Stay one step ahead of cyber criminals with our regular news and tips
How much should you trust AI apps with your confidential business data?
It’s a crucial question to ask with the rapid scaling of AI in every sphere of business, from workflow optimisation and customer service to finance and HR. Below, you’ll find sound reasons for managing consent to AI apps from your Microsoft account.
We’re also shining the spotlight on cyber security rules and regulations. This month, we look at strict new email security protocols for Outlook and why businesses who don’t comply risk a trip to the junk folder. And don’t miss our take on the UK government’s new Cyber Security and Resilience Bill.
We also have a round-up of high-profile wins against notorious ransomware and phishing criminals.
Why it’s important to manage consent to AI apps accessing business data
With an increasing number of businesses adopting AI to help optimise their operations, the need for data governance has never been more important.
AI-generated meeting notes, for instance, might be a game changer for recording minutes, but where are the transcripts stored and who are they shared with?
We’re seeing an increase in users readily granting access to AI apps to access their confidential business data.
Employees might think they’re speeding up operations, but this practice has got Data Governance Nightmare written all over it.
There are a few compelling reasons to restrict user consent to applications that can access organisational data.
- Compliance oversight – Users shouldn’t be able to grant third-party access to business data without proper due diligence.
- Malicious applications – Some apps request high-risk permissions such as Mail.Read or Mail.ReadWrite. If a user consents and later abandons the app, it may still be reading mailbox data unnoticed by administrators.
- Questionable vendors – Not all apps are malicious, but some require broad access to user data. Do these vendors meet acceptable security standards? Are they exporting data outside the UK/EU? Do they have proper safeguards?
- Shadow IT risks – Consider meeting bots that record sessions and generate AI notes. Where are transcripts stored? Can admins delete them if needed? Or is sensitive data sitting on an unmanaged platform, that no one has sight of and which is vulnerable to breaches?
The clock is ticking for compulsory email authentication
The world’s biggest email providers are insisting on stringent new email security compliance and those who fail to do so could end up with their emails going straight to recipients’ junk folders.
Since last year, major email providers such as Gmail and Yahoo have required users to adopt these new security measures. This month, Microsoft also announced similar requirements for Outlook and Hotmail users that will be mandatory from May.
The new measures include SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail) and DMARC (Domain-Based Message Authentication, Reporting and Compliance) standards that allow only emails from legitimate sources to be delivered.
These standards are the first line of defence against email spoofing, where criminals impersonate an employee to steal money or data, as well as phishing.
The scale of the problem is staggering. 3.4bn malicious emails are sent every day. In the firing line are legitimate businesses and employees who are seeing irreparable damage to their brands and profits.
As with Gmail and Yahoo, the new Outlook requirements will be aimed at domains that send more than 5,000 emails per day. A wide range of organisations and professionals are expected to be affected. Think marketing directors who run mass email campaigns, recruitment teams conducting outreach, schools and universities sending bulk communications, and any commercial business with high outbound email volumes.
It’s why services such as our DMARC compliance consultancy are going to be essential for so many organisations. Partnering with the leading domain security specialist Sendmarc, we can help businesses achieve compliance in just 90 days, to help protect their domains and grow their authority.
Jake Ives, Intersys’ Head of Security, welcomes the move.
“We are seeing businesses being spoofed by bad actors from hostile nations who are sending 100-plus fake emails per day, impersonating their victims. DMARC compliance can protect you from the deadly phishing campaigns these chancers will try. It’s something most businesses need to address.”
Justice is served: cyber crime crackdowns trap ‘Spider’ and deliver rude awakening to malware-as-a-service users
Law enforcement has chalked up a few wins recently in the constant cyber arms race against hackers.
A major victory came stateside, where 20-year-old Noah Urban, an American cyber criminal and member of the notorious Scattered Spider cyber crime gang, pleaded guilty to charges including aggravated identity theft and conspiracy to commit wire fraud.
Urban was arrested last year along with four other members of the ransomware gang, which was notorious for recruiting young people and carrying out high-profile attacks on casinos including MGM Resorts and Caesars Entertainment.
Their modus operandi was to impersonate employees at different companies and target them with phishing messages. They would then gather stolen credentials to hack into victims’ accounts and steal confidential data. The gang also stole millions in cryptocurrency.
Urban has been ordered to pay $13 million in damages to his victims.
In related news, European and North American authorities have dealt a further blow to malware as-a-service by swooping down on criminal customers of the Smokeloader pay-per-install botnet.
Police have been making arrests, house searches and conducting ‘knock and talks’. Authorities were able to identify customers because they were registered in a database of criminals who used malware-as-a-service.
The move follows Operation Endgame, a botnet takedown coordinated by Europol last year, which disabled well-known malware droppers such as IcedID, SystemBC and Smokeloader.
Other vulnerabilities and updates
VM Ware security vulnerabilities
Chrome early stable update for desktop