A cyber secure approach to AI

The BBC recently interviewed the National Cyber Security Centre (NCSC) to discuss AI and Cyber security. With generative AI tools taking the world by storm, more businesses are rushing to develop new AI products. However, there is a concern that cyber security is being overlooked. The NCSC reiterated that it was important that robust systems were in place in the initial stages of AI development.

The fact that AI tools and systems can be used for harm should not be overlooked. Experts have already discussed these possibilities, with many suggesting that AI can and will be used to hack into devices or spread misinformation on social media. Another way AI tools and systems can be misused is by ‘poisoning’ the data that the AI is learning from. This can lead to biased outcomes or output from an AI tool or system.

The NCSC suggests that it is important that basic principles of good cybersecurity, as outlined in the 10 steps to cyber security guide,  are applied in the early and developmental stages of AI tools, systems and services to avoid situations in the future where security may need to be retrofitted. The ICAEW’s Cyber security guide also outlines more information on how professionals in accountancy can mitigate and prevent cyber risks and threats.

MOVEit updates

In the last cyber update, we covered the MOVEit hack, which has impacted several large profile organisations in the UK. According to a threat analysis performed by Emsisoft, it is now estimated that the MOVEit attack has directly and indirectly impacted more than 380 organisations and 19 million individuals worldwide. This month, there have been further reports of impacted organisations that include Radisson Hotels, Honeywell, and TomTom.

In response to customer feedback, MOVEit has now introduced a service pack that includes regular product and security updates. If your organisation has been affected, it is important you review and follow the updated vendor instructions to patch and or upgrade your systems as necessary.

Cyber espionage

Microsoft has noted a cyber incident involving Chinese threat actors that have hacked email accounts of around 25 organisations, including government agencies based in Western Europe and the US.

It is believed that Storm-0558 is the China-based group responsible for this attack. The threat actor used forged digital authentication tokens, which are used to verify identity, to act as authorised Azure Active Directory users and to access email accounts.

The group has been known to target government agencies in the past with incidents involving espionage, data theft and forged credential access.

Microsoft has since taken actions to remediate the issue to block any further threats. All known victims have been contacted and no further action from customers is required. However, it is important to note that Microsoft and other agencies believe that these kinds of attacks will continue to rise in sophistication and frequency going forwards.

In recent months, big cloud providers, including Microsoft, have been the target of an increasing number of cyber-attacks. In last month’s update, we covered Microsoft’s response to a number of Distributed Denial of Service attacks. While big cloud providers have strong layers of security and defences, they also represent a bigger potential reward for cyber criminals if successfully hacked. Understanding security risks when using cloud services can be important. NCSC’s Cloud security guidance is a good starting point.

Business support crucial

The sixth annual Active Cyber Defence report from GCHQ and NCSC released this month has found that British businesses reported a suspicious email or website every 5 seconds in 2022. This contribution made by businesses in the UK led to a removal of 235,000 malicious URLs by the NCSC.

Small businesses are a big part of the UK’s economy and play a significant role in making it safer to work online. Last year, the NCSC launched email security check and check your cyber security services for small businesses. Ongoing vigilance and support from small businesses is crucial to preventing millions of cyber-attacks from impacting organisations and individuals in the UK.

The report also outlines other key findings and important trends in cyber defence.