Managing GenAI Deepfakes | Hellcat ransomware at Schneider Electric
#165 - OWASP's 3 new documents for managing GenAI risks | Supply Chain attacks target tech support services
Preparing and Responding to Deepfakes
OWASP releases guidance on managing Deepfakes
OWASP has released a document on how to prepare and respond to Deepfake attacks focusing on deepfakes used for:
Financial gain through fraud or impersonation
Job interview fraud
Impersonation to further cyber attacks
Mis / Dis / Mal information
They want you to focus on the following areas for assessing your deepfake defenses:
sensitive data disclosure
helpdesk
financial transactions
event response
The focus is on a securing these areas with relevant processes. The document can be found here.
I’ve also added it to my repo of AI resources on Github.
There are two other documents released by OWASP - the Center of Excellence Guide and the AI security solutions landscape. Look up the documents here.
Take Action:
Read the guideline. It will help you set up processes to prevent deepfake attacks.
Conduct an AI risk assessment
Add deepfakes as a risk to your risk register
Implement processes as mentioned in the document for key processes where a deepfake attack is possible
Jira API led to ransomware attack at Schneider Electric
Hellcat ransomware group demands payment in baguettes
There are two things that make this story interesting. The first is baguettes. Yes, the bread that the French are famous for. Apparently, the ransom demand is for baguettes.
The second is Jira. The breach, as the ransomware group mentions, was due to compromise of Schneider Electric’s Jira systems. The details are not yet out. Was Jira hosted in house or on the cloud? An API was breached. Was this Schneider’s internal API or was it Jira’s API?
Take Action:
While we are not sure yet, it does make sense to review your ticketing system and the APIs used by the ticketing system. If you are using Jira or ServiceNow that connect to various other systems, use a red team to test these APIs. Be alert for news about vulnerabilities in Jira.
And yes, maybe, have a tie up with a boulangerie to provide you baguettes in case of a ransom demand?