SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense, Artificial Intelligence
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
Top of the News
How Organizations are Fulfilling CISA's Secure by Design Pledge
Over the past six months, nearly 250 organizations have signed the US Cybersecurity and Infrastructure Security Agency's (CISAÕs) Secure by Design Pledge. The Pledge comprises seven goals: increasing the use of multi-factor authentication (MFA); reducing default passwords; reducing entire classes of vulnerabilities, such as memory safety, cross-site scripting, and SQL injection vulnerabilities; increasing the level of patch installation; publishing a vulnerability disclosure policy; increasing transparency in vulnerability reporting by publishing CWE and CPE fields in every CVE record; and 'providing artifacts and capabilities to gather evidence of intrusions.' Multiple companies, including Amazon Web Services, Fortinet, Microsoft, Okta, and Sophos, have taken steps to fulfill the pledge.
Editor's Notes
- Slide 1 of 2
There are seven goals here, and the signatories are often touting success focused on one or two of them, or nominal progress across all seven. With CISA threatening to increase the number of goals, it's going to be tricky making sure that all are fully met, not just progress made. When assessing a provider's progress against secure by design, make sure you look at the whole picture with your own measure of acceptable progress/residual risk.
- Slide 2 of 2
Oh good, nothing makes me feel more secure than more vendors giving a pinkie promise to do better at security. We need stronger regulation to enforce responsibility, accountability, and liability on vendors for the security flaws in their products.
Slide 1 of 0- Slide 1 of 2
FBI Warns of 'Uptick' in Compromised Government eMail Addresses Being Used to Request Information
The US Federal Bureau of Investigation (FBI) has published a Private Industry Notification that warns of an 'uptick' in compromised US and foreign government email addresses being used to make 'fraudulent emergency data requests to US-based companies, exposing personally identifying information (PII).' Suggested mitigations to help prevent exposure of sensitive data include vetting third-party vendors' security posture, and stepping back to examine elements - including images and referenced legal codes - of requests for sensitive information, particularly when the requests have been fabricated to instill a sense of urgency.
Editor's Notes
The public sector is as much of a target as the private sector, and both have employees under stress who click the wrong link. Beyond the basics of MFA and technical controls to block malicious sites and attachments, make sure you have required procedures in place for common BEC scenarios, which can help break the momentum and hopefully prevent the planned compromise.
Check Point Researchers Detect Malicious 'Copyright Infringement' Phishing Campaign
Researchers at Check Point have identified a phishing campaign that attempts to scare people into downloading malware by impersonating media and technology companies, and by accusing the email recipient of copyright infringement. The phishing emails come from different Gmail accounts each time; they urge recipients to download an archive file, which employs DLL side-loading to deploy an information stealer known as Rhadamantys.
Editor's Notes
The email accounts are used to impersonate the legal department of the supposed copyright complainants and contain a password-protected Zip file. While the AI here is more in the form of machine learning and OCR, it's still prone to errors, notably language errors, so our traditional mitigations help, for now. It'd be a good idea to brief your legal team to be on the lookout for these as users are likely to forward to them for proper handling and response. Then check your (EDR, email, etc.) protections for new features which raise the bar, AI based or otherwise, which you may not have noticed.
The Rest of the Week's News
Anthropic and Meta AI Employed for US Defense Contractors
On November 7, Anthropic announced a partnership with Amazon Web Services (AWS) and US intelligence and defense contractor Palantir. The deal leverages AWS to integrate Claude AI 3 and 3.5 into the Palantir AI Platform, accredited at DOD Impact Level 6 (IL6), which "handles data critical to national security up to the 'secret' classification level." Claude is expected to automate the processing and analysis of large volumes of documents and data, and in the words of Anthropic CTO Shyam Sankar, to bring "decision advantage to [U.S. defense and intelligence communities'] most critical missions." Authority to make those decisions will still rest with human beings. Ars Technica notes that Anthropic is drawing criticism online for this perceived compromise of their proactively "ethics- and safety-focused approach to AI development." Anthropic's announcement arrives in good company: In the words of Scott Rosenberg with Axios, "The public sector AI gold rush is on." While Meta explicitly prohibits use of its Llama AI for use in military and espionage applications, a November 4 announcement disclosed that the platform is now open to "U.S. government agencies, including those that are working on defense and national security applications, and private sector partners supporting their work," including Palantir, Anduril, Booz Allen, and Lockheed Martin. The same day as Meta's press release, Scale AI separately debuted "Defense Llama," a variation on Meta's Llama 3, purpose-built for warfare. Scale AI's Dan Tadross states that protections built into commercial LLMs are too restrictive for military applications: "We needed to figure out a way to get around those refusals in order to act. Because if you're a military officer and you're trying to do something, even in an exercise, and it responds with 'You should seek a diplomatic solution,' you will get very upset. You slam the laptop closed."
Editor's Notes
- Slide 1 of 2
This is going to be an LLM with very specific training, and IL6 environment is very restricted, only operated by a CSP under contract to DoD or other federal agency in a DoD private community or Federal government community cloud. They are configured to both NIST SP 800-53 and CNSS 1253 requirements and can only operate at the NSS CIA Moderate-Moderate-Low level. This is a visible step along the EO 14028 directive which includes increased cloud adoption, and the order was extended to classified systems by National Security Memorandum (NSM) 8, 1/19/22.
- Slide 2 of 2
Given the state the world is currently in, "You should seek a diplomatic solution," seems like a reasonable option to me.
Slide 1 of 0- Slide 1 of 2
US Federal Agencies Continue to Embrace OpenAI
Several US government entities have partnered or continued developing a relationship with OpenAI technology, including the National Gallery of Art, NASA, the Internal Revenue Service, Los Alamos National Laboratory, the Air Force Research Laboratory, and the Defense Advanced Research Projects Agency (DARPA). Many have purchased ChatGPT licenses for a variety of purposes, often to "reduce administrative burdens and increase efficiency." First among ChatGPT's Enterprise customers was the US Agency for International Development (USAID). The Federal Aviation Administration (FAA) has also published documents indicating interest in "machine learning and artificial intelligence to identify safety risks."
Editor's Notes
Licensing and standing up your own LLM, trained on a data set you're managing, provides a safe way to dive into that world without worry about your data being used to enhance another customer's prompt responses. Even so, you're still bound by any restrictions in the LLM's license, such as the prohibition on using the technology to harm people, destroy property, or develop weapons.
Law Firm Data Breach Compromised Protected Health Information
In a data security incident notice, Missouri-based law firm Thompson Coburn LLC says that information belonging to patients of one of their clients, New Mexico-based Presbyterian Healthcare Services (PHS), was compromised. Thompson Coburn 'became aware of suspicious activity within [their] network' in late May. A subsequent investigation revealed that files viewed and/or taken by intruders included some PHS patients' protected health information. The law firm has notified the US Department of Health and Human Services Office for Civil Rights; the number of individuals affected by the breach is estimated to be more than 305,000.
Editor's Notes
- Slide 1 of 3
Thompson Coburn is sending breach notices to folks who they have an address for; otherwise, the message on the TC Notification website covers anyone they missed or don't have addresses for, a nice move which indicates they have good information on where their sensitive data is as well as sufficient information for a forensic analysis. As they haven't determined there is any use of the data, they are providing guidance rather than credit restoration. The PHI came from New Mexico's PHS. If you're a customer, make sure that you're covered for ID theft/credit monitoring & restoration. Consider how well you know where your sensitive data is and what you could do to not only verify it's secured, but also to aid a forensic investigation if needed.
- Slide 2 of 3
A timely reminder to ensure that any third party suppliers you deal with have appropriate security controls in place to protect the data you entrust to them. Remember you can outsource the process but not the responsibility for that process.
- Slide 3 of 3
Law firms are increasingly becoming targets for miscreants, as they often don't have adequate cybersecurity controls in place. Every organization should implement an essential set of security controls. A good place to start is the CIS Critical Security Controls, Implementation Group 1.
Slide 1 of 0- Slide 1 of 3
Vulnerabilities in Mazda In-Vehicle Infotainment System
Researchers from Trend Micro's Zero Day initiative detected six vulnerabilities in the Mazda Connect Connectivity Master Unit (CMU) system, which is used in multiple models of Mazda vehicles. All flaws are due to insufficiently sanitized user-supplied input, and could be exploited by an attacker with physical access to the system. Some of the flaws could be exploited to execute arbitrary code with root privileges. The vulnerabilities are currently unpatched.
Editor's Notes
Input sanitization and patching aren't new ideas, and the Mazda system assessed does have a history of security updates. Even so, these systems need to be categorized as OT systems with long service lives, so while you could move newer versions to more secure coding practices, you'll still have old systems to maintain, which makes for a challenging support decision, particularly if you move to new languages. Short term, there appears to be an opportunity for researchers to partner with manufacturers to help identify weaknesses they are unable to uncover.
TSA Proposes New Cybersecurity Rules for Pipeline, Rail, and Over-the-Road Bus Operators
The US Transportation Security Administration (TSA) has published a notice of proposed rulemaking that would 'impose cyber risk management (CRM) requirements on certain pipeline and rail owner/operators, and a more limited requirement on certain over-the-road bus (OTRB) owner/operators, to report cybersecurity incidents.' TSA is accepting public comment on the proposed rulemaking through February 5, 2025.
Editor's Notes
The proposal is simply an extension of a trend by the executive branch to require an annual risk assessment and reporting on cybersecurity incidents. Likely those affected by the proposed rulemaking already complete an annual risk assessment. What may be problematic for the operators is meeting CISA secure by design principles via third-party software providers, when it is voluntary for those vendors.
Amazon: Employee Information was Compromised in MOVEit Breach
Amazon has confirmed that a security breach of a third-party vendor resulted in the compromise of some Amazon employee data. The breach was among the May 2023 MOVEit incidents; the compromised information includes work contact information, such as work-related email addresses, phone numbers, and building locations.
Editor's Notes
Third-party security remains a challenge, as they can and will make decisions around solutions, as well as mitigation of vulnerabilities, without your involvement. Make sure you have contract language that not only requires your controls to flow down valid and current security contacts, but also includes provisions for the validated removal of your data. Make sure these terms are validated regularly. Find out when the security of third-party service providers is assessed and who accepts the risk. Make sure it is sufficiently formalized and at an appropriate level; often risk acceptance involves someone out of the C-suite.
Halliburton Says Costs of August Breach are $35 Million So Far
Halliburton's most recent financial report says a cybersecurity incident disclosed earlier this year has cost the company $35 million so far. In August filings with the US Securities and Exchange Commission (SEC), Halliburton noted that the incident forced the energy services company to temporarily shut down IT systems and disconnect customers, and that the threat actors stole information.
Editor's Notes
The August attack, based on the IOCs, was most likely the work of the RansomHub gang. As neither RansomHub nor any other gang has taken credit for the attack, it's likely that Halliburton paid the ransom. The attack, in combination with the storms in the Gulf of Mexico, has cost Halliburton $.02/share in adjusted earnings. As most of us aren't able to absorb a $35 million loss, make sure you've got your ransomware playbook dialed in, remembering not only to verify your position on payment but also where you stand related to any OFAC issues which correspond with making such a payment, if you choose to do so.