Swiss-Based Schlatter Faces IT Network Disruption After Cyberattack
I am a law graduate from NLU Lucknow. I have a flair for creative writing and hence in my free time work as a freelance content writer.
I am a law graduate from NLU Lucknow. I have a flair for creative writing and hence in my free time work as a freelance content writer.
I am a law graduate from NLU Lucknow. I have a flair for creative writing and hence in my free time work as a freelance content writer.
In recent news, a dangerous AI tool named WormGPT has been gaining popularity on cybercrime forums within the dark web. Marketed as a “sophisticated AI model,” WormGPT is specifically designed to generate human-like text for hacking campaigns, enabling cybercriminals to execute attacks on an unprecedented scale.
According to cybersecurity expert Daniel Kelley, who shared his findings on the platform Slashnext, WormGPT was trained on a diverse range of data sources, with a particular emphasis on malware-related data. This training allows the AI tool to create text that can be utilized for various malicious activities.
The implications of WormGPT’s emergence are concerning for everyday internet users and businesses alike. One of the key issues lies in the speed and volume of scams that a language model like this can generate simultaneously.
The rapid text generation capability of AI models, combined with WormGPT’s malicious intent, poses a significant threat. Cyberattacks such as phishing emails can now be replicated easily, even by those with minimal cybercriminal skills.
Adding to the danger is the promotion of “jailbreaks” on ChatGPT, a similar AI language model by OpenAI, which essentially allows for the manipulation of prompts and inputs to create harmful content or reveal sensitive information. The consequences of such manipulation can be severe, leading to potential data breaches, inappropriate content dissemination, and the development of harmful code.
Also Read: The Future of AI: How Artificial Intelligence Will Change Future
Kelley pointed out that generative AI, like WormGPT, can produce emails with impeccable grammar, making them appear legitimate and decreasing the chances of being flagged as suspicious. This democratizes the execution of sophisticated Business Email Compromise (BEC) attacks, providing access to powerful hacking tools for a broader spectrum of cybercriminals, including those with limited technical expertise.
While companies such as OpenAI ChatGPT and Google Bard are actively working to combat the misuse of large language models (LLMs), there are concerns about the capabilities of these countermeasures.
A recent report by Check Point highlighted that Bard’s anti-abuse restrictors in the realm of cybersecurity are significantly lower compared to ChatGPT, making it easier to generate malicious content using Bard’s capabilities.
The introduction of WormGPT to the dark web follows a disconcerting trend. Researchers from Mithril Security recently revealed their successful modification of an existing open-source AI model named PoisonGPT, aimed at spreading disinformation. The potential consequences of such AI technology are still largely unknown.
As AI has already demonstrated the ability to generate and spread disinformation, manipulate public opinion, and even influence political campaigns, the emergence of bootleg AI models like WormGPT only exacerbates the risks faced by unsuspecting users.
In conclusion, the rise of WormGPT on the dark web signifies a troubling development in the world of cybercrime. The ease with which this AI tool can generate realistic and malicious content poses a significant threat to cybersecurity.
As cyber threat actors find new ways to exploit AI technology, it becomes crucial for AI developers and cybersecurity experts to remain vigilant and take proactive measures to safeguard against potential abuses of AI language models.
Additionally, internet users and organizations must stay informed about these developments and implement robust security measures to protect themselves from the ever-evolving landscape of cyber threats.
I am a law graduate from NLU Lucknow. I have a flair for creative writing and hence in my free time work as a freelance content writer.
Trellix is a cybersecurity company based in California, United States. Recently, FireEye and McAfee enterprise businesses combined together to launch this extended detection and response company in January 2022. So, the roots of Trellix originally date back to the foundation of FireEye by Ashar Aziz, a former engineer at Sun Microsystems.
FireEye was founded in 2004 and after a gap of a few years, the company started commercializing its products. Today, Trellix represents the products of FireEye and some of its main products are email security, endpoint security, file security, cross-vendor, etc. Trellix has approximately 3,400 employees and the company’s recent research claims that most of the hacking groups are either linked to China or Russia.
About Trellix
Trellix is a privately-held cybersecurity company that has evolved in the past 18 years and expanded the ways and techniques in threat detection. The company has been responsible for the detection and prevention of some of the major cyber-attacks across the world. Currently, the Trellix Advanced Threat Research (ATR) team has anticipated cyber attacks targeting Ukraine, and hence team of wipers has been deployed.
Trellix offers both hardware and software products for investigating cyberattacks, preventing malicious activities, and analyzing IT risks. The initial focus of the company was on developing virtual machines to test internet traffic. But after the company started acquisitions it diversified. In 2013, the company went public but then it was privatized once again in 2021. In 2021, FireEye sold both its brand name and products to Symphony Technology Group which then launched Trellix after a year.
History
The history of Trellix began in 2004 with the foundation of FireEye. Though the company was established in 2004, its first product was publicly released in 2010, after a gap of six years. After it released its first product, the company decided to expand in the Middle Eastern market in the same year. By the end of 2010, FireEye opened new offices in the Asia Pacific region, and in 2011 opened new offices in Europe. In 2013, the company expanded into the African market as well. Till 2012, the founder of FireEye, Ashar Aziz played the role of CEO in the company but stepped down in December and he was replaced by David DeWalt, former CEO of McAfee. The main reason why DeWalt was recruited was to prepare the company for an IPO. In 2013, the company raised $50 million in funding and went public after which it raised another $300 million.
Recent Operations
FireEye was growing rapidly especially after it became a public company. The annual revenue of the company increased by eight folds within a couple of years between 2010 and 2012. As the company grew and expanded to various other international markets, the employees also increased from 175 in 2011 to 900 in 2013. Though FireEye was growing rapidly the net profit was not increasing sharply because of the high operating cost, especially in the research division. FireEye also started making acquisitions during this time and started with Mandiant, an information security company in 2013. The deal was closed for $1 billion. Mandiant was a famous cybersecurity company that was known for investigating high-profile hacking groups. In 2014, it acquired another information security company called nPulse Technologies for $60 million.
After making a few acquisitions and launching new products, the annual revenue of the company was $100 million in 2015. But even at this point, the company wasn’t profitable yet due to large research expenditure. In 2016, FireEye acquired two new companies called iSight Partners and Invotas. In the same year, DeWalt stepped down from the CEO of the company and he was replaced by Mandiant CEO Kevin Mandia. In 2021, after STG acquired both FireEye and McAfee Enterprise, the company decided to roll out Trellix.
Bryan Palma – CEO of Trellix
Bryan Palma has become the CEO of Trellix in 2022. He is new to the company as he joined FireEye only a year ago as the Executive Vice President of FireEye Products. He went to the University of Richmond for his bachelor’s and later acquired an MBA degree from Duke University.
Annasha Dey is an NIT student, who apart from studying engineering is also a content writer. She has a great interest in photography, writing, reading novels, and travelling as well. She is a foodie who loves socializing and hanging out with her friends. She is also a trained Kathak dancer and a big fashion enthusiast. Dey also loves watching TV series, which includes F.R.I.E.N.D.S. and Big Bang Theory. To be a better writer she prefers to read more
In the past year, the name of SolarWinds Inc has been crawling in every news website speaking of cyberattacks. SolarWinds is a major software developing company based in America which has many reputed multinational companies as its clients. Last year, the company was the victim of the most sophisticated and the largest cyberattack the world has ever witnessed. After this attack, a security firm called Trustwave raised some concerns regarding the security flaws in the products of SolarWinds which questioned if the company can protect its client’s privacy at all. The cyberattack followed by these allegations had a negative impact on the company’s reputation and the share price fell.
SolarWinds Inc is an American software company with headquarters based in Austin, Texas. The company develops software for enterprises that helps in managing networks, IT infrastructure, and systems. SolarWinds has several offices in the US and overseas with more than 3,200 employees working for the company. Donald Yonce and David Yonce founded the company in 1999 and it became a publicly-traded company in 2009. The company has approximately 300,000 customers which include most of the Fortune 500 companies. There was a huge investigation last year when Orion, one of the SolarWinds products was compromised by a cyberattack.
Donald Yonce, who was a former executive at Walmart along with his brother, David Yonce started SolarWinds in Tulsa, Oklahoma. Though the company was established in 1999, the two brothers started working on their products ahead of time. Trace Route and Ping Sweep were the first two products rolled out by the company. In November 2001, SolarWinds released its first web-based network performance monitoring application. In 2006, Michael Bennett became the CEO of the company and the headquarters were shifted from Tulsa to Austin. During 2007, the company raised funds from Bain Capital, Insight Venture Partners, and Austin Ventures. After the fundings, the company decided to file its first IPO of $112.5 million and became public in 2009.
After the first IPO, the company made several acquisitions and expanded rapidly. In 2011, it was featured in Forbes magazine as one of the top fastest-growing companies. Bennett’s leadership ended in 2010 and he was replaced by the former CFO of the company, Kevin Thompson. In 2013, the company announced that it will be investing in an operations hub in Utah. The company’s target was to develop high-functioning products at a low cost which is desirable by every enterprise. The same year, SolarWinds was named the Best Small Company in America by Forbes. The number of employees in SolarWinds doubled from 2011 to 2013 as the total count became 900. In 2016, the company had more than 1700 employees and generated annual revenue of half a billion dollars. During this time the company was taken private and again filed a public offering in 2018. Last year, Kevin Thompson retired and he was replaced by Sudhakar Ramakrishna. Currently, the company is trying to cope up with the losses it faced during the recent cyberattack.
In 2007, the company received good funding and it decided to invest the money in new acquisitions. So, the company acquired Neon Software and monitor Corp. The company also opened a new office in Ireland for sales purposes. The company didn’t just acquire companies but also focused on acquiring products that matched the interest of the company. After the company became public in 2009, it acquired many companies including Kiwi Enterprises, Hyper9 Inc, TriGeo, EminentWare, etc. By this time the company opened offices outside the US, including Australia, Czech Republic, India, and Singapore. The recent companies acquired by the company are Capzure Technology, Librato, SpamExperts, VividCortex, etc.
Sudhakar Ramakrishna has recently become the CEO of the company. He has 25 years of professional experience in different fields including networking, security, mobility, etc. He is the former CEO of Pulse Secure and also worked at Citrix, Motorola, 3Com, etc. Ramakrishna is an alumnus of Kansas State University.
Annasha Dey is an NIT student, who apart from studying engineering is also a content writer. She has a great interest in photography, writing, reading novels, and travelling as well. She is a foodie who loves socializing and hanging out with her friends. She is also a trained Kathak dancer and a big fashion enthusiast. Dey also loves watching TV series, which includes F.R.I.E.N.D.S. and Big Bang Theory. To be a better writer she prefers to read more
Colonial Pipeline is the top U.S. pipeline operator which was recently attacked by a ransomware group. The U.S. government said that this group of hackers might be new but they aren’t amateur hackers. This attack has plummeted the oil supply thus forcing the company to shut down the oil supply in the eastern states of the nation. The White House is working closely with Colonial Pipeline to help them recover the losses after the cyberattack.
The suspect behind this Colonial Pipeline cyberattack is not yet made official but a couple of industry resources have informed Reuters that the group DarkSide is one of the suspects. Cybersecurity has mentioned that veteran cybercriminals constitute the group of DarkSide whose main focus is to squeeze as much as possible from their target. Tension among government officials and lawmakers has increased and this attack is one of the most disruptive digital ransom schemes ever reported. (Reuters)
After the change of the political scenario in the U.S., the pipeline fix became one of the top priorities for the Biden administration and Washington, said Gina Raimondo, Commerce Secretary. The U.S. government was working vehemently so that Colonial Pipeline could restart the 8,850km pipeline network stretching from Texas to New Jersey. She further mentioned that the White House is working closely with the company, state, and local officials so that the company gets back and up running as soon as possible.
Colonial Pipeline has mentioned on Sunday that the main pipeline network is not in operation at this moment. But there are some smaller lines between the terminals and delivery points which are currently operational. The company is uncertain as to when the company can resume the entire pipeline network again.
Colonial Pipeline is responsible for transporting approximately 2.5 million barrels of gasoline per day and other fuels. It is shipped from the Gulf Coast refiners to the mid-Atlantic and southeastern United States consumers. This pipeline network supports the major airports of the U.S. including Atlanta’s Hartsfield Jackson Airport. One spokesperson from the Charlotte Douglas International Airport said that the airport has a supply on hand which is supplied by another major pipeline along with Colonial.
The compromise of the oil supply network will have a significant impact on the regional fuel supplies. Since the company is uncertain about when the company will be fully operational again, this outage will affect the southeastern United States, said American Automobile Association. Once the crisis tends to continue prices will accelerate substantially in the southeastern states. Some of the U.S. states that are very vulnerable to this situation are Tennessee, Georgia, and Maryland.
The investigation led by the U.S. government is in its early stage but still many of the industrial experts and a former U.S. official suspect it to be the cybercriminal group called DarkSide. DarkSide is a professional ransomware group that avoids setting targets in the post-Soviet states. Their goal is to break into a network and then use software to encrypt the data while they steal data at times. Once this is done they ask for payment to decrypt the data. Additional payments are charged as they continuously threaten to publish the stolen content.
An unnamed source has said that this time the hackers stole more than 100 gigabytes of data from Colonial. While the FBI was working with both government and private officials, the hackers took the cloud computing system offline that they used to collect the stolen data. It seems that the data of Colonial was not further transported to any other system. The company has declined to make any further comments regarding DarkSide.
On Saturday, President Joe Biden was briefed about the Colonial Pipeline cyberattack and that the government was trying to restore the company and prevent disruption in supply. The lawmakers are looking forward to working more with privately-held critical infrastructure companies to guard against cyberattacks. (Reuters) U.S. Senator, Bill Cassady has said that this is a question and threat to national security and something that the Democrats and Republicans can work on together.
The Federal Motor Carrier Safety Administration is issuing temporary hours of service exemption so that refined products are transported to 17 southern and east coast states including Alabama, Delaware, Florida, Georgia, New Jersey, and New York. Alternative transportations can be required at any hour and the oil refining companies are looking into it.
Annasha Dey is an NIT student, who apart from studying engineering is also a content writer. She has a great interest in photography, writing, reading novels, and travelling as well. She is a foodie who loves socializing and hanging out with her friends. She is also a trained Kathak dancer and a big fashion enthusiast. Dey also loves watching TV series, which includes F.R.I.E.N.D.S. and Big Bang Theory. To be a better writer she prefers to read more