Hi everyone,
I hope you’re having a great Saturday morning and that you have something fun planned for the weekend. 🙂 Please see below a roundup of some of the things that you need to know regarding cyber security.
Please do remember that if you need any advice you can contact us through the incognito application. We can help you are pretty much any security problem you have. Trust me, with the many millions of users that we are supporting, it’s fair to say that we have seen pretty much everything. Okay, maybe not everything, as AI is evolving so quickly but we’re doing our best to keep up-to-date with it 🙂
We start with artificial intelligence. Honestly, as I research into artificial intelligence and use some of the AI tools it sends chills down my spine. Now, they are predicting that AI will be pretty much sentiment within 3 to 4 years. This means it will be able to think for itself. Read on for more information.
Artificial Intelligence
With the rise in artificial intelligence, we are also seeing a surge in fake images created using artificial intelligence that are very difficult to distinguish from reality. You can see for yourself in tools that you can get for free in the App Store or on the Internet that you can easily create an image that looks real but is indeed fake. You can ask chat GPT professional version to make you a photo-realistic image of anything you want and it will give it to you in less than a second. The professional version costs about €20 a month.
Just imagine, what could be created using a more advanced version of artificial intelligence, I have seen systems create images that have blown my mind. I asked one of the more advanced systems to produce a photo-realistic image of me standing on top of Mount Everest. Within a couple of seconds, I had a perfect photograph of me at the summit of the world’s tallest mountain. You need to be sceptical about what you see on the Internet, or as an image sent to you in a messaging application.
We are seeing it around the world; celebrities are being used without their permission to sell products. I saw an advertising campaign recently where the famous actor Tom Hanks was promoting cryptocurrency. Now, he was not promoting the cryptocurrency, and the advertisement was a scam, designed to steal money from unsuspecting victims. But at first glance, it looked flawless. Now, the question is how do you distinguish a fake image from a real image? Here are some tips:
* Look for strange details in the image. AI images often have unusual artefacts such as distorted hands (you will find that person might have six fingers), or oddly shaped objects.
* examine the lighting and the shadows. Inconsistent lighting or unrealistic shadows could indicate an AI-generated image..
* Check the background of the image. Backgrounds may appear blurry or oddly repetitive in AI images. For example look at the clouds in the background, if it’s a picture of the outdoors. Are the clouds repeating themselves?
* Send the image to us through the in-app contact options in incognito and we can give you our opinion.
But also, the reason for writing this article is to let you know about Google’s new plans to help you detect AI-generated images. You can read more on this webpage here:
Also, while we’re talking about artificial intelligence, I should probably tell you about a thing called AGI, which stands for artificial general intelligence. AGI is attempting to create software with human-like intelligence and the ability to self-teach. The software aims to be able to perform tasks that it is not necessarily trained or developed for.. or to think for itself. Google DeepMind co-founder Shane Legg said in an interview that there is a 50% chance that AGI can be achieved by 2028, Elon Musk predicts AGI by 2029.
Now, the defence world is 20 years ahead of the rest of the world in terms of technology advancements, which if you believe that would mean that they have AGI now.. Here is a good article to read.
Scam watch
Let’s talk about tech support scams. Here is a very good article from the FTC in the US about a new type of tech support scam where the scammers are not happy stealing a couple of hundred euros from you, they are now going after all of your money.
Usually, the tech support scam is where you will receive a phone call from somebody pretending to be from Microsoft or Google. They convince you that you have a problem with your computer or with your account or that you have a virus and that to rectify it you need to work with them. They will usually install remote access tools on your computer, will fiddle around and do nothing and charge you a couple of hundred euros or a couple of hundred US dollars (they might also steal all of your information as well).
They usually target older people, but I have seen people from all walks of life being ripped off by these types of scams. As you can read in the article, now the tech support scam has advanced in that they tell you that somebody has hacked into your bank account and that they will transfer you to the relevant department that can help you with this.
In reality, they are just passing you to another scammer who will pretend to be from your financial institution or a government agency. At this point, because the tech support scammer has already garnered a lot of information about you, and now the fast-talking bank scammer will attempt to extract your banking information from you.
Keep in mind, that they will apply pressure tactics, they will target you during a busy time of your day. The bottom line is do not be fooled. If you engage with the scammers, you risk losing everything.
If in doubt, hang up the phone. Please pass this message onto your elderly family and friends.
Malware watch
This one is for Mac users. There is a new ransomware strain that has been discovered and it is targeting Mac users. You can read the technical report here but if you are a Mac user or a Windows user never engage with a link unless you know it is safe and never open an attachment unless you know it is safe. These are the two main ways that attackers get malware onto your device.
Criminals send out millions of emails and text messages every day in the hopes that 1% of the people engage with the message. If you do the maths on that, cybercriminals are making a lot of money. It is a very lucrative market attacking your data. Don’t be one of the people or one of the companies affected by this. Check, check, check..
Business security watch
If you’re using a Cisco adaptive security appliance for your business make sure you’re running the latest versions as there are actively exploited bugs within the system. Cisco has fixed the problem but you need to make sure you are updated.
Also, while you’re updating your Cisco equipment, make sure all of your operating systems are up to date, all of your applications are up to date, and all of your security products are up to date across all of the devices on your network.
Hackers, usually exploit weaknesses in software to gain access. As long as you’re running the most up-to-date version of all products you have reduced the attack surface dramatically.
Finally, while you’re at it just make sure to tell all of your employees to be sceptical about clicking on links, or opening attachments received via email.
Be vigilant, and if you need any advice about the security of a link or an attachment you can forward it to our secure server for inspection via the incognito app. Or you can just send it to me directly and I will let you know.
Child Protection
Here is a really interesting article from the Guardian, about how Apple is introducing a new feature to iMessage currently being trialled in Australia that will allow children to report nude images and explicit videos sent to them. Once Apple receives the report from the minor, they can then report it to the police. If a sensitive image is detected, the young person is shown two screens before they can proceed and they’re also given ways to access resources for help or to contact a parent or guardian. This is a really good feature in my opinion. Some of the stuff that is circulating online right now should not be seen by anybody, particularly a child.
…What parents are concerned about
I’ve spoken to many parents over the past couple of years and one of their biggest concerns right now is that their child is addicted to their phone. Many of them have tried to reduce phone time or to take the phone away from them but this has caused huge problems that ultimately end in the child being given the phone back again.
Young people these days are communicating via social media apps, they’re sharing photographs, and they’re playing online games, they are doing everything digitally. The problem is that that is not the real world and they’re missing out on real-world activities at the very least and at the very worst case they’re engaging in behaviour that could affect their personality, that could affect their future.
Also, because the Internet is like the Wild West in terms of regulation, in terms of control, this means that when your child is accessing the Internet you don’t know who they are talking to, you don’t know what they are looking at, you don’t know anything other than they have their face stuck in a screen. They could be talking to people who are pretending to be their friends. They could be talking to an AI chatbot, as you saw yesterday they could be talking to Terence McKenna! You just don’t know. It is worrying for parents as they know that this is wrong but they don’t know how to stop it. It must be very frustrating and very upsetting. Maybe we can help to help them understand.
It is a couple of months out but I think we might have a solution whereby you can at least know what your child is doing without actually monitoring their activities. Trust is a very important thing here. Your child needs to know that they are not being spied on but you as a parent need to know that they’re not talking to a cyber threat, or that they are not engaging in unhealthy behaviour. I think we can help with this piece. Leave it with me, and I’ll report back.
I’m not sure what to do though about how you get your child away from the phone. Tech companies today build their applications so that they are highly addictive.
Here is a great article on Teen Vogue about the science behind social media addiction. Also, there is a very good film that you can watch on this webpage that talks about the subject as well.
Ransomware News
Over in the United States, United Health has confirmed that over 100 million people had their personal information and healthcare data stolen in a recent ransomware attack making this the biggest healthcare data breach in recent years. Here is just some of the information that was breached.
* Health insurance information (such as primary, secondary or other health plans/policies, insurance companies, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers);
* Health information (such as medical record numbers, providers, diagnoses, medicines, test results, images, care and treatment);
* Billing, claims and payment information (such as claim numbers, account numbers, billing codes, payment cards, financial and banking information, payments made, and balance due); and/or
* Other personal information such as Social Security numbers, driver’s licenses, state ID numbers, or passport numbers.
As you can see, the hackers pretty much got everything including payment cards. This means that the credit card information of 100 million people is currently circulating on the dark web, as well as their intimate healthcare records. If you are based in the United States and if you have health insurance with United Health you need to contact them. You need to find out what information has been taken about you. They should also provide you with identity theft protection services. Also, contact your credit card company and cancel any credit cards that you have with United Health.
Also, to make things even worse, United Health apparently paid a US$22 million ransom but there was a conflict between the cyber criminals and they released the information anyway. So there is a great example, never pay the ransom. Also, there is no honour amongst thieves. They should’ve given back the information after they got paid.
You can read more about the article here.
General Hygiene Tips
I have written about this before, but just to remind you that it’s very important for you to power off your phone every 24 hours if possible. A lot of the hacking tools install themselves into temporary memory on your phone and they operate from here. Once you power your phone off you clear out the temporary memory on your phone, thereby removing whatever hacking tool has been placed there and when you power back on your memory is reset. It is an old tech support joke where turning it on and off again fixes everything, but in this case, it does protect you. Turn your phone off right now and turn it back on again.
That’s it from me. I hope you enjoyed reading this. If you did enjoy it, maybe leave a review on the Google Play Store. As I’ve mentioned before the criminals who we target try to undermine us in the Google algorithms, which ultimately makes it more difficult for people to find us. Getting good reviews from users is the best way to stay on top. So, if you have two minutes to spare why not leave us a review if you think we deserve it 🙂
..or if you’re feeling particularly spontaneous why not subscribe to one of our premium plans or become a VIP member, where you can talk to me on the team directly?
Sending you and yours all the best.
Max 🙂