Tech Friday with Dave Hatter - October 23rd 2020 - SPONSORED BY INTRUST IT


  • A Telegram bot is creating deepfakes of nude women from regular photos:
    • A Telegram messenger app has victimized hundreds of thousands of women by creating deepfake nudes of their photos. It appears to strip victims of their clothing
    • Deepfakes can refer to any "synthetic" media produced by machine learning
    • The technology uses a type of artificial intelligence (AI) to generate forgeries that make people appear to be doing or saying things they did not do
    • More than 100,000 of these images have been posted online, and a website promoting the bot claimed that more than 700,000 images of women have been manipulated
    • So far, the victims are mostly private individuals. Mostly women whose photos were taken off social media or pulled from a personal trove of photos
    • Some of the victims are clearly underage and all are women.
    • Some victims were photographed in bathing suits or underwear but many were wearing regular clothing
    • Deepfake pornography is not new, but this Telegram bot makes is very easy
    • "The deepfake phenomenon is even more alarming because it doesn't look Photoshopped. It's much more easy for somebody without the technical knowledge to make one," said Mary Anne Franks, a law professor at the University of Miami
    • Any woman who's ever posted a photo could be a potential victim. Even women out in public could fall victim if their photo is taken
    • Sadly, children's photos have been manipulated by the bot and then shared publicly
    • This is similar to "DeepNude" which used AI to automatically generate nonconsensual sexual images of women in photos, replacing their photographed clothing with nudity
    • DeepNude was a website offering apps that required some a degree of technical skill to operate. It was shutdown
    • The AI powering the Telegram bot appears to be an open-source version of DeepNude's software which is sadly much easier to use
    • The bot is also designed to make it easy for abusers to share the manipulated images by posting them in chats and other online forums
    • Giorgio Patrini, CEO of deepfake-research company Sensity, said in regards to the images created by the bot: "They're completely open, without any login, without any passwords, on the internet. Those are actually exposed completely."
    • The bot's promotional website suggests that as many as 700,000 images have been manipulated by the bot but many were not shared
    • The bot uses a "freemium" model that provides basic free services and users who pay have access to advanced features
    • Free users can apparently send up to five photos a day while paid users can send multiple photos at once and get images without watermarks
    • Telegram's commitment to free speech and privacy may make it hard to shut this down
    • This is yet another example that shows it's getting harder and harder to believe what you see
  • Secure your work‑from‑home network:
    • More people are working remotely in less secure environments, making them easy targets
    • CrowdStrike recently reported their customers’ networks have seen more intrusion attempts within the first half of 2020 than in all of 2019
    • CrowdStrike's threat-hunting team detected and blocked roughly 41,000 potential intrusions. In 2019, the same team investigated 35,000 intrusions over 12 months. This is a 154% increase in cyberattacks
    • CrowdStrike suggested the primary cause for the dramatic increase is people working remotely
    • They also indicated that the growing availability of ransomware-as-a-service RaaS is leading to more attacks, and ransoms have risen substantially
    • Bitdefender's Mid-Year Threat Landscape Report 2020 claimed a 715% year-on-year increase in attacks
    • Ransomware incidents have accounted for 41% of cyber insurance claims filed in the first half of 2020 according to Coalition, one of North America's the largest cyber insurance providers
    • Ransomware claims have ranged in size from $1,000 to over $2,000,000 per incident
    • Extortion, release of exfiltrated information, has been added to ransomware as an additional incentive to pay
    • FBI Deputy Assistant Director Tonya Ugoretz speaking in an online panel hosted by the Aspen Institute recently said the number of Internet crime related reports has quadrupled compared to months before the pandemic
    • "The FBI has an Internet Crime Complaint Center, the IC3, which is our main ingest point. Sadly the IC3 has been incredibly busy over the past few months," Ugoretz said
    • Ugoretz said "Whereas they might typically receive 1,000 complaints a day through their internet portal, they're now receiving something like 3,000 - 4,000 complaints a day not all of those are COVID-related, but a good number of those are.
    • "They really run the gamut. Everything from setting up fraudulent internet domains [...], we've seen people set up fraudulent COVID charities, promise delivery of masks and other equipment, and then deliver fraudulent loans, extortion, etc.. So pretty much, sadly, anything you can think of. Cyber-criminals are quite creative" Ugoretz said
    • Tips to stay safe:
      • Install Software patches & firmware updates regularly for all connected device
      • Use Anti-Malware / Endpoint protection on all devices that allow it
      • Use a strong, unique password for each account
      • Change default settings/risky settings on devices, especially the default password. Disable default accounts.
      • Enable Multi-Factor Authentication (MFA) everywhere
      • Use a Password Manager to manage strong, unique passwords for each account
      • Use a firewall
      • Use a Virtual Private Network (VPN)
      • Create a Guest network on your Wi-Fi network
      • Use Virtual LANS (VLANS) is possible
      • Don't download "free" software you have not vetted
      • Use Encryption (at rest and in motion)
      • Backup data regularly and verify the backup integrity
      • Take a Zero Trust stance
      • SETA (Security, Education, Training and Awareness)
      • Be skeptical
      • Remember, just because you're paranoid doesn't mean they're not out to get you
  • QR codes can be used to hack you:
    • "A QR code (abbreviated from Quick Response code) is a type of matrix barcode (or two-dimensional barcode) first designed in 1994 for the automotive industry in Japan. A barcode is a machine-readable optical label that contains information about the item to which it is attached" - Wikipedia
    • A QR code is comprised of a set of black squares in a square grid on a white background, and they can be read by many imaging devices including modern cell phone cameras
    • QR codes have become popular because they are easy to create, easy and fast to read, and they can store more data than a standard barcode
    • As the need to create more touchless experiences has arisen from the pandemic, QR codes have grown in popularity. For example, many restaurants provide a QA code to scan to see the menu in lieu of a physical menu
    • Unfortunately, bad actors are taking advantage of the the rise in the use of QR codes to launch attacks
    • "Hackers are launching attacks across mobile threat vectors, including emails, text and SMS messages, instant messages, social media and other modes of communication" said Alex Mosher, Global VP of Solutions, MobileIron.
    • A new report from MobileIron shows that QR codes pose "significant" risks because many devices are not properly secured and people are not aware of what can be done with a QR code
    • MobileIron surveyed more than 2,100 consumers in the US and UK
    • 84% of those surveyed indicated that they have scanned a QR code in places such as stores and restaurants
    • 64% said a QR code makes life easier in a touchless world
    • 51% of respondents stated they do not have or do not know if they have security software on their device
    • Mosher said "I expect we’ll soon see an onslaught of attacks via QR codes. A hacker could easily embed a malicious URL containing custom malware into a QR code, which could then exfiltrate data from a mobile device when scanned. Or, the hacker could embed a malicious URL into a QR code that directs to a phishing site and encourages users to divulge their credentials, which the hacker could then steal and use to infiltrate a company"
    • 71% of respondents cannot tell a legitimate QR code from a malicious one vs 67% of respondents who can tell a legitimate URL from a malicious one
    • 67% of respondents are aware that QR codes can open a website, but only:
      • 19% know that scanning a QR code can create an email
      • 20% know that scanning a QR code can initiate a phone call
      • 24% know that scanning a QR code can create a text message
    • 51% of respondents have security related concerns about QR codes but throw caution to the wind and use them anyway
    • 34% have no concerns about using QR codes
    • Understand that a QR code can be used for nefarious purposes and never scan a QR code unless you are certain that it's safe
    • Read the report here:https://www.mobileiron.com/en/qriosity