Subject: Financial regulator says use of crypto helps—not hurts—ransomware investigations
Source: GCN https://gcn.com/cybersecurity/2022/03/financial-regulator-says-use-crypto-helpsnot-hurtsransomware-investigations/363338/
While cryptocurrency is preferred by ransomware perpetrators because of its perceived anonymity, it has significant visibility and investigative benefits over opaque banking, a FinCEN official told a Senate committee. Another key U.S. law enforcement official is challenging the notion that greater regulation of the cryptocurrency industry is needed to deter ransomware perpetrators, arguing blockchain technology has, moreover, assisted officials working to track the malicious activity.“Yes, cryptocurrency has become the recent payment of choice because of the speed and its perceived anonymity,” reads testimony Michael Mosier, deputy director and digital innovation officer for the Financial Crimes Enforcement Network—FinCEN—submitted to the Senate Banking Committee Thursday. “However, payments made in cryptocurrency offer law enforcement significant visibility and investigative benefits over opaque banking, as we saw with the recovery of $2.3 million in cryptocurrency from the Colonial Pipeline attackers.” …Filed:
Subject: Week in review: The secret to app security, new issue of (IN)SECURE Magazine
Source: Help Net Security
https://www.helpnetsecurity.com/2022/03/20/week-in-review-the-secret-to-app-security-new-issue-of-insecure-magazine/
Subject: How to secure your home and office network: The best DNS blockers and firewalls Source: ZDNet via beSpacific https://www.bespacific.com/how-to-secure-your-home-and-office-network-the-best-dns-blockers-and-firewalls/
Subject: Bank’s Machine Learning Systems Are Ripe for Sabotage
Source: Gizmodo
https://gizmodo.com/banks-using-ai-are-ripe-for-russian-sabotage-report-1848687118
Experts worry machine learning’s reliance on large data sets to train make them particularly vulnerable to data manipulation attacks.Banks and other financial institutions utilizing artificial intelligence may be uniquely susceptible to retaliatory Russian cyberattacks as taxing international sanctions worsen, experts warn. … However, experts fear these same institutions’ rapid reliance on machine learning-learning models to automate more and more of their systems in the name of efficiency could come back to bite them in the ass. Andrew Burt, a former policy adviser to the head of the cyber division at the FBI, described AI vulnerabilities as “significant and very widely overlooked” at many financial institutions that have come to rely on them. “It’s a huge unaccounted-for risk,” Burt said. So why exactly are machine learning algorithms more susceptible to attacks? Well, in general, most of the problems stem from machine learning’s need to utilize large amounts of data to improve calculations. That reality makes them particularly susceptible to data manipulation attacks. In the past, researchers have shown it’s possible for an attacker to deliberately “poison” an algorithm’s training data to corrupt or influence any results it may spit out. … These algorithms can also be duped in real-time without large sets of data. Researchers from Tencent’s Keen Security Lab, for example, demonstrated several relatively simple techniques used to fool Tesla’s machine learning capabilities back in 2019, first tricking the windshield wipers to engage when they weren’t supposed to and then using a bright sticker on a road to convince a Tesla engaged in Autopilot to drift into an opposing lane.
Source: GCNhttps://gcn.com/public-safety/2022/03/state-upgrades-mass-alert-system/363467/
Emergency managers in Iowa can now automatically push out safety alerts through emails, text messages, phone calls, RSS feeds and social media — and in multiple languages.Before, when a tornado warning was issued, emergency managers would “have to go to their Facebook page and go to their Twitter page and type that information in, and now this is automatic,” said Allison Bright, program planner at Iowa’s Department of Homeland Security and Emergency Management, which manages the system. Now, as soon as a warning is “issued by the National Weather Service, it automatically gets issued to their social media pages.” It also works seamlessly with the Smart911 app, which residents can subscribe to with their physical address to receive geo-targeted alerts. “What the emergency manager [in a county or at the state level] can do is geofence a location and say, ‘This issue is going on inside this geofenced location area,’” Bright said, adding that the state has reached more than 2,700 users that way since the new system went live July 1, 2021.
So far 87 of the state’s 99 counties are onboard with it, and since it went live, the system has sent almost 4,800 alerts, with 432 posts to Twitter and 689 to Facebook, sent almost 425,000 emails and 850,000 texts and made 350,000 phone calls. Each county can set the system up differently, based on their residents’ preferences. For instance, some lump together tornado watches and warnings, while others separate them out. Other counties have more language options than others, depending on their population.
… Filed: https://gcn.com/public-safety/
Subject: Scrubbing the bias from machine learning systems
Source: GCN
https://gcn.com/emerging-tech/2022/03/eliminating-machine-learning-bias-requires-more-monitoring/363391/
Subject: Blockchain: Emerging Technology Offers Benefits for Some Applications but Faces Challenges
Source: U.S. GAO
https://www.gao.gov/products/gao-22-104625
Subject: FBI: Americans lost $7B in 2021 to Internet crime
Source: UPI.com https://www.upi.com/Top_News/US/2022/03/23/FBI-Internet-crime-report-2021/7611648021094/
March 23 (UPI) — Americans reported losses surpassing $6.9 billion to Internet crime last year, according to a new report from the FBI.Released on Tuesday, the annual Internet Crime Report states Americans filed 847,376 complaints concerning a wide array of Internet scams, representing a 7% increase from the year previous. “In 2021, America experienced an unprecedented increase in cyber attacks and malicious cyber activity,” Paul Abbate, deputy director of the FBI, said in the report. “These cyber attacks compromised businesses in an extensive array of business sectors as well as the American public.” Among the 2021 complaints received, ransomware, business e-mail compromise schemes and the criminal use of cryptocurrency were among those most reported, it said.
In response to the attacks, U.S. President Joe Biden announced a slew of measures to protect the nation from cybercriminals and even held a July summit with Russian President Vladimir Putin on the topic as several of the incidents are believed to be been connected to Kremlin-linked groups. Abbate added in the report that as cyberthreats evolve they are becoming “increasingly intertwined” with traditional intelligence threats.
…
Topics:
Subject: DHS seeks to automate video surveillance on ‘soft targets’ like transit systems, schools
Source: FedScoop
https://www.fedscoop.com/dhs-video-analytics-solicitation-soft-targets/
The Department of Homeland Security wants industry to develop video analytics that can detect threats caught on cameras at schools and transit systems in real time, which runs the risk of blanket surveillance, according to an American Civil Liberties Union expert.The DHS Science & Technology Directorate issued a solicitation that gives companies two years to create products capable of automatically flagging anomalies — like unattended bags or people being where they shouldn’t — to monitor vulnerable, populated places deemed “soft targets.” DHS S&T’s Silicon Valley Innovation Program funds companies’ development of new technologies in four phases, but its latest solicitation comes at a time when artificial intelligence used to monitor people is rapidly advancing. “Right now we have a lot of cameras on us, but we basically don’t worry about them most of the time because there’s an implicit understanding nobody’s really watching those cameras,” Jay Stanley, senior policy analyst with the ACLU Speech, Privacy and Technology Project, told FedScoop. “No one is going to pay a million security guards to watch every camera feed, but with AI you can do that.” While various DHS arms have explored using AI to detect anomalies and “suspicious individuals,” DHS S&T’s “broad” solicitation would impose video surveillance in a variety of everyday situations, Stanley said. …
Subject: Blockchain: Financial and Non-Financial Uses and Challenges
Source: U.S. GAO
https://www.gao.gov/blog/blockchain-financial-and-non-financial-uses-and-challenges
Markets—for example the housing market or those for commercial goods—currently rely on institutions like banks or other intermediaries to facilitate transactions. But blockchain technology could reduce the need for these steps, while providing a trusted, tamper-resistant record of transactions.While this emerging technology could help level the playing field for businesses of all sizes or enable greater financial inclusion, it also faces some challenges and poses some risks to the consumers and businesses that hope to use it. In today’s WatchBlog post, we look at blockchain technology, including the benefits, challenges, and risks surrounding its use. … Want to learn more about blockchain technology? Check out our new technology assessment on blockchain here.