Decoding the black in BlackMamba; How does the world of malware look
时间:2024-06-29 03:10:31 阅读(143)
With advancements in artificial intelligence (AI), experts believe that there has been a rise in AI-driven malware. From what it’s understood, fraudsters can use machine learning techniques such as Generative AI to create malware. By using generative AI, user’s data could be misused and synthesised for fraudulent activities. Reportedly, hackers use predictive AI to predict the defence mechanism of the target. In alignment with this, experts have predicted a new malware ‘BlackMamba’ which uses AI-powered techniques to stay hidden from endpoint detection and response (EDR) security solutions. “ In 2024, the future can combine the ongoing success of many current attack tactics, such as identity compromise, with an emerging landscape dominated by AI-powered cyberattacks,” Parag Khurana, country manager, Barracuda Networks (India) Pvt Ltd, a cloud-based cybersecurity platform, told FE-TransformX, adding that global shortage of cybersecurity professionals means organisations need to look to integrated-end-to-end security solutions, third-party security operations centers and ongoing employee security awareness training, to fortify their defences.Sign Up to get access to the Financial Express Exclusive and Premium Stories.Register NowAlready have a account? Sign in
Decoding BlackMamba
In 2023, about 400 million malware was found across 8.5 million endpoints, as per insights from Seqrite,a cybersecurity solutions provider. In March 2023, over eight percent of responding employees had used ChatGPT at least once in the workplace, and around three percent had entered confidential corporate data into ChatGPT. The most commonly exposed type of corporate data was the sensitive data intended for internal use only, as per insights from Statista. Reportedly, illegal activists had been selling chatbot services such as DarkBART, FraudGPT and WormGPT, among others, as per insights from Seqrite, a cybersecurity solutions provider.
The dark side of generative AI
AI-powered attacks can become common as threat actors create polymorphic malware such as BlackMamba, using ChatGPT and other data-intelligence systems based on large language models (LLM), as per insights from HYAS Labs researchers. “AI also poses challenges and risks for the cybersecurity landscape as it can be used by malicious actors to launch attacks, evade detection and exploit vulnerabilities, among others. One of the main challenges that AI poses is that it can increase the scale, speed and complexity of cyberattacks” Sanjay Agrawal, chief product officer, Quick Heal Technologies Ltd, a cybersecurity platform, explained.
Industry experts believe that the rise of AI-driven attacks, ranging from deepfakes to intricate phishing techniques, poses a challenge to digital security and public trust alike. Threat actors employ BlackMamba to evade detection, intensifying the complexity of the cybersecurity landscape. Every time BlackMamba executes, it re-synthesises its keylogging capability, making the malicious component of this malware polymorphic. “Amidst these challenges, AI has the ability to equip cybersecurity professionals with the tools to fortify digital environments, fostering a proactive stance against emerging threats. Its ability to discern patterns, mitigate risks, and enable real-time responses can reshape the cybersecurity paradigm,” Shibu Paul, vice president, international sales, Array Networks, a security platform, highlighted.
The road ahead
By 2027, 50% of enterprise chief information security officers (CISOs) can adopt human-centric security design practices to reduce cybersecurity-induced friction and upgrade control adoption, as per insights from Gartner. “The integration of decentralised identity systems, AI-driven deception techniques and focus on cyber-resilience postures can set new paradigms. The complexities of the digital realm underscore the need for robust cybersecurity measures. Quantum-resistant algorithms, the convergence of Internet of Things (IoT) vulnerabilities and the role of human-centric security strategies can emerge as the key areas in 2024,” Ajay Kabra, senior director, global business excellence, Xebia, a cloud solution provider, said.
Experts believe that this transformation shouldn’t overshadow the need for human expertise. The collaboration of AI-backed defences with human talent can be the strategy for fortifying cyber fortresses. “The trajectory of 2024 in cybersecurity will use the dual approach of inclusion of AI-powered defences and investment in human skills, along with the guidance of C-suite executives. This convergence can form the bedrock for resilience in an age that is dominated by relentless cyber challenges,” Vishal Gupta, CEO, Seclore, a data-centric security platform, concluded.
Follow us on Twitter, Facebook, LinkedIn
猜你喜欢
- Maharashtra CM Eknath Shinde dredges up Kalyan Dargah issue, pledges ‘liberation’
- Petrol and diesel price June 10- No change in fuel cost; Check prices in Delhi, Mumbai, other cities here
- Mamaearth to utilise IPO funds for expansion
- LPG price hiked by Rs 50; Crosses Rs 1,000 mark in most places
- Adani Ports stock recovers all losses since Hindenburg attack; Adani Enterprises share price jumps 19% today
- Adani Enterprises, ITC, SBI Life among 112 BSE stocks to hit new 52-week highs; Future Consumers at new-low
- OnePlus 12R to feature the biggest battery on a OnePlus ever; display to be wicked fast
- Petrol and diesel price August 17- Fuel cost unchanged; Check prices in Delhi, Mumbai, other cities here
- rude oil,” IG analyst Tony Sycamore said.”
However, that doesn’t take into account the fact that geopolitical tensions on the Middle East are undeniably rising again which will mean limited downside.”
In the U.S., oil drilling rigs were up by one at 501 last week, Baker Hughes said in its weekly report.JPMorgan forecasted 26 oil rigs to be added this year, most of them in the Permian during the first half of the year.
“The timing of drilling is paramount, as rig additions at the start of the year will contribute to 2H24 production growth,” the bank’s analysts said in a note.
“Despite an impressive 1 mbd of crude and condensate production growth in 2023, we expect 2024 supply to increase by only 400 kbd due to lower completions activity levels vs 2023.”