#FactCheck - AI Generated Photo Circulating Online Misleads About BARC Building Redesign

Introduction

In a world teeming with digital complexities, where information wends through networks with the speed and unpredictability of quicksilver, companies find themselves grappling with the paradox of our epoch: the vast potential of artificial intelligence (AI) juxtaposed with glaring vulnerabilities in data security. It's a terrain fraught with risks, but in the intricacies of this digital age emerges a profound alchemy—the application of AI itself to transmute vulnerable data into a repository as secure and invaluable as gold.

The deployment of AI technologies comes with its own set of challenges, chief among them being concerns about the integrity and safety of data—the precious metal of the information economy. Companies cannot afford to remain idle as the onslaught of cyber threats threatens to fray the fabric of their digital endeavours. Instead, they are rallying, invoking the near-miraculous capabilities of AI to transform the very nature of cybersecurity, crafting an armour of untold resilience by empowering the hunter to become the hunted.

The AI’s Untapped Potential 

Industries spanning the globe, varied in their scopes and scales, recognize AI's potential to hone their processes and augment decision-making capabilities. Within this dynamic lies a fertile ground for AI-powered security technologies to flourish, serving not merely as auxiliary tools but as essential components of contemporary business infrastructure. Dynamic solutions, such as anomaly detection mechanisms, highlight the subtle and not-so-subtle deviances in application behaviour, shedding light on potential points of failure or provoking points of intrusion, turning what was once a prelude to chaos into a symphony of preemptive intelligence.

In the era of advanced digital security, AI, exemplified by Dynatrace, stands as the pinnacle, swiftly navigating complex data webs to fortify against cyber threats. These digital fortresses, armed with cutting-edge AI, ensure uninterrupted insights and operational stability, safeguarding the integrity of data in the face of relentless cyber challenges.

India’s AI Stride

India, a burgeoning hub of technology and innovation, evidences AI's transformative powers within its burgeoning intelligent automation market. Driven by the voracious adoption of groundbreaking technological paradigms such as machine learning (ML), natural language processing (NLP), and Automated Workflow Management (AWM), sectors as disparate as banking, finance, e-commerce, healthcare, and manufacturing are swept up in an investment maelstrom. This is further bolstered by the Indian government’s supportive policies like 'Make in India' and 'Digital India'—bold initiatives underpinning the accelerating trajectory of intelligent automation in this South Asian powerhouse.

Consider the velocity at which the digital universe expands: IDC posits that the 5 billion internet denizens, along with the nearly 54 billion smart devices they use, generate about 3.4 petabytes of data each second. The implications for enterprise IT teams, caught in a fierce vice of incoming cyber threats, are profound. AI's emergence as the bulwark against such threats provides the assurance they desperately seek to maintain the seamless operation of critical business services.

The AI integration 

The list of industries touched by the chilling specter of cyber threats is as extensive as it is indiscriminate. We've seen international hotel chains ensnared by nefarious digital campaigns, financial institutions laid low by unseen adversaries, Fortune 100 retailers succumbing to cunning scams, air traffic controls disrupted, and government systems intruded upon and compromised. Cyber threats stem from a tangled web of origins—be it an innocent insider's blunder, a cybercriminal's scheme, the rancor of hacktivists, or the cold calculation of state-sponsored espionage. The damage dealt by data breaches and security failures can be monumental, staggering corporations with halted operations, leaked customer data, crippling regulatory fines, and the loss of trust that often follows in the wake of such incidents.

However, the revolution is upon us—a rising tide of AI and accelerated computing that truncates the time and costs imperative to countering cyberattacks. Freeing critical resources, businesses can now turn their energies toward primary operations and the cultivation of avenues for revenue generation. Let us embark on a detailed expedition, traversing various industry landscapes to witness firsthand how AI's protective embrace enables the fortification of databases, the acceleration of threat neutralization, and the staunching of cyber wounds to preserve the sanctity of service delivery and the trust between businesses and their clientele.

Public Sector

Examine the public sector, where AI is not merely a tool for streamlining processes but stands as a vigilant guardian of a broad spectrum of securities—physical, energy, and social governance among them. Federal institutions, laden with the responsibility of managing complicated digital infrastructures, find themselves at the confluence of rigorous regulatory mandates, exacting public expectations, and the imperative of protecting highly sensitive data. The answer, increasingly, resides in the AI pantheon.

Take the U.S. Department of Energy's (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) as a case in point. An investment exceeding $240 million in cybersecurity R&D since 2010 manifests in pioneering projects, including AI applications that automate and refine security vulnerability assessments, and those employing cutting-edge software-defined networks that magnify the operational awareness of crucial energy delivery systems.

Financial Sector 

Next, pivot our gaze to financial services—a domain where approximately $6 million evaporates with each data breach incident, compelling the sector to harness AI not merely for enhancing fraud detection and algorithmic trading but for its indispensability in preempting internal threats and safeguarding knightly vaults of valuable data. Ventures like the FinSec Innovation Lab, born from the collaborative spirits of Mastercard and Enel X, demonstrate AI's facility in real-time threat response—a lifeline in preventing service disruptions and the erosion of consumer confidence.

Retail giants, repositories of countless payment credentials, stand at the threshold of this new era, embracing AI to fortify themselves against the theft of payment data—a grim statistic that accounts for 37% of confirmed breaches in their industry. Best Buy's triumph in refining its phishing detection rates while simultaneously dialling down false positives is a testament to AI's defensive prowess.

Smart Cities 

Consider, too, the smart cities and connected spaces that epitomize technological integration. Their web of intertwined IoT devices and analytical AI, which scrutinize the flows of urban life, are no strangers to the drumbeat of cyber threat. AI-driven defense mechanisms not only predict but quarantine threats, ensuring the continuous, safe hum of civic life in the aftermath of intrusions.

Telecom Sector 

Telecommunications entities, stewards of crucial national infrastructures, dial into AI for anticipatory maintenance, network optimization, and ensuring impeccable uptime. By employing AI to monitor the edges of IoT networks, they stem the tide of anomalies, deftly handle false users, and parry the blows of assaults, upholding the sanctity of network availability and individual and enterprise data security.

Automobile Industry 

Similarly, the automotive industry finds AI an unyielding ally. As vehicles become complex, mobile ecosystems unto themselves, AI's cybersecurity role is magnified, scrutinizing real-time in-car and network activities, safeguarding critical software updates, and acting as the vanguard against vulnerabilities—the linchpin for the assured deployment of autonomous vehicles on our transit pathways.

Conclusion 

The inclination towards AI-driven cybersecurity permits industries not merely to cope, but to flourish by reallocating their energies towards innovation and customer experience enhancement. Through AI's integration, developers spanning a myriad of industries are equipped to construct solutions capable of discerning, ensnaring, and confronting threats to ensure the steadfastness of operations and consumer satisfaction. 

In the crucible of digital transformation, AI is the philosopher's stone—an alchemic marvel transmuting the raw data into the secure gold of business prosperity. As we continue to sail the digital ocean's intricate swells, the confluence of AI and cybersecurity promises to forge a gleaming future where businesses thrive under the aegis of security and intelligence.

References 

• https://timesofindia.indiatimes.com/gadgets-news/why-adoption-of-ai-may-be-critical-for-businesses-to-tackle-cyber-threats-and-more/articleshow/106313082.cms
• https://blogs.nvidia.com/blog/ai-cybersecurity-business-resilience/
• 
  

Introduction

Devices and interconnectivity are the pipelines which drive the data into cyberspace, and in turn, the users consume this data to perform different tasks in the digital age. The security of devices and networks is essential as they are the first defenders of cyberspace. Bad actors often target systems and networks with malware and ransomware, these attacks are differently motivated, but all wreak havoc upon the system and can impact individuals and organisations alike. Mobile users worldwide prefer iOS or Android, but both operating systems are vulnerable to cyberattacks these days. Some of these attacks go undetected for a long time.

Op Triangulation

As reported by Kaspersky, While monitoring the network traffic of their own corporate Wi-Fi network dedicated to mobile devices using the Kaspersky Unified Monitoring and Analysis Platform (KUMA), Kaspersky noticed suspicious activity that originated from several iOS-based phones. Since it is impossible to inspect modern iOS devices from the inside, they created offline backups of the devices in question, inspected them using the Mobile Verification Toolkit’s mvt-ios and discovered traces of compromise. This is known as Operation Triangulation and has been in action since 2019 and got detected in 2023.

The Malware

A portion of the filesystem, including some of the user data and service databases, is included in mobile device backups. The files, directories, and database entries’ timestamps make it possible to reconstruct the events that happened to the device roughly. The “timeline.csv” file created by the mvt-ios software contains a sorted timeline of events that is comparable to the super-timeline utilised by traditional digital forensic tools. Pinpointing particular artefacts that show the compromise using this timeframe. This made it possible to advance the research and reassemble the broad infection sequence:

Through the iMessage service, a message with an attachment containing an exploit is delivered to the target iOS device.

The message initiates a vulnerability that results in code execution without any user input.

The exploit’s code downloads multiple additional stages, including additional exploits for privilege escalation, from the C&C server.

After successful exploitation, a fully functional APT platform is downloaded as the final payload from the C&C server.

The first message and the attachment’s exploit are removed

The lack of persistence support in the harmful toolset is most likely a result of OS restrictions. Multiple devices’ timeframes suggest that after rebooting, they might get infected again. The earliest signs of infection that we found date to 2019. The most recent version of the devices that have been successfully attacked as of the time of writing in June 2023 is iOS 15.7.

The final payload analysis is still ongoing. The programme executes with root rights, implements a set of commands for gathering user and system data, and can run any code downloaded as plugin modules from the C&C server.

Malicious Domains

Using the forensic artefacts, it was possible to identify the domain name set used by the exploits and further malicious stages. They can be used to check the DNS logs for historical information and to identify the devices currently running the malware:

addatamarket[.]net

backuprabbit[.]com

businessvideonews[.]com

cloudsponcer[.]com

datamarketplace[.]net

mobilegamerstats[.]com

snoweeanalytics[.]com

tagclick-cdn[.]com

topographyupdates[.]com

unlimitedteacup[.]com

virtuallaughing[.]com

web-trackers[.]com

growthtransport[.]com

anstv[.]netAns7tv[.]net

Safeguards for iOS users

Despite its world-class safety and privacy architecture, iOS is vulnerable to a few attacks; the following steps can be undertaken to safeguard iOS users –

Keeping Device updated

Security patches

Disabling iMessage would prevent Zero clicks exploits or the Triangulation attacks

Paying zero attention to unwanted, unsolicited messages

The user should make sure that any application they are downloading or installing; it should be from a trusted source ( This Zero click attack does not occur by any other means, It exploits / it targets software vulnerabilities in operating systems networks and applications)

Being cautious with the messaging app and emails

Implement device restrictions (management features like parental control and restrictions over using necessary applications)

Conclusion

Operation Triangulation is one of the recent operations combating cyber attacks, but such operations are launched nearly daily. This is also due to a rapid rise in internet and technology penetration across the world. Cyberattacks have taken a new face as they have evolved with the new and emerging technology. The influence of the Darknet has allowed many hackers to remain on the black hat side due to easy accessibility to illegal tools and material over the dark net, which facilitates such crimes.

Amid the popularity of OpenAI’s ChatGPT and Google’s announcement of introducing its own Artificial Intelligence chatbot called Bard, there has been much discussion over how such tools can impact India at a time when the country is aiming for an AI revolution.

During the Budget Session, Finance Minister Nirmala Sitharaman talked about AI, while her colleague, Minister of State (MoS) for Electronics and Information Technology Rajeev Chandrasekhar discussed it at the India Stack Developer Conference.

While Sitharaman stated that the government will establish three centres of excellence in AI in the country, Chandrashekhar at the event mentioned that India Stack, which includes digital solutions like Aadhaar, Digilocker and others, will become more sophisticated over time with the inclusion of AI.

As AI chatbots become the buzzword, News18 discusses with experts how such tech tools will impact India.

AI IN INDIA

Many experts believe that in a country like India, which is extremely diverse in nature and has a sizeable population, the introduction of technologies and their right adoption can bring a massive digital revolution.

For example, Manoj Gupta, Cofounder of Plotch.ai, a full-stack AI-enabled SaaS product, told News18 that Bard is still experimental and not open to everyone to use while ChatGPT is available and can be used to build applications on top of it.

He said: “Conversational chatbots are interesting since they have the potential to automate customer support and assisted buying in e-commerce. Even simple banking applications can be built that can use ChatGPT AI models to answer queries like bank balance, service requests etc.”

According to him, such tools could be extremely useful for people who are currently excluded from the digital economy due to language barriers.

Ashwini Vaishnaw, Union Minister for Communications, Electronics & IT, has also talked about using such tools to reduce communication issues. At World Economic Forum in Davos, he said: “We integrated our Bhashini language AI tool, which translates from one Indian language to another Indian language in real-time, spoken and text everything. We integrated that with ChatGPT and are seeing very good results.”

‘DOUBLE-EDGED SWORD’

Sundar Balasubramanian, Managing Director, India & SAARC, at Check Point Software, told News18 that generative AI like ChatGPT is a “double-edged sword”.

According to him, used in the right way, it can help developers write and fix code quicker, enable better chat services for companies, or even be a replacement for search engines, revolutionising the way people search for information.

“On the flip side, hackers are also leveraging ChatGPT to accelerate their bad acts and we have already seen examples of such exploitations. ChatGPT has lowered the bar for novice hackers to enter the field as they are able to learn quicker and hack better through asking the AI tool for answers,” he added.

Balasubramanian also stated that CPR has seen the quality of phishing emails improve tremendously over the past 3 months, making it increasingly difficult to discern between legitimate sources and a targeted phishing scam.

“Despite the emergence of the use of generative AI impacting cybercrime, Check Point is continually reminding organisations and individuals of the significance of being vigilant as ChatGPT and Codex become more mature, it can affect the threat landscape, for both good and bad,” he added.

While the real-life applications of ChatGPT include several things ranging from language translation to explaining tricky math problems, Balasubramanian said it can also be used for making the work of cyber researchers and developers more efficient.

“Generative AI or tools like ChatGPT can be used to detect potential threats by analysing large amounts of data and identifying patterns that may indicate malicious activity. This can help enterprises quickly identify and respond to a potential threat before it escalates to something more,” he added.

POSITIVE FACTORS

Major Vineet Kumar, Founder and Global President of CyberPeace Foundation, believes that the deployment of AI chatbots has proven to be highly beneficial in India, where a booming economy and increasing demand for efficient customer service have led to a surge in their use. According to him, both ChatGPT and Bard have the potential to bring significant positive change to various industries and individuals in India.

“ChatGPT has already made an impact by revolutionising customer service, providing instant and accurate support, and reducing wait time. It has automated tedious and complicated tasks for businesses and educational institutions, freeing up valuable time for more significant activities. In the education sector, ChatGPT has also improved learning experiences by providing quick and reliable information to students and educators,” he added.

He also said there are several possible positive impacts that the AI chatbots, ChatGPT and Bard, could have in India and these include improved customer experience, increased productivity, better access to information, improved healthcare, improved access to education and better financial services.

Reference Link : https://www.news18.com/news/explainers/confused-about-chatgpt-bard-experts-tell-news18-how-openai-googles-ai-chatbots-may-impact-india-7026277.html