Tag Archives: cybersecurity

Sci-Tech

24 Billion Credentials Leaked In Database- Are Yours Included?

2 Comments

24 billion records, including usernames and passwords were just exposed in colossal data leak.

24 billion records data leak
Image by Cybernews.

Cybernews researchers discovered an exposed database containing 24 billion records, including usernames, email addresses, plaintext passwords, and login URLs. The data appears to come from infostealer malware logs, records stolen from infected devices and collected from Telegram channels, breach compilations, and other sources.

Key takeaways:

  • Cybernews researchers found an exposed Elasticsearch cluster containing 24 billion records and more than 8.3TB of data.
  • Most records appear to be infostealer logs, including usernames, emails, passwords, and login URLs.
  • The data came from 36 sources, including Telegram channels, breach compilations, and large “collections.”
  • Researchers cannot yet confirm how many records are duplicates or how many unique people were affected.
  • The database is no longer publicly exposed, but reused passwords may still put accounts at risk.

While data leaks spilling millions of records have become the norm, one involving 24 billion records, including usernames and passwords, is something else. That’s why the Cybernews research team had to triple-check their findings after uncovering over 8 terabytes of data exposed online.

Our team discovered what is likely to be one of the largest databases ever exposed on June 12th. The vast majority of the 24 billion exposed records, our researchers believe, were infostealer logs. In other words, stolen usernames, passwords, and services that these credentials were supposed to grant access to.

“The credential data leak is dangerous simply because of its enormous size. Since the data leaked online, billions of affected accounts are at serious risk of takeovers, especially if they are not protected with multi-factor authentication,” the team explained.

infostealer data sample
Infostealer log document example. Image by Cybernews.

What did the 24 billion record data leak reveal?

The records our team uncovered were stored on a publicly available Elasticsearch cluster, a group of interconnected search servers. The total volume of information in the cluster exceeded 8.3 terabytes.

Nearly all exposed records were infostealer logs, data collected by malicious software that steals sensitive information. According to the team, the logs revealed login credentials in raw format, with each login detail saved separately, including email addresses, usernames, and passwords in plaintext.

infostealer data sample2
Document counts from different sources. Image by Cybernews.

Additionally, researchers identified URLs that the leaked credentials are supposed to grant access to, as well as the source of the logs.

The exposed credentials came from 36 distinct sources, varying from Telegram channels to combined data collections of previous data breaches and datasets exported directly from live target servers.

Which Telegram channels are involved in the data leak?

For example, over 1.7 billion records supposedly came from various Telegram channels. All channels appear to be involved in cybercrime, with a focus on stolen credentials and data breaches.

Most of the 36 data sources, over 30, are Telegram channels with a number of records ranging from hundreds of millions of exposed records to a few thousand. While most of the channels were in English, some were in Russian.

To avoid advertising Telegram channels that contain stolen credentials, we will not mention their names. However, most of the Telegram-based records were supposedly taken from hacking-related channels.

infostealer logs sources

Another category of Telegram channels includes access to stolen credit card data, with one channel apparently dedicated to sharing this information.

Interestingly, nearly 260 million records came from Telegram channels with “Darkside” in the title. Several years ago, Darkside was among the most prolific ransomware groups. The gang infamously attacked the Colonial Pipeline, causing fuel supply disruption on the US East Coast.

Billions of records in unknown “collections”

A staggering 22.6 billion records supposedly came from what the data owner named “collections.” These records could come from various infostealer collections previously leaked online, or they may indicate that the records are grouped by the services they are supposed to provide unauthorized access to.

Since the data was taken out of public view soon after the discovery, researchers could not further investigate the origin of the information within the so-called “collection” source.

The same reason prevented the team from deducing exactly which service providers were exposed. However, given the colossal number of records involved, it’s highly likely that they reveal access to services with very large user bases.

The team also noticed a source with 150 million records named “local database dumps.” Records from this source likely indicate they were exported directly from live target servers. Local database dumps typically involve downloading the contents of a certain database on a user device.

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands Check now by clicking the red box:

Check if your data has been leaked

In this particular case, “local data dumps” could mean the person running the server uploaded records to the collection themselves, or that they got the data from other sources.

“Additionally, records contained file names from where they were imported. In total, there were at least 195 distinct file names. Some of them indicated that the credentials in question came from the AntiPublic collection and what kind of accounts they include,” our researchers said.

AntiPublic collection is a stealer log combo list that first appeared in 2016 and contained around 600 million records. The AntiPublic-related information in the leak categorized credentials in the AntiPublic collection. For example, some files contained logins to only adult content services or only to streaming platforms.

Another 146 million records came from a source named “breach compilation combo” and most likely contain information from past data breaches that exposed user credentials. Attackers favor exploiting information from past breaches, since users often reuse credentials and rarely change passwords.

The source with the smallest number of records was named “Redline stealer” and only contained 27 records. RedLine stealer is a common infostealer that operates as a malware-as-a-service (MaaS), allowing low-skilled attackers to participate in cybercrime.

Owner interested in news articles and social media posts

Interestingly, our researchers found a small subset of data, around 17,000 records, containing information that’s rarely seen in data leaks. For example, over 9,500 documents contained CVE (Common Vulnerabilities and Exposures) IDs and descriptions, along with corresponding GitHub repository URLs.

One of the vulnerabilities identified in the exposed cluster involved a Valhall GPU Kernel Driver issue.

Moreover, over 5,200 documents contained logs of news articles related to recently occurred data breaches with article URLs, their contents, and short descriptions. One of the news articles was published as recently as February 2026 and covered a supply chain attack targeting the Python Package Index (PyPI) repository.

Another 2,900 documents were logs of social media posts related to cybersecurity incidents. One of the posts our team saw discussed operational details of the Babuk ransomware from 2021.

All of this points to the data owner actively monitoring the cybersecurity landscape, with a likely intent to update their vast collection of credentials with records from the latest data breaches and data leaks.

The known unknowns

While we are confident the data leak our team has uncovered indeed contains a whopping 24 billion records, there are limitations to what we know about the data inside the now-closed Elasticsearch cluster.

For one, the team had limited time to investigate the data leak, which prevented us from delving deeper into the types of information that may have been included in the “Collections” source.

Moreover, we cannot confidently estimate how many duplicates were included in the leak, leaving the potential number of exposed individuals a guessing game. However, it would hardly be a surprise that a data leak involving 24 billion records would affect more than a few online accounts.

At this point, we’re also unable to accurately say how old or new the leaked data is. Based on the February, 2026 news article contained in the data leak, it appears the data’s owner regularly updates the cluster with new information.

We also do not know who the data owner is, or why anyone would hoard so much data. Our team believes that “both a company and an individual threat actor could be collecting such information for various purposes.”

“Companies could collect this data for a monitoring service or a security check service, and threat actors could be collecting this data to aid in discovering fresh exploits to help them with data breaches,” our researchers said.

Meanwhile, our team believes that when it comes to historic data leaks, hoarding everything is the way to go.

“Why wouldn’t they hoard so much data? When it comes to historical leaked data and information on exploits and attacks, the more information you have, the better, as it allows for better insights, and helps detect more relevant compromised accounts, and ways that a given target could be breached,” the team explained.

What should you do now to protect your data?

To keep yourself safe, it’s important to be proactive and take some simple but crucial precautions. Users should change reused passwords as soon as possible, starting with key accounts like emails social media cloud storage, and banking.

Enabling multi-factor authentication where possible and using password manager to create strong and unique passwords is also a good idea. Users should also be weary of phishing messages that, in some cases, may advertise assistance to check whether user data was exposed.

Meanwhile, a few smart habits and tools can go a long way in protecting your personal data agains infostealers and making it much harder for threat actors to get a hold of it.

  • Use a VPN when you’re on public Wi-Fi. It will help keep your connection secure and private.
  • Be careful about clicking on links or downloading attachments from emails or messages you weren’t expecting or don’t trust.
  • Keep your apps and operating systems updated on all devices since updates often include important security fixes.
  • Turn on two-factor authentication (2FA) whenever it’s available for an extra layer of authentication.
  • Only download apps and software from official stores or trusted websites to avoid fake or infected versions.

Strong password generator

Upgrade the security of your online accounts.

Create strong passwords that are completely random and impossible to guess.

Strong Password Generator

Create a secure, random password instantly.

Leaking billions of records is becoming the norm

Unfortunately, datasets with billions of records are more often left publicly accessible. Earlier this year, our team discovered another exposed Elasticsearch cluster that contained over 160 indices, holding 8.7 billion of primarily Chinese records, ranging from national citizen ID numbers to various business records.

Meanwhile, last December, our team found a database with 4.3 billion records, some of which included LinkedIn-derived personal information. The 16TB-strong instance contained emails, photos, employment histories, and other personal data. A single collection alone contained 732 million records, including photographs.

In July 2025, Cybernews researchers uncovered one of the largest data leaks in history after discovering several collections of login credentials, containing a total of 16 billion records. The team found 30 exposed datasets, each containing tens of millions to more than 3.5 billion records.

However, the only data leak comparable to the recent discovery is the one our team found back in 2024. The supermassive leak contained data from numerous previous breaches, comprising an astounding 12 terabytes of information spanning over 26 billion records.

For the Silo, Vilius PetkauskasVilius Petkauskas/cybernews.com

Featured image- cartoonistgroup.com/ Creators Syndicate Mike Luckovich

Sci-Tech

World Economic Forum Report- AI Gives Cybersecurity Competitive Advantage

Leave a comment
94% of cyber leaders identify AI as the defining force in cybersecurity, with 77% of organizations using it in cyber operations.AI is accelerating cyber threats and defences alike, forcing organizations into a high-speed race against cyber criminals.AI adoption in cybersecurity is moving from pilots to real-world deployment, with clear gains in vulnerability identification and threat detection.

Geneva, Switzerland, May 2026 – Artificial intelligence is rapidly reshaping cybersecurity and is the biggest driver of change in the field, according to a new World Economic Forum report. Some 94% of cyber leaders identify AI as a defining force and 77% of organizations already use it in their cyber operations.

The AI and Cyber: Empowering Defenders report, developed in collaboration with KPMG, highlights measurable gains in cost reduction, response speed and resilience. While threat actors increasingly weaponize AI to automate deception, generate malware and scale attacks at machine speed, the report indicates that organizations deploying AI strategically are achieving significant advantages. Organizations that extensively leverage AI in security reduce average breach costs by up to $1.9 million and shorten breach lifecycles by approximately 80 days.
 
“AI has the potential to shift the balance towards defenders,” said Akshay Joshi, Head of the Centre for Cybersecurity, World Economic Forum. “Organizations that treat it as a strategic capability, rather than a standalone tool, will be better placed to turn growing cyber risk into resilience and competitive advantage.”
 
Building on the Forum’s 2025 publication, Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards, the 2026 edition focuses on how organizations are deploying AI for defence in practice. As enterprise attack surfaces expand to include hundreds of thousands of internet-facing assets, the scale and complexity of cyber risk are increasing significantly. Among the examples featured, KPMG reports a 25% increase in operational efficiency in threat intelligence, Accenture cut security analysis time in more than 100,000 internet-facing sites from 15 minutes to under one minute, and IBM’s ATOM platform helps scale global 24×7 threat detection and response, automating more than 850 analyst hours a month and cutting end-to-end investigation time by 37%.

“Attackers are moving faster and at greater scale than ever before. This report is a call to action for organizations to match that pace, with AI as a force multiplier for cyber defence,” said Laurent Gobbi, Partner, Global Head of Cyber & Tech Risk, KPMG.

The report emphasizes that AI’s value in cybersecurity lies in augmenting human expertise, accelerating decisions and strengthening resilience, rather than automation alone. The report highlights that its impact depends on clear AI deployment strategy, rigorously tested use cases before scaling, and strong governance and human oversight from the outset.

The report draws on 20 real-world case studies and insights from one-on-one interviews and workshops conducted under the World Economic Forum’s Cyber Frontiers: AI & Cyber initiative, convening 105 representatives from 84 organizations across 15 industries.
 
As cyber risks become more complex, the report calls on business and government leaders to treat AI as a foundational security capability, investing not only in technology but also in the skills, processes and governance required to defend at machine speed.
 
About Cyber Frontiers: AI & Cyber
The Cyber Frontiers: AI & Cyber initiative, launched in 2024, brings together a global multi-stakeholder community to explore how AI is reshaping cybersecurity through a knowledge-sharing platform. The initiative equips organizations with insights to harness AI technologies to strengthen their cybersecurity capabilities along with guidance for building strong guardrails. The initiative aims to develop approaches to enable secure and scalable adoption of agentic AI to ensure a secure agentic economy. 

Download the full report here.

For the Silo, Jarrod Barker.

Culture

How Meta and TikTok Turn User Rage into Revenue, While Pretending to Keep You Safe

Leave a comment

Whistleblowers from Meta and TikTok revealed that both companies knowingly allowed more harmful content, including violence, extremism, and exploitation of minors, on their platforms to win the algorithm-driven engagement race, prioritizing stock prices and political relationships over user safety.

Disclaimer- According to Kate Miller at The Fastest Media, the original source for this story, Cybernews, has been caught in significant inaccuracies.

Cyberbullying Enabled

These platforms also prioritize resolving complaints from politicians over those from vulnerable people, such as minors experiencing cyberbullying. 

“While platforms and lawmakers take their sweet time debating what borderline content is, people are left to deal with the psychological fallout of social media addiction. From the inability to tell right from wrong or fake from real, loss of concentration, sleep, and even sense of self, to radicalization, depression, and self harm – the consequences of companies toying with their algorithms to meet business goals are dire for humanity,” writes Jurgita Lapienytė, Editor-in-Chief at Cybernews. 

Profit Over Safety?

A new BBC report revealed what we suspected all along – big tech platforms turn a blind eye to harmful content for the sake of profit. Platforms allow so-called borderline content – misogynistic, sexist, racist, conspiracy-driven – that is harmful yet legal.

According to the report, based on accounts from a dozen whistleblowers and insiders, Meta engineers were instructed to allow more borderline content to compete with TikTok. Meanwhile, TikTok is said to have prioritized several user complaints involving politicians to “avoid threats of regulation or bans.”

Unsurprisingly, big tech platforms denied any wrongdoing, insisting that they do not amplify harmful content.

Algorithms are allegedly designed to better understand user interests and needs, and cater to them accordingly. Unfortunately, most of what a user “wants” turns out to be conspiracy theories, AI slop, deepfakes, and pro-Nazi content. Or at least the algorithm seems to think so – because most of this is so-called ragebait content, designed to provoke a strong response from the user.

And since users engage with it, the algorithm is tricked into “thinking” this is what people want. Humans behind the algorithm must clearly understand this is not the case, but clicks translate to cash. So why would Big Tech cut the branch it’s sitting on?

In 2024, Meta earned $16 billion, or 10% of its annual revenue, from scam ads and banned goods. The information comes not from a third-party analytics firm but from Meta’s own documents, proving that the tech giant is well aware of how much harm it can spread – and how much money it can make along the way.

While platforms and lawmakers take their sweet time debating what borderline content is, people are left to deal with the psychological fallout of social media addiction. From the inability to tell right from wrong or fake from real, loss of concentration, sleep, and even sense of self, to radicalization, depression, and self harm – the consequences of companies toying with their algorithms to meet business goals are dire for humanity.

It’s not only our mental health that’s at stake. Adversaries, well aware of algorithmic logic, abuse it to spread misinformation and straightforward lies, sowing division to influence elections all over the world – making us wonder just how much harm performative compliance has already done to democracy.

Cybernews is a globally recognized independent media outlet where journalists and security experts debunk cyber by research, testing, and data.

Cybernews has earned worldwide attention for its high-impact research and discoveries, which have uncovered some of the internet’s most significant security exposures and data leaks. Notable ones include:

  • Cybernews researchers found that Android AI apps leak Google secrets the most, 700TB of files already exposed.
  • Cybernews researchers discovered multiple open datasets comprising 16 billion login credentials from infostealer malware, social media, developer portals, and corporate networks – highlighting the unprecedented risks of account takeovers, phishing, and business email compromise.
  • The research team also studies over 19 billion newly exposed passwords, and found that most people use 8–10 character passwords (42%).
  • Cybernews researchers analyzed 156,080 randomly selected iOS apps – around 8% of the apps present on the App Store – and uncovered a massive oversight: 71% of them expose sensitive data.
  • Recently, Bob Dyachenko, a cybersecurity researcher and owner of SecurityDiscovery.com, and the Cybernews security research team discovered an unprotected Elasticsearch index, which contained a wide range of sensitive personal details related to the entire population of Georgia. 
  • The team analyzed the new Pixel 9 Pro XL smartphone’s web traffic, and found that Google’s latest flagship smartphone frequently transmits private user data to the tech giant before any app is installed.
  • The team revealed that a massive data leak at MC2 Data, a background check firm, affects one-third of the US population.
  • The Cybernews security research team discovered that 50 most popular Android apps require 11 dangerous permissions on average.
  • An analysis by Cybernews research discovered over a million publicly exposed secrets from over 58 thousand websites’ exposed environment (.env) files.
  • The team revealed that Australia’s football governing body, Football Australia, has leaked secret keys potentially opening access to 127 buckets of data, including ticket buyers’ personal data and players’ contracts and documents.
  • The Cybernews research team, in collaboration with cybersecurity researcher Bob Dyachenko, discovered a massive data leak containing information from numerous past breaches, comprising 12 terabytes of data and spanning over 26 billion records.
  • The team analyzed NASA’s website, and discovered an open redirect vulnerability plaguing NASA’s Astrobiology website.

For the Silo, Živilė Kasparavičiūtė.

Featured image via Cybernews- Elon Musk’s artificial intelligence (AI) firm xAI has said it is working to remove posts by its chatbot Grok that praised Adolf Hitler as the best person to deal with “vile anti-white hate.”

Sci-Tech

Running Moltbook AI Social Media Platform Has Serious Security Implications

Leave a comment

What is Moltbook? Reddit for AI Agents

Moltbook, an AI-exclusive social media platform launched just days ago and dubbed the “Reddit for AI agents,” has exploded in popularity online. Within its first week, Moltbook attracted over 1.5 million registered AI agents and more than a million human spectators watching the agents interact with each other, sparking countless posts across human social networks.

The project originated with OpenClaw, an open-source AI agent created by Peter Steinberger that runs locally on a user’s machine. The software allows bots to use a computer and internet services just as a human would. Building on this, entrepreneur Matt Schlicht developed his own OpenClaw agent, named Clawd Clawderberg, and tasked it with coding, moderating, and managing the entire Moltbook platform. Now most moltbots on the platform run on OpenClaw.

Vulnerability of Moltbook

Cybersecurity professionals warn that this setup is terribly insecure and creates massive security vulnerabilities. However, most agree that it’s impossible to suppress public curiosity and discourage experimentation. Instead, they are calling for caution and offering some safety tips.

Karolis Arbaciauskas, head of product at the cybersecurity company NordPass, comments:

“Moltbook and OpenClaw have attracted tech-savvy tinkerers with unprecedented opportunities for experimentation because these tools have virtually no built-in security restrictions but have broad access to users’ computers, apps, and accounts. For example, you can connect to your OpenClaw bot through a messaging app to interact with it while you’re away. It can remember your conversations, read and write files on your computer, browse the web, build applications, and even consult other bots on Moltbook for advice on how to do it best.”

Curiosity Killed The Cat

“While it’s exciting and curious to see what an AI agent can do without any security guardrails, this level of access is also extremely insecure. Therefore, please run Moltbook and your personal bots only in secure, isolated environments.

Do not give your AI agents access to your real accounts. Instead, create disposable alternatives for them to use. Do not let them use your main browser, especially if you store passwords on it. You should also be cautious with enabling autofill because it creates the risk of the agent having permanent remote access to your credentials. If you want an agent to build something autonomously and anticipate it may need to purchase software or rent server space, link it to a disposable payment card.

“Avoid running Moltbook or OpenClaw agents on your personal or work computers. These AI agents are unpredictable and highly vulnerable to prompt injection attacks. This means if your agent processes an email, document, or webpage containing a hidden malicious instruction, it will likely execute that command in addition to its original task. For example, it could be instructed to send all the credentials, personal data, and payment card information it has access to directly to an attacker.

“The risk isn’t limited to hackers with malicious intent. AI agents could leak users’ data unintentionally. And this is just the tip of the iceberg. Cybersecurity researchers have already identified critical flaws in Moltbook, including an unsecured database that could allow unauthorized users to take control of any AI agent on the site.

Launching Bots That Con?

“It would not be surprising if threat actors, trolls, and scammers have already found their way onto Moltbook and launched bots tasked with conning other AI agents into cryptocurrency schemes or luring them into hidden prompt injections.

“That’s why it is best to buy a separate, dedicated machine and use disposable accounts for any experimentation. It is also advisable to use encryption and a private mesh network as well as to try to harden your bot against prompt injections.”

For the Silo, Gintas Degutis.

Culture

Cybersecurity Expert On Recent Louvre Burglary Reveals Poor Password Choice

Leave a comment

On Sunday, October 19, a burglary took place at the Louvre — one of the best known museums in the world. In broad daylight, minutes after the museum opened, thieves broke into the Apollo Gallery and stole the French Crown Jewels, valued at around 88 million EUR/ $142.5 million CAD. 

While criminals entered the famous museum through a window, the robbery exposed a whole host of security problems at the Louvre, including issues with digital security. For example, French media claim that according to the documents they’ve seen, the server managing the museum’s video surveillance was once protected by a weak password “LOUVRE.”

Media in France cite audit documents which show that the Louvre neglected security issues for years, including holes in physical security, outdated software, shoddy maintenance, and poor password and cybersecurity management.

Karolis Arbačiauskas, Head of Product at the cybersecurity company NordPass, comments:

“Publicly available information increasingly suggests that the museum’s IT security system — which manages access control, alarms, and video surveillance — suffers from numerous vulnerabilities. According to a 2014 audit by the French National Cybersecurity Agency (ANSSI), the museum’s system also relied on insecure passwords. For example, the server managing the museum’s video surveillance was protected by the password ‘LOUVRE.'”

“This is horrible. Such a password breaks all the principles of creating secure passwords. On the other hand, it’s not that shocking. Truth to be told, our own research shows that cybersecurity in the public sector is not the best. Tens of thousands of public sector employee passwords are already on the dark web.” 

“But we need to be careful and refrain from pointing fingers until the investigation is completed. The audit data cited by the media is quite old, and we don’t know if the Louvre took ANSSI recommendations into account. Crucially, poor passwords were not the point of entry for the criminals; they gained access through a window, indicating a broader, comprehensive security failure.”

“Personally, I would like to see a positive side to this horrible story. This theft has become the ultimate penetration test for the Louvre, so I hope it will serve as a stimulus to review and upgrade all of the museum’s security systems and policies, including passwords and outdated software. Otherwise, this robbery may embolden criminals and potentially lead to more crimes in the future”

“Proper password should be at least 20 characters long and consist of a random combination of numbers, upper and lower case letters, and special symbols. Passwords on routers and security systems, including those that manage security cameras, must be extremely strong and perhaps go beyond what is considered a strong password, as these systems can literally and figuratively open almost any door. It is also paramount to never reuse passwords. The rule of thumb is that each account should have a unique password because if one account gets taken over, hackers can use the same credentials for other accounts.”

For the Silo, Gintautas Degutis/ Nordsec.

Sci-Tech

A Pathway To Trusted AI

Leave a comment

Artificial Intelligence (AI) has infiltrated our lives for decades, but since the public launch of ChatGPT showcasing generative AI in 2022, society has faced unprecedented technological evolution. 

With digital technology already a constant part of our lives, AI has the potential to alter the way we live, work, and play – but exponentially faster than conventional computers have. With AI comes staggering possibilities for both advancement and threat.

The AI industry creates unique and dangerous opportunities and challenges. AI can do amazing things humans can’t, but in many situations, referred to as the black box problem, experts cannot explain why particular decisions or sources of information are created. These outcomes can, sometimes, be inaccurate because of flawed data, bad decisions or infamous AI hallucinations. There is little regulation or guidance in software and effectively no regulations or guidelines in AI.

How do researchers find a way to build and deploy valuable, trusted AI when there are so many concerns about the technology’s reliability, accuracy and security?

That was the subject of a recent C.D. Howe Institute conference. In my keynote address, I commented that it all comes down to software. Software is already deeply intertwined in our lives, from health, banking, and communications to transportation and entertainment. Along with its benefits, there is huge potential for the disruption and tampering of societal structures: Power grids, airports, hospital systems, private data, trusted sources of information, and more.  

Consumers might not incur great consequences if a shopping application goes awry, but our transportation, financial or medical transactions demand rock-solid technology.

The good news is that experts have the knowledge and expertise to build reliable, secure, high-quality software, as demonstrated across Class A medical devices, airplanes, surgical robots, and more. The bad news is this is rarely standard practice. 

As a society, we have often tolerated compromised software for the sake of convenience. We trade privacy, security, and reliability for ease of use and corporate profitability. We have come to view software crashes, identity theft, cybersecurity breaches and the spread of misinformation as everyday occurrences. We are so used to these trade-offs with software that most users don’t even realize that reliable, secure solutions are possible.

With the expected potential of AI, creating trusted technology becomes ever more crucial. Allowing unverifiable AI in our frameworks is akin to building skyscrapers on silt. Security and functionality by design trump whack-a-mole retrofitting. Data must be accurate, protected, and used in the way it’s intended.

Striking a balance between security, quality, functionality, and profit is a complex dance. The BlackBerry phone, for example, set a standard for secure, trusted devices. Data was kept private, activities and information were secure, and operations were never hacked. Devices were used and trusted by prime ministers, CEOs and presidents worldwide. The security features it pioneered live on and are widely used in the devices that outcompeted Blackberry. 

Innovators have the know-how and expertise to create quality products. But often the drive for profits takes precedence over painstaking design. In the AI universe, however, where issues of data privacy, inaccuracies, generation of harmful content and exposure of vulnerabilities have far-reaching effects, trust is easily lost.

So, how do we build and maintain trust? Educating end-users and leaders is an excellent place to start. They need to be informed enough to demand better, and corporations need to strike a balance between caution and innovation.

Companies can build trust through a strong adherence to safe software practices, education in AI evolution and adherence to evolving regulations. Governments and corporate leaders can keep abreast of how other organizations and countries are enacting policies that support technological evolution, institute accreditation, and financial incentives that support best practices. Across the globe, countries and regions are already developing strategies and laws to encourage responsible use of AI. 

Recent years have seen the creation of codes of conduct and regulatory initiatives such as:

  • Canada’s Voluntary Code of Conduct on the Responsible Development and Management of Advanced Generative AI Systems, September 2023, signed by AI powerhouses such as the Vector Institute, Mila-Quebec Artificial Intelligence Institute and the Alberta Machine Intelligence Institute;
  • The Bletchley Declaration, Nov. 2023, an international agreement to cooperate on the development of safe AI, has been signed by 28 countries;
  • US President Biden’s 2023 executive order on the safe, secure and trustworthy development and use of AI; and
  • Governing AI for Humanity, UN Advisory Body Report, September 2024.

We have the expertise to build solid foundations for AI. It’s now up to leaders and corporations to ensure that much-needed practices, guidelines, policies and regulations are in place and followed. It is also up to end-users to demand quality and accountability. 

Now is the time to take steps to mitigate AI’s potential perils so we can build the trust that is needed to harness AI’s extraordinary potential. For the Silo, Charles Eagan. Charles Eagan is the former CTO of Blackberry and a technical advisor to AIE Inc.

Sci-Tech

In The Future Cyberwar Will Be Primary Theater For Superpowers

Leave a comment

Cybersecurity expert explains how virtual wars are fought

With the Russia-Ukraine war in full swing, cybersecurity experts point to a cyber front that had been forming online long before Russian troops crossed the border. Even in the months leading up to the outbreak of war, Ukrainian websites were attacked and altered to display threatening messages about the coming invasion.

“In response to Russian warfare actions, the hacking collective Anonymous launched a series of attacks against Russia, with the country’s state media being the main target. So we can see cyber warfare in action with new types of malware flooding both countries, thousands of sites crashing under DDoS (distributed denial-of-service) attacks, and hacktivism thriving on both sides of barricades,” Daniel Markuson, a cybersecurity expert at NordVPN, says.

The methods of cyberwarfare

In the past decade, the amount of time people spend online has risen drastically. Research by NordVPN has shown that Americans spend around 21 years of their lives online. With our life so dependent on the internet, cyber wars can cause very real damage. Some of the goals online “soldiers” are trying to pursue include:

  • Sabotage and terrorism

The intent of many cyber warfare actions is to sabotage and cause indiscriminate damage. From taking a site offline with a DDoS attack to defacing webpages with political messages, cyber terrorists launch multiple operations every year. One event that had the most impact happened in Turkey when Iranian hackers managed to knock out the power grid for around twelve hours, affecting more than 40 million people.

  • Espionage

While cyber espionage also occurs between corporations, with competitors vying for patents and sensitive information, it’s an essential strategy for governments engaging in covert warfare. Chinese intelligence services are regularly named as the culprits in such operations, although they consistently deny the accusations.

  • Civilian activism (hacktivism)

The growing trend of hacktivism has seen civilian cyber activists take on governments and authorities around the world. One example of hacktivism is Anonymous, a group that has claimed responsibility for assaults on government agencies in the US. In 2022, Anonymous began a targeted cyber campaign against Russia after it invaded Ukraine in an attempt to disrupt government systems and combat Russian propaganda.

  • Propaganda and disinformation

In 2020, 81 countries were found to have used some form of social media manipulation. This type of manipulation was usually ordered by government agencies, political parties, or politicians. Such campaigns, which largely involve the spread of fake news, tended to focus on three key goals – distract or divert conversations away from important issues, increase polarization between religious, political, or social groups, and suppress fundamental human rights, such as the right to freedom of expression or freedom of information.

The future of cyber warfare

“Governments, corporations, and the public need to understand this emerging landscape and protect themselves by taking care of their physical security as well as cybersecurity. From the mass cyberattacks of 2008’s Russo-Georgian War to the cyber onslaught faced by Ukraine today, this is the new battleground for both civil and international conflicts,” Daniel Markuson says.

Markuson predicts that in the future, cyber war will become the primary theater of war for global superpowers. He also thinks that terrorist cells may focus their efforts on targeting civilian infrastructure and other high-risk networks: terrorists would be even harder to detect and could launch attacks anywhere in the world. Lastly, Markuson thinks that activism will become more virtual and allow citizens to hold large governmental authorities to account.

A regular person can’t do much to fight in a cyber war or to protect themselves from the consequences.

However, educating yourself, paying attention to the reliability of sources of information, and maintaining a critical attitude  to everything you read online could help  increase your awareness and feel less affected by propaganda.  For the Silo, Darija Grobova.

Sci-Tech

Amidst Waves of Data Breaches, U.S. Gov Advised Agencies: Implement Zero Trust Architecture

Leave a comment

It’s been nearly two years since arguments and questions kept rising following the FAA outage that happened on January 11th, 2023, which resulted in the complete closure of the U.S. Airspace and most of the airspace here in Canada.

Although the FAA later confirmed that the outage was, in fact, caused by a contractor who unintentionally damaged a data file related to the Notices to Air Missions (NOTAM) system, the authenticity of the fact is still debated. 

The FAA initially urged airlines to ground domestic departures following the system glitch Credit: Reuters

“The FAA said it was due to one corrupted file – who believes this? Are there no safeguards against one file being corrupted, bringing everything down? Billions of Dollars are being spent on cybersecurity, yet this is going on – are there any other files that could be corrupted?” questions Walt Szablowski, Founder and Executive Chairman of Eracent, a company that specializes in providing IT and cybersecurity solutions to large organizations such as the USPS, Visa, U.S. Airforce, British Ministry of Defense — and dozens of Fortune 500 companies.

There has been a string of cybersecurity breaches across some high-profile organizations.

Last year, on January 19th, T-Mobile disclosed that a cyberattacker stole personal data pertaining to 37 million customers, December 2022 saw a trove of data on over 200 million Twitter users circulated among hackers. In November 2022, a hacker posted a dataset to BreachForums containing up-to-date personal information of 487 million WhatsApp users from 84 countries.

The Ponemon Institute in its 2021 Cost of a Data Breach Report analyzed data from 537 organizations around the world that had suffered a data breach. Note all of the following figures are in US dollars. They found that healthcare ($9.23 million ), financial ($5.72 million), pharmaceutical ($5.04 million), technology ($4.88 million), and energy organizations ($4.65 million) suffered the costliest data breaches.

The average total cost of a data breach was estimated to be $3.86 million in 2020, while it increased to $4.24 million in 2021.

“In the software business, 90% of the money is thrown away on software that doesn’t work as intended or as promised,” argues Szablowski“Due to the uncontrollable waves of costly network and data breaches, the U.S. Federal Government is mandating the implementation of the Zero Trust Architecture.

Eracent’s ClearArmor Zero Trust Resource Planning (ZTRP) consolidates and transforms the concept of Zero Trust Architecture into a complete implementation within an organization.

This image has an empty alt attribute; its file name is image-4.png

“Relying on the latest technology will not work if organizations do not evolve their thinking. Tools and technology alone are not the answer. Organizations must design a cybersecurity system that fits and supports each organization’s unique requirements,” concludes Szablowski. For the Silo, Karla Jo Helms.

Sci-Tech

USB Juice Jacking Is New Way Hackers Attack Travelers

Leave a comment

How to avoid being hacked during this Fall’s travel season. 

According to a recent study by cybersecurity firm NordVPN, one in four travelers has been hacked when using public Wi-Fi while traveling abroad. However, unsecured Wi-Fi is not the only factor travelers should be worried about. 

Last year, the FBI published a tweet (see below) warning users against smartphone charging stations in public places (airports, hotels, and shopping malls). Hackers may have modified the charging cables with the aim of installing malware on phones to perform an attack called juice jacking. 

“Digital information, although it exists virtually, can also be stolen using physical devices. So it is important to take a 360-degree approach and secure your device from both online and offline threats,” says Adrianus Warmenhoven, a cybersecurity advisor.

What is juice jacking?

Juice jacking is a cyberattack where a public USB charging port is used to steal data or install malware on a device. Juice jacking attacks allow hackers to steal users’ passwords, credit card information, addresses, names, and other data. Attackers can also install malware to track keystrokes, show ads, or add devices to a botnet.

Image

Is juice jacking detectable?

Juice jacking attacks can be difficult to detect. If your device has already been compromised, you may notice some suspicious activity – but that won’t always be the case.

For example, you may notice something you don’t recognize on your phone — like purchases you didn’t make or calls that look suspicious.

Your phone may also start working unusually slowly or feel hotter than usual. Chances are you may have picked up malware. For a full list of signs to watch out for read on and find out how to know if your phone is hacked.

How to protect yourself

Since no sign of juice jacking is 100% reliable, it is best to avoid falling victim to this attack by using the following the advice:

  • Get a power bank. Power banks are a safe and convenient way to charge your device on the go. Getting a portable power bank means that you’ll never have to use public charging stations where juice jacking attacks occur. Always ensure your power bank is fully charged so you can use it on the go.
     
  • Use a USB data blocker. A USB data blocker is a device that protects your phone from juice jacking when you’re using a public charging station. It plugs into the charging port on your phone and acts as a shield between the public charging station’s cord and your device.
     
  • Use a power socket instead. Juice jacking attacks only happen when you’re connected to a USB charger. If you absolutely need to charge your phone in public, avoid the risk of infected cables and USB ports and use a power outlet. This is typically a safe way to charge your mobile device and other devices in public.

For the Silo, Darija Grobova.

Sci-Tech

Study: Is your phone reading your mind? 33% of Canadians have noticed being tracked by their gadgets

Leave a comment

Digital privacy expert discusses the possible violation of privacy and security of cross-device tracking 

Third of Canadians (33%) have ever noticed an ad on their devices of something they recently spoke about or saw on TV (but hadn’t searched for), according to research by NordVPN, a leading cybersecurity company. A majority of them noticed such ads on their smartphones (76%), computers (49%), or tablets (29%). Moreover, such experience made more than 4 in 10 (46%) Canadians feel tracked/followed as well as scared (12%). 

“That’s due to ultrasonic cross-device tracking. That’s when smartphones have apps that are continuously listening to inaudible, high-frequency ultrasonic sounds from the surroundings and gather a lot of information about you — all without your knowledge. Later, they share this data across other devices,” says Adrianus Warmenhoven, a digital privacy expert.

While tracking people’s behavior across devices is beneficial to marketers, cross-device tracking is often questioned by privacy experts because of its lack of transparency, security and protection of sensitive consumers’ data. 

What do our American friends think?

Ultrasonic cross-device tracking — a trending rise 

Ultrasonic cross-device tracking is used as a method to link all the devices you own to track your behavior and location. These ultrasonic audio beacons can be embedded in many things we interact with daily: TV shows, online videos or websites, or apps on our phones.

Imagine you are watching TV and you see  chocolate being advertised. You pick up your phone, and the same chocolate ad appears on your screen. By using ultrasounds, audio beacons can detect when your phone is nearby, and apps on your phone can listen for approximate audio beacons to track what you are doing.

“Many apps currently ask for permission to access the smartphone’s microphone to incorporate a particular type of ultrasonic beacon to track them. Since it requires no mobile data or Wi-Fi connection but only microphone access to listen to beacons, tracking works even when you have disconnected your phone from the Internet.

“It’s not possible to stop ultrasonic beacons from emitting sound frequencies around you. Therefore, the best way to reduce the chance of your smartphone listening for beacons is to simply restrict unnecessary permissions you have granted to the apps installed on your device,” says Adrianus Warmenhoven.

How can you reduce cross-device tracking?

NordVPN research shows that 65% of Canadians don’t know how to restrict their smartphone’s permissions from listening to them. No one likes to be tracked. Therefore, Adrianus Warmenhoven suggest several ways people can reduce the incidence of this happening:

  • Use a VPN. One of the best ways to protect yourself from being tracked is by using a VPN. A VPN is a tool that encrypts every bit of information about your internet activity. It also stops IP-based tracking because it masks your IP address.
     
  • Use a privacy browser. If you want to keep yourself from tracking, it is best to use a private browser like Tor or DuckDuckGo rather than the incognito mode in Google Chrome. These browsers do not profile you or save any of your personal data for sharing with marketers.
     
  • Change app permissions. The apps on your smartphone may have some permissions that are not required. For instance, why would a photo-editing app need access to your microphone? If apps on your phone have such non-required permissions, you should revoke these permissions.

“The consolidation of power among large tech companies allows them to obtain large quantities of data about individuals across multiple platforms and devices. In this way, technology giants have even more opportunities to obtain deeper insights into individuals’ habits and preferences. Data consolidation through cross-device and platform tracking may also increase data security risks,” says Adrianus Warmenhoven. For the Silo, Darija Grobova/NordVPN.

Sci-Tech

Top sites data breached last year include linkedin

Leave a comment

Almost 6 billion accounts affected in data breaches in 2021 

The year 2021 was record-breaking in terms of the sheer size of data breaches. According to the data collected and analyzed by the Atlas VPN team, 5.9 billion accounts were affected by data breaches throughout 2021. 

Atlas VPN has retrieved and calculated the numbers of breached accounts based on multiple publicly available sources. The total count includes worldwide data breaches that took place from January 1st, 2021, to December 31st, 2021. 

Image

February saw the biggest data breach of all-time  COMB, or in other words, the Compilation of Many Breaches, which is responsible for the leak of a whopping 3.2 billion unique cleartext email and password combinations.

The breach was named this way because it is not a result of a single hack of a specific organization but rather combines leaked data from a number of different breaches spanning five years, including Netflix, LinkedIn, and others.

The breached data was first offered for sale on RaidForums, an underground database sharing and marketplace forum, for just $2 in February. Other breaches that made it to the top five biggest data leaks of 2021 include LinkedIn (700 million people), Facebook (533 million people), Brazil’s Ministry of Health (220 million people), and SocialArks (214 million people). 

Cybersecurity writer and researcher at Atlas VPN Ruta Cizinauskaite shares her thoughts on 2021 data breach trends: “Even with data breaches becoming a growing threat, it seems organizations are still not putting enough effort in protecting the personal information of their users. One of the first things every organization should do is evaluate the amount of sensitive user data it collects — the less sensitive data is stored, the lesser the risk of it being leaked.”