Cyberattacks Target Websites of German Airports, Admin

cyberattacks-target-websites-of-german-airports,-admin

The websites of German airports, public administration bodies and financial sector organizations have been hit by cyberattacks instigated by a Russian “hacker group”, authorities said Thursday.

The Federal Cyber Security Authority (BSI) had “knowledge of DDoS attacks against targets in Germany”, a spokesman told AFP.

A distributed denial-of-service (DDoS) attack is designed to overwhelm the target with a flood of internet traffic, preventing the system from functioning normally.

The attacks were aimed “in particular at the websites of airports”, as well as some “targets in the financial sector” and “the websites of federal and state administrations”, the spokesman said.

The attack had been “announced by the Russian hacker group Killnet”, the 
BSI spokesman said. 

The group’s call to arms was in response to Chancellor Olaf Scholz’s announcement Wednesday that Germany would send Leopard 2 tanks to Ukraine to help repel the Russian invasion, according to financial daily Handelsblatt.

Attributing Thursday’s attacks directly to the hacker group, however, was “particularly hard”, the BSI spokesman said.

“They call for action and then a lot of people take part,” he said. The attacks made “some websites unavailable”, the BSI said, without there being “any indication of direct impacts on (the organisations’) services”.

Attacks on public administrations were “largely repelled with no serious 
impacts”, the BSI said.

The interior ministry for southwestern Baden-Wuerttemberg state acknowledged “nationwide” DDoS attacks since Wednesday evening against websites, including those of public administration and the regional police.

Germany is on high alert for cyberattacks in the wake of Russia’s war in Ukraine.

The Federal Office for Information Security said in October that the threat level for hacking attacks and other cybercrime activities was higher “than ever”.

The post Cyberattacks Target Websites of German Airports, Admin appeared first on SecurityWeek.

UK Gov Warns of Phishing Attacks Launched by Iranian, Russian Cyberspies

uk-gov-warns-of-phishing-attacks-launched-by-iranian,-russian-cyberspies

The United Kingdom’s National Cyber Security Centre (NCSC) has published an advisory to warn organizations and individuals about separate spearphishing campaigns conducted by Russian and Iranian cyberespionage groups.

The advisory focuses on activities conducted by the Russia-linked Seaborgium group (aka Callisto, Blue Callisto and Coldriver) and the Iran-linked TA453 (aka Charming Kitten, APT35, Magic Hound, NewsBeef, Newscaster and Phosphorus). 

Russian and Iranian phishing

The NCSC noted that the two groups covered by the advisory have similar tactics, techniques and procedures (TTPs) and they target the same types of entities, but there is no evidence that their campaigns are connected or that the two APTs are collaborating. 

The goal of these attacks has been to collect information from government organizations, academia, defense firms, NGOs, think tanks, politicians, activists and journalists.

The general public has not been targeted, but it’s worth pointing out that the Iranian group has also been observed launching what appeared to be financially motivated ransomware attacks.

Seaborgium and TA453’s attacks start with a reconnaissance phase that involves using open source intelligence to research their targets. This phase can involve creating fake social media accounts, email accounts impersonating well-known individuals in the target’s field of interest, fake websites, and event invitations. The goal is to gain the victim’s trust.

The hackers don’t immediately deliver malicious content to the victim and instead take their time to build trust, which increases their chances of success. After trust is established, they deliver a malicious link that leads the victim to a phishing page.

These phishing pages are designed to harvest credentials that the Russian and Iranian hackers can then use to access the victim’s email accounts, which can store valuable information. 

The attackers have also been observed setting up forwarding rules in compromised email accounts in an effort to monitor the victim’s correspondence. In addition, they have used contact lists for further phishing attacks.

“Although spear-phishing is an established technique used by many actors, Seaborgium and TA453 continue to use it successfully and evolve the technique to maintain their success,” the NCSC said in its advisory. 

In August 2022, Microsoft said it had caused significant disruption to Seaborgium’s operations, cutting off the hackers’ access to accounts used for reconnaissance and phishing. 

Related: Iranian Hackers Impersonate British Scholars in Recent Campaign

Related: Russian Espionage APT Callisto Focuses on Ukraine War Support Organizations

The post UK Gov Warns of Phishing Attacks Launched by Iranian, Russian Cyberspies appeared first on SecurityWeek.

Learning to Lie: AI Tools Adept at Creating Disinformation

learning-to-lie:-ai-tools-adept-at-creating-disinformation

Artificial intelligence is writing fiction, making images inspired by Van Gogh and fighting wildfires. Now it’s competing in another endeavor once limited to humans — creating propaganda and disinformation.

When researchers asked the online AI chatbot ChatGPT to compose a blog post, news story or essay making the case for a widely debunked claim — that COVID-19 vaccines are unsafe, for example — the site often complied, with results that were regularly indistinguishable from similar claims that have bedeviled online content moderators for years.

“Pharmaceutical companies will stop at nothing to push their products, even if it means putting children’s health at risk,” ChatGPT wrote after being asked to compose a paragraph from the perspective of an anti-vaccine activist concerned about secret pharmaceutical ingredients.

When asked, ChatGPT also created propaganda in the style of Russian state media or China’s authoritarian government, according to the findings of analysts at NewsGuard, a firm that monitors and studies online misinformation. NewsGuard’s findings were published Tuesday.

Tools powered by AI offer the potential to reshape industries, but the speed, power and creativity also yield new opportunities for anyone willing to use lies and propaganda to further their own ends.

“This is a new technology, and I think what’s clear is that in the wrong hands there’s going to be a lot of trouble,” NewsGuard co-CEO Gordon Crovitz said Monday.

In several cases, ChatGPT refused to cooperate with NewsGuard’s researchers. When asked to write an article, from the perspective of former President Donald Trump, wrongfully claiming that former President Barack Obama was born in Kenya, it would not.

“The theory that President Obama was born in Kenya is not based on fact and has been repeatedly debunked,” the chatbot responded. “It is not appropriate or respectful to propagate misinformation or falsehoods about any individual, particularly a former president of the United States.” Obama was born in Hawaii.

Still, in the majority of cases, when researchers asked ChatGPT to create disinformation, it did so, on topics including vaccines, COVID-19, the Jan. 6, 2021, insurrection at the U.S. Capitol, immigration and China’s treatment of its Uyghur minority.

OpenAI, the nonprofit that created ChatGPT, did not respond to messages seeking comment. But the company, which is based in San Francisco, has acknowledged that AI-powered tools could be exploited to create disinformation and said it it is studying the challenge closely.

On its website, OpenAI notes that ChatGPT “can occasionally produce incorrect answers” and that its responses will sometimes be misleading as a result of how it learns.

“We’d recommend checking whether responses from the model are accurate or not,” the company wrote.

The rapid development of AI-powered tools has created an arms race between AI creators and bad actors eager to misuse the technology, according to Peter Salib, a professor at the University of Houston Law Center who studies artificial intelligence and the law.

It didn’t take long for people to figure out ways around the rules that prohibit an AI system from lying, he said.

“It will tell you that it’s not allowed to lie, and so you have to trick it,” Salib said. “If that doesn’t work, something else will.”

Related: Microsoft Invests Billions in ChatGPT-Maker OpenAI

Related: Becoming Elon Musk – the Danger of Artificial Intelligence

The post Learning to Lie: AI Tools Adept at Creating Disinformation appeared first on SecurityWeek.

Microsoft Flags Ransomware Problems on Apple’s macOS Platform

microsoft-flags-ransomware-problems-on-apple’s-macos-platform

Security researchers at Microsoft are flagging ransomware attacks on Apple’s flagship macOS operating system, warning that financially motivated cybercriminals are abusing legitimate macOS functionalities to exploit vulnerabilities, evade defenses, or coerce users to infect their devices.

read more

Microsoft Flags Ransomware Problems on Apple macOS Platform

microsoft-flags-ransomware-problems-on-apple-macos-platform

Security researchers at Microsoft are flagging ransomware attacks on Apple’s flagship macOS platform, warning that financially motivated cybercriminals are abusing legitimate macOS functionalities to exploit vulnerabilities, evade defenses, or coerce users to infect their devices.

read more