Tech Risk Reading Picks

1. AI risk: Trend Micro issued a strong caution, anticipating a rise in sophisticated social engineering attacks driven by generative AI (GenAI) in the year 2024. [more]

2. Strengthening of AI safety and security: U.S. White House announced an Executive Order outlining measures to address safety and security threats posed by AI within 90 days. Actions include disclosure requirements for powerful AI systems, assessment of AI risks to critical infrastructure, and hindering foreign efforts to develop harmful AI. Steps taken involve using Defense Production Act to compel disclosure of crucial information by developers, proposing rules for U.S. cloud companies to report foreign AI training, and completing risk assessments across critical infrastructure sectors to ensure safe integration of AI into vital aspects of society. [more]

3. Communication security and visibility with TLS 1.3: The National Institute of Standards and Technology (NIST) has released a draft practice guide, "Addressing Visibility Challenges with TLS 1.3 within the Enterprise," to help companies, especially in finance and healthcare, implement the latest internet security protocol, TLS 1.3. This guide provides technical methods to ensure secure data transfer over the public internet while complying with industry regulations that mandate continuous monitoring and auditing for cyberattacks. The guide was developed collaboratively with technology vendors, industry organizations, and stakeholders involved in the Internet Engineering Task Force. [more]

4. Cloudflare compromised using Okta’s breach credential: Cloudflare disclosed a security breach involving its internal Atlassian server, accessed by a suspected nation-state attacker on November 14. The intruder gained entry to Confluence, Jira, and Bitbucket systems. The breach was detected on November 23, access severed on November 24, and investigation initiated on November 26. The attacker utilized stolen credentials from Okta's October 2023 breach. Cloudflare took extensive remediation measures, including rotating over 5,000 production credentials, segmenting systems, and ensuring security in the Brazil data center. Remediation concluded on January 5, with ongoing efforts in software hardening and security management.

5. DORA on PQC: Organizations impacted by DORA (possibly referring to quantum threats) should take the following steps:

   1. Assess and review their cryptographic posture, identifying elements potentially impacted by quantum threats.

   2. Develop a plan based on business priorities, considering existing transformation programs, for remediating impacted digital services and systems.

   3. Improve cryptographic posture by introducing discovery and inventory capabilities, cryptographic observability, and leveraging "cryptography bills of material" to increase organizational cryptographic agility.

   4. Ensure current change processes and strategic projects consider the impact of cryptography, making provisions for least disruptive remediation.

      [more]

6. Web3 Cryptospace spotlight:

   1. Web3 In January 2024: The Web3 space suffered losses of $127 million due to 19 hacking incidents, as reported by Immunefi. This marks a 5.9x year-over-year increase, with losses in January 2023 at $21 million. The figure also represents a 2.8x rise from December 2023, where losses were $45 million. [more]

   2. Web3 platform breached: Somesing, a popular South Korean blockchain-based karaoke platform, suffered a security breach resulting in the loss of around $11.58 million. The platform disclosed that 730 million of its native SSX tokens held by the Somesing foundation were compromised. [more][more-2]

   3. DeFi platform exploited: Abracadabra Money, a popular Ethereum-based DeFi lending protocol, experienced a platform attack on Ethereum. The protocol acknowledged the incident on its official channel and is currently investigating. While the exact amount stolen wasn't disclosed by the platform, Cyvers Alerts on social media reported a theft of $6.5 million in crypto assets, involving over 2,740 Ether tokens. Approximately $4 million of the stolen funds was transferred to a new Ethereum-based wallet address. [more]

   4. Smart contract vulnerability: Barley Finance, a decentralized yield protocol, revealed on Twitter that a vulnerability in its wBARL pod was exploited, leading to the theft of about 10% of the total BARL token supply. Approximately 9% of the stolen tokens belonged to the development team as collateral. The team is actively addressing the situation by planning to modify the wBARL pod contract and eliminate the vulnerable function that allowed the exploit.