Source-digitalterminal.in_
Kaspersky is hosting its annual Cybersecurity Weekend for Asia Pacific Countries 2024 from August 4-7 in Sri Lanka. This event aims to provide an overview of the latest cybersecurity developments and threat vectors in the region, focusing on best practices to tackle emerging security challenges. The growing sophistication of ransomware and the integration of AI into cyberattacks were among the key topics discussed.
Key Insights from Cybersecurity Experts on Kaspersky’s Cybersecurity Weekend 2024
The event brought together top cybersecurity professionals, journalists, CTOs, and executives from various industries to delve into pressing cybersecurity threats and the challenges posed by AI proliferation. Kaspersky’s selection of Sri Lanka as the venue underscores the country’s rising importance and Kaspersky’s commitment to securing digital infrastructure for public and private entities alike.
Adrian Hia, Managing Director for the APAC region at Kaspersky, emphasized the need for cybersecurity providers and organizations to adapt their cybersecurity strategies and be mindful of regional legal implications. He highlighted the inevitability of AI integration in organizations, stressing the importance of data compliance and the implementation of policies to manage confidential data while adhering to regional laws. Hia also underlined the necessity of cyber resiliency, recommending practices such as telemetry, information logging, and comprehensive incident response policies to ensure swift recovery from cyberattacks.
The Role of AI and Ransomware in Cybercrime
Igor Kuznetsov, Director of Kaspersky’s Global Research & Analysis Team (GReAT), offered a global perspective on cybersecurity threats. He identified ransomware as the most common cybercrime, often executed like a business model (RaaS), with common infection methods including the exploitation of vulnerable applications and compromised credentials. Kuznetsov also pointed out the emerging threat of supply chain compromises, noting that many such attacks are only discovered after they have succeeded. The most targeted sectors include governmental entities, financial institutions, and manufacturing companies.
The summit also explored the increasing use of AI in cybercrime. AI is enhancing social engineering attacks by creating more convincing phishing emails, generating passwords, coding malware, and conducting password attacks. Cybercriminals can also manipulate AI systems to misclassify malware as safe files through adversarial attacks. Kaspersky combats these threats by mimicking adversarial attacks on their malware detection models.
Addressing Supply Chain Attacks and AI Vulnerabilities
Alexey Antonov, Lead Data Scientist at Kaspersky, discussed the rapid growth of AI-related attacks. While some of these attacks require highly skilled data scientists, others are accessible through publicly available tools. Antonov categorized these threats into offensive AI, which adversaries use to innovate new attack vectors, and AI vulnerabilities, where models are manipulated to perform unexpected actions. He highlighted the rise of deep fakes and prompt attacks on large language models as examples of these threats.
Vitaly Kamluk, a cybersecurity expert at GReAT, emphasized the dangers of supply chain attacks on critical infrastructure such as hospitals, banks, and airlines. He cited an incident where a faulty software update by Crowdstrike led to a widespread failure of Windows machines, causing significant financial damage. Kamluk warned that supply chain attacks on AI models could introduce biases and vulnerabilities, potentially leading to unprecedented impacts.
Conclusion
The Kaspersky Cybersecurity Weekend 2024 underscored the critical need for organizations to develop robust cyber resiliency plans, train staff against cyber threats, enforce best cybersecurity practices, and maintain updated threat intelligence. Partnering with trusted cybersecurity firms is essential to ensure defense-in-depth and preemptive protection against evolving cyber threats.
Also Read : CyberPro Magazine
