation and distribution of malicious software; and system prompt leakage, which could reveal the confidential set of instructions used to guide the LLM.

**How Bad Likert Judge Works**

The first step in the Bad Likert Judge attack involves asking the target LLM to act as a judge to evaluate responses generated by other LLMs, the researchers explained.

"To confirm that the LLM can produce harmful content, we provide specific guidelines for the scoring task," they wrote. "For example, one could provide guidelines asking the LLM to evaluate content that may contain information on generating malware."

Once the first step is properly completed, the LLM should understand the task and the different scales of harmful content, which makes the second step "straightforward," they said. "Simply ask the LLM to provide different responses corresponding to the various scales," the researchers wrote.

"After completing step two, the LLM typically generates content that is considered harmful," they wrote, adding that in some cases, "the generated content may not be sufficient to reach the intended harmfulness score for the experiment."

To address the latter issue, an attacker can ask the LLM to refine the response with the highest score by extending it or adding more details. "Based on our observations, an additional one or two rounds of follow-up prompts requesting refinement often lead the LLM to produce content containing more harmful information," the researchers wrote.

**Rise of LLM Jailbreaks**

The exploding use of LLMs for personal, research, and business purposes has led researchers to test their susceptibility to generate harmful and biased content when prompted in specific ways. Jailbreaks are the term for methods that allow researchers to bypass guardrails put in place by LLM creators to avoid the generation of bad content.

Security researchers have already identified several types of jailbreaks, according to Unit 42. They include one called persona persuasion; a role-playing jailbreak dubbed Do Anything Now; and token smuggling, which uses encoded words in an attacker's input.

Researchers at Robust Intelligence and Yale University also recently discovered a jailbreak called Tree of Attacks with Pruning (TAP), which involves using an unaligned LLM to "jailbreak" another aligned LLM, or to get it to breach its guardrails, quickly and with a high success rate.

Unit 42 researchers stressed that their jailbreak technique "targets edge cases and does not necessarily reflect typical LLM use cases." This means that "most AI models are safe and secure when operated responsibly and with caution," they wrote.

**How to Mitigate LLM Jailbreaks**

However, no LLM matter is completely secure from jailbreaks, the researchers cautioned. The reason that they can undermine the security that OpenAI, Microsoft, Google, and others are building into their LLMs is mainly due to the computational limits of language models, they said.

"Some prompts require the model to perform computationally intensive tasks, such as generating long-form content or engaging in complex reasoning," they wrote. "These tasks can strain the model's resources, potentially causing it to overlook or bypass certain safety guardrails."

Attackers also can manipulate the model's understanding of the conversation's context by "strategically crafting a series of prompts" that "gradually steer it toward generating unsafe or inappropriate responses that the model's safety guardrails would otherwise prevent," they wrote.

To mitigate the risks from jailbreaks, the researchers recommend applying content-filtering systems alongside LLMs for jailbreak mitigation. These systems run classification models on both the prompt and the output of the models to detect potentially harmful content.

"The results show that content filters can reduce the ASR by an average of 89.2 percentage points across all tested models," the researchers wrote. "This indicates the critical role of implementing comprehensive content filtering as a best practice when deploying LLMs in real-world applications."

**About the Author**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

'Bad Likert Judge' Jailbreak Bypasses Guardrails of OpenAI, Other Top LLMs

The results of Dark Reading's 2024 Strategic Security Survey suggest that security teams continue to grapple with the challenges that come with increased cloud adoption, such as data visibility and loss of controls. Managing cloud risks will be a focus for security teams in 2025.

Source: John Williams RF via Alamy Stock Photo

Enterprise IT and security managers had a lot to worry about in 2024, such as the exploding number of vulnerabilities, increased volume of threats against their organizations, constant drumbeat of data breaches, and steady stream of user errors and behaviors to manage. Also a big concern was the growing risk exposure as a result of their organizations' increased reliance on cloud technologies.

Respondents to Dark Reading's Strategic Security Survey revealed growing concerns about risks tied to cloud services. In the face of rising adoption of cloud services for data storage, applications, and business operations, organizations appear to be particularly worried about their dependence on cloud providers' security measures and their reduced control over data in cloud environments. Thirty-five percent of organizations, compared with just 23% in the 2023 survey, reported using between 10 and 29 cloud applications internally. Most organizations said they work with multiple cloud providers, which contributes to the visibility challenges. Almost half (48%) rely on two or three providers, and 60% use between two to five cloud service providers.

The near ubiquity of the cloud means organizations are increasingly concerned about cloud security threats. Exploits targeting cloud service providers is the top worry for almost half of the respondents (49.6%), followed closely by cloud services breaches and intrusions (47.8%). The lack of data visibility in cloud environments and an inability to enforce security policies on cloud-stored data tie for third place (39.1%). In comparison, the 2023 survey revealed 45% of respondents worried about cloud exploits, 38% worried about cloud services breaches, and 24% worried about the inability to enforce security policies in the cloud.

The complexity of cloud security is further highlighted by organizations' staffing and control concerns. Overreliance on cloud service providers to detect data breaches was cited by 28.7% of respondents, while 19.1% expressed concern about unclear incident-response protocols with their cloud service providers. Notably, the percentage of organizations worried about their inability to enforce security policies on cloud-stored data increased from 24.4% in 2023 to 39.1% in 2024, suggesting a growing awareness of the challenges in maintaining security control in cloud environments. These findings indicate that while organizations continue to embrace cloud services, they struggle with visibility, control, and the division of security responsibilities between themselves and their cloud service providers.

Security teams have long grappled with the challenges posed by the shared responsibility model with cloud providers, where the provider and the organization have to work together to handle their part of the security tasks. The survey found that organizations are increasingly including the challenges of shared responsibility models, data sovereignty issues, and loss of control in their risk assessments. For instance, 39% are worried about risks tied to a lack of visibility in cloud environments, and an identical proportion believed their inability to enforce enterprise data security policies in the cloud has put them at risk. Nearly three in 10 (29%) are concerned about their overreliance on cloud vendors to detect security issues.

**About the Author**

Dark Reading

The Edge is Dark Reading's home for features, threat data and in-depth perspectives on cybersecurity.

Managing Cloud Risks Gave Security Teams a Big Headache in 2024

The fast growing region has its own unique cyber issues — and it needs its own talent to fight them.

Source: Panther Media via Alamy Stock Photo

COMMENTARY

The Middle East is undergoing a digital transformation that is as rapid as it is remarkable. Tech multinationals are investing big in the region as Dubai, Riyadh, and Abu Dhabi strive to establish themselves as global innovation hubs.   

But this increased digitization comes with an increased risk of cyberattacks — and businesses throughout the Middle East are at risk of being caught with their guard down.

The pace of digital growth in countries throughout the Middle East has far outstripped cybersecurity talent in the region, leaving organizations fatally exposed. While some businesses resort to outsourcing their cybersecurity measures to tech giants and their tools, this hands-off approach is risk-prone.

The Middle East now sits squarely in the firing line. With cyberattacks emboldened by AI, robust cybersecurity defenses are more crucial than ever. Businesses must move away from outsourcing and focus on building strong in-house defenses by investing in tool-based approaches and heavily leveraging in-house hiring, upskilling, and talent retention practices.

**Victims of Their Own Success?**

The commercial success of locations like Dubai, Abu Dhabi, and Saudi Arabia has transformed them into potential hotbeds for cybercrime. Distributed denial-of-service (DDoS) attacks on Middle Eastern countries have risen 75% in the past year, with the UAE and Saudi Arabia taking the brunt of the blow. 

Related:Iranian APT Group Targets IP Cameras, Extends Attacks Beyond Israel

The UAE alone falls victim to around 50,000 cyberattacks a day. And it comes at a cost: in 2023, cyberattacks cost businesses, organizations, and public bodies more than $8 million per incident.

The uptick in cyberattacks is only exacerbated by changing patterns in the cybercrime landscape. The rise of AI has lowered the barrier to entry for would-be hackers, allowing those with even the most novice skills to carry out a full-scale attack. Meanwhile, the proliferation of cybercrime as a service (CaaS), offering services like DDoS-for-hire, means threat actors now need little more than an intention to launch a cyberattack. In this new era of cybercrime, where there's a will, there's a way.

The current cybersecurity skills gap seen throughout the Middle East is leaving companies exposed and vulnerable to bad actors. Over half the companies in the EMEA region have attributed cybersecurity breaches to a lack of skills and training, while 70% of business leaders believe that skills shortages create a whole host of additional cybersecurity risks for companies to address.

**AI Muddles Outsourced Security Equation**

Related:DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks

Too many businesses attempt to remedy this lack of talent by outsourcing their cybersecurity to third parties. While this might have been effective when countries like the US were the main target for threat actors, that's no longer the case.   

The rise of AI-enhanced cyberattacks presents a new host of threats that businesses outsourcing cybersecurity won't necessarily be able to tackle. Not only has AI made it easier for threat actors to carry out cyberattacks, it's also made the attacks themselves more sophisticated and more malicious.

AI-enhanced malware is stealthier, making it harder to detect a breach of IT infrastructure. Automated phishing attacks enable bad actors to target a larger number of potential victims, while the phishing attacks themselves are highly tailored to their targets.

It is crucial that Middle Eastern businesses — particularly those in the UAE and Saudi Arabia — are on top of their cybersecurity measures. They cannot sit back and outsource cybersecurity with the assumption that the risk is also transferred. Instead, they must take an active approach to their cybersecurity measures by building up a strong in-house cybersecurity team that can identify, respond to, and deal with threats in an effective and timely manner. 

Related:South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel

Bringing cybersecurity in-house mitigates the risks that can crop up when relying on outsourced defenses, such as slow response times. Instead, in-house cybersecurity teams will have their fingers on the pulse of the business's security framework, as well as a thorough understanding of business specifics, enabling them to react quickly to threats.

But to achieve this, businesses must invest heavily in new and pre-existing IT talent to close the Middle East's skills gap — and this should be done with a particular focus on hiring and retention practices.

**Retention Is Tough in Smaller Talent Pool**

Over half of organizations globally say they struggle to recruit candidates with cybersecurity experience. Difficulties in hiring cybersecurity talent are compounded by trouble retaining cybersecurity staff, throwing employers into a vicious cycle of hiring and re-hiring. In the Middle East, where the digital economy is still young, this is of particular concern — the talent pool is finite, and companies cannot afford to lose out on promising employees.   

To combat this, corporations in the Middle East should turn their attention to the fresh talent coming out of universities throughout the Middle East and around the world. By forming partnerships with universities and offering attractive graduate schemes, businesses can tap into dense talent pools brimming with promising cybersecurity talent.

Graduates are eager to learn and willing to mold to the company ethos, making them the ideal choice for corporations looking to build up a dedicated in-house cybersecurity team.

Investing in apprenticeship schemes is another option for companies. Although more hands-on, companies will be able to train candidates from the ground up, ensuring the candidate's skills and knowledge are strongly aligned with the business's cybersecurity needs.

**Learning & Development Must Be Fostered**

Retaining this talent is just as crucial as bringing them on board in the first place.  Alongside the usual retention tactics, such as competitive pay packets and desirable benefits, companies must invest heavily in continuous learning and development (L&D) opportunities throughout the employee's career.  

Poor training — or a lack of training altogether — is a surefire way to lose employees. Conversely, 94% of employees say they would stay longer with an employer that invested in L&D. In a fast-changing, continually developing industry like cybersecurity, L&D is especially vital.

Investing in training sessions and development courses for cybersecurity employees will ensure they're kept up to date with any changes in the threat and security landscape. And, in the process, employees will feel as if the company is giving them opportunities to develop their skills and abilities, rounding them out into highly experienced cybersecurity professionals.

Investing in staff as a cybersecurity tactic shouldn't begin and end with cybersecurity staff. Deploying a company-wide cybersecurity upskilling program is a vital first step — and a simple way of ruling out one of the greatest causes behind cybersecurity breaches: human error. Negligence, a lack of awareness, or simple mistakes can lead to vulnerabilities and breaches, even in the most robust systems. Upskilling is a vital step companies must take to mitigate this risk.

With the rising rate of cyberattacks in the Middle East, corporations cannot afford to sit back and wait until they become the next big victim of a data breach or DDoS attack.

Companies can't rely solely on third-party cybersecurity measures — they must build up comprehensive in-house defenses. Businesses need to act now and double their investments in cybersecurity talent, paying particular mind to up-and-coming graduate talent.

**About the Author**

Founder, PG Advisors Ltd.

Partha Gopalakrishnan is a leading business transformation expert with more than 25 years of experience directing global teams to drive digital growth. He also has his own firm, PG Advisors, which offers board advisory and non-executive director services for prominent analysts and PE Firms. 

Partha has served in executive leadership positions with some of the world’s largest technology firms and global systems Integrators, including 17 years with Infosys, followed by a tenure at Tech Mahindra. He has completed executive education programs at the Stanford University Graduate School of Business and The Wharton School of the University of Pennsylvania.

Cybersecurity Lags in Middle East Business Development

AI tools will enable significant productivity and efficiency benefits for organizations in the coming year, but they also will exacerbate privacy, governance, and security risks.

Source: Anggalih Prasetya via Shutterstock

Most industry analysts expect organizations will accelerate efforts to harness generative artificial intelligence (GenAI) and large language models (LLMs) in a variety of use cases over the next year.

Typical examples include customer support, fraud detection, content creation, data analytics, knowledge management, and, increasingly, software development. A recent survey of 1,700 IT professionals conducted by Centient on behalf of OutSystems had 81% of respondents describing their organizations as currently using GenAI to assist with coding and software development. Nearly three-quarters (74%) plan on building 10 or more apps over the next 12 months using AI-powered development approaches.

While such use cases promise to deliver significant efficiency and productivity gains for organizations, they also introduce new privacy, governance, and security risks. Here are six AI-related security issues that industry experts say IT and security leaders should pay attention to in the next 12 months.

**AI Coding Assistants Will Go Mainstream — and So Will Risks**

Use of AI-based coding assistants, such as GitHub Copilot, Amazon CodeWhisperer, and OpenAI Codex, will go from experimental and early adopter status to mainstream, especially among startup organizations. The touted upsides of such tools include improved developer productivity, automation of repetitive tasks, error reduction, and faster development times. However, as with all new technologies, there are some downsides as well. From a security standpoint these include auto-coding responses like vulnerable code, data exposure, and propagation of insecure coding practices.

"While AI-based code assistants undoubtedly offer strong benefits when it comes to auto-complete, code generation, re-use, and making coding more accessible to a non-engineering audience, it is not without risks," says Derek Holt, CEO of Digital.ai. The biggest is the fact that the AI models are only as good as the code they are trained on. Early users saw coding errors, security anti-patterns, and code sprawl while using AI coding assistants for development, Holt says. "Enterprises users will continue to be required to scan for known vulnerabilities with \[Dynamic Application Security Testing, or DAST; and Static Application Security Testing, or SAST\] and harden code against reverse-engineering attempts to ensure negative impacts are limited and productivity gains are driving expect benefits."

**AI to Accelerate Adoption of xOps Practices**

As more organizations work to embed AI capabilities into their software, expect to see DevSecOps, DataOps, and ModelOps — or the practice of managing and monitoring AI models in production — converge into a broader, all-encompassing xOps management approach, Holt says. The push to AI-enabled software is increasingly blurring the lines between traditional declarative apps that follow predefined rules to achieve specific outcomes, and LLMs and GenAI apps that dynamically generate responses based on patterns learned from training data sets, Holt says. The trend will put new pressures on operations, support, and QA teams, and drive adoption of xOps, he notes.

"xOps is an emerging term that outlines the DevOps requirements when creating applications that leverage in-house or open source models trained on enterprise proprietary data," he says. "This new approach recognizes that when delivering mobile or web applications that leverage AI models, there is a requirement to integrate and synchronize traditional DevSecOps processes with that of DataOps, MLOps, and ModelOps into an integrated end-to-end life cycle." Holt perceives this emerging set of best practices will become hyper-critical for companies to ensure quality, secure, and supportable AI-enhanced applications.

**Shadow AI: A Bigger Security Headache**

The easy availability of a wide and rapidly growing range of GenAI tools has fueled unauthorized use of the technologies at many organizations and spawned a new set of challenges for already overburdened security teams. One example is the rapidly proliferating — and often unmanaged — use of AI chatbots among workers for a variety of purposes. The trend has heightened concerns about the inadvertent exposure of sensitive data at many organizations.

Security teams can expect to see a spike in the unsanctioned use of such tools in the coming year, predicts Nicole Carignan, vice president of strategic cyber AI at Darktrace. "We will see an explosion of tools that use AI and generative AI within enterprises and on devices used by employees," leading to a rise in shadow AI, Carignan says. "If unchecked, this raises serious questions and concerns about data loss prevention as well as compliance concerns as new regulations like the EU AI Act start to take effect," she says. Carignan expects that chief information officers (CIOs) and chief information security officers (CISOs) will come under increasing pressure to implement capabilities for detecting, tracking, and rooting out unsanctioned use of AI tools in their environment.

**AI Will Augment, Not Replace, Human Skills**

AI excels at processing massive volumes of threat data and identifying patterns in that data. But for some time at least, it remains at best an augmentation tool that is adept at handling repetitive tasks and enabling automation of basic threat detection functions. The most successful security programs over the next year will continue to be ones that combine AI's processing power with human creativity, according to Stephen Kowski, field CTO at SlashNext Email Security+.

Many organizations will continue to require human expertise to identify and respond to real-world attacks that evolve beyond the historical patterns that AI systems use. Effective threat hunting will continue to depend on human intuition and skills to spot subtle anomalies and connect seemingly unrelated indicators, he says. "The key is achieving the right balance where AI handles high-volume routine detection while skilled analysts investigate novel attack patterns and determine strategic responses."

AI's ability to rapidly analyze large datasets will heighten the need for cybersecurity workers to sharpen their data analytics skills, adds Julian Davies, vice president of advanced services at Bugcrowd. "The ability to interpret AI-generated insights will be essential for detecting anomalies, predicting threats, and enhancing overall security measures." Prompt engineering skills are going to be increasingly useful as well for organizations seeking to derive maximum value from their AI investments, he adds.

**Attackers Will Leverage AI to Exploit Open Source Vulns**

Venky Raju, field CTO at ColorTokens, expects threat actors will leverage AI tools to exploit vulnerabilities and automatically generate exploit code in open source software. "Even closed source software is not immune, as AI-based fuzzing tools can identify vulnerabilities without access to the original source code. Such zero-day attacks are a significant concern for the cybersecurity community," Raju says.

In a report earlier this year, CrowdStrike pointed to AI-enabled ransomware as an example of how attackers are harnessing AI to hone their malicious capabilities. Attackers could also use AI to research targets, identify system vulnerabilities, encrypt data, and easily adapt and modify ransomware to evade endpoint detection and remediation mechanisms.

**Verification, Human Oversight Will Be Critical**

Organizations will continue to find it hard to fully and implicitly trust AI to do the right thing. A recent survey by Qlik of 4,200 C-suite executives and AI decision-makers showed most respondents overwhelmingly favored the use of AI for a variety of uses. At the same time, 37% described their senior managers as lacking trust in AI, with 42% of mid-level managers expressing the same sentiment. Some 21% reported their customers as distrusting AI as well.

"Trust in AI will remain a complex balance of benefits versus risks, as current research shows that eliminating bias and hallucinations may be counterproductive and impossible," SlashNext's Kowski says. "While industry agreements provide some ethical frameworks, the subjective nature of ethics means different organizations and cultures will continue to interpret and implement AI guidelines differently." The practical approach is to implement robust verification systems and maintain human oversight rather than seeking perfect trustworthiness, he says.

Davies from Bugcrowd says there's already a growing need for professionals who can handle the ethical implications of AI. Their role is to ensure privacy, prevent bias, and maintain transparency in AI-driven decisions. "The ability to test for AI’s unique security and safety use cases is becoming critical," he says.

**About the Author**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

Source

DARKReading