WordPress moves could have security implications for sites using Advanced Custom Fields plug-in.

Source: Primakov via Shutterstock

Organizations using WordPress plug-in Advanced Custom Fields (ACF) are in the middle of an ugly and very public dispute between WP Engine (WPE), the maker of the plug-in, and Matt Mullenweg, the founder of the open source content management system.

At stake is how users of the plug-in receive security fixes and other updates going forward after Mullenweg announced his decision over the weekend to fork ACF into a new version called Secure Content Fields (SCF). He also cut off WPE's access to WordPress.org's update servers.

**Forced Changes**

Following the fork, sites that use free versions of ACF and also have auto-updates from WordPress.org enabled will automatically get switched to SCF and receive future updates for the plug-in through WordPress.org. Sites owners that want to remain on ACF and receive updates via WPE need to install an alternate update mechanism that the vendor has released.

Meanwhile, customers of the paid ACF version will continue to receive updates directly from WPE and need to do nothing differently.

Mullenweg is the founder of WordPress and CEO of Automattic, the owner of WordPress.com, which hosts a commercial version of the content management system, just like WP Engine does.  In recent weeks, Mullenweg has launched a series of scathing attacks on WP Engine, a company he has described as profiting enormously off the open source software model while returning very little back to the community.

**Bitter and Escalating Battle**

"What WP Engine gives you is not WordPress, it's something that they’ve chopped up, hacked, butchered to look like WordPress, but actually they’re giving you a cheap knock-off and charging you more for it," Mullenweg asserted in a September blog post. "This is one of the many reasons they are a cancer to WordPress, and it’s important to remember that unchecked, cancer will spread." Mullenweg described his decision to fork ACF into a new plug-in as a move to "remove commercial upsells and fix a security problem" that WP Engine allegedly has failed to fix.

Mullenweg recently claimed that WPE needed a trademark license to continue selling services under the WordPress name and demanded 8% of the company's revenue on a monthly basis for the right to use the name. In September, he banned WPE from accessing WordPress.org resources, citing the need for the company to have a trademark license.

WPE's ACF team, for its part, characterized Mullenweg's decision as violating open source guidelines and setting a troubling precedent. The company has dismissed Mullenweg's claims about the plug-in's security. "A plugin under active development has never been unilaterally and forcibly taken away from its creator without content in the 21 year history of WordPress," the ACF team posted on social media site X.

In a blog post, Ian Poulson, product manager for ACF, pointed to over 15 releases and significant new functionality the ACF team has made to the free version of the plug-in over the past two years, in addition to improvements to the paid version. Mullenweg's decision to fork ACF is "inconsistent with open source values and principles," he noted.

"The change made by Mullenweg is maliciously being used to update millions of existing installations of ACF with code that is unapproved and untrusted by the Advanced Custom Fields team," Poulson wrote. Organizations using a free version of ACF must download version 6.3.8 from Advanced Custom Fields if they wish to continue receiving ACF-approved updates, he noted.

Earlier this month, WPE filed a lawsuit citing "abuse of power, extortion, and greed" against Automattic and Mullenweg. WPE has also sent a cease-and-desist letter to Automattic over the same issue.

**User Confusion?**

Stephen Kowski, field chief technology officer for SlashNext Email Security, says the dispute between WordPress and WP Engine over the Advanced Custom Fields plug-in reveals tensions in open source software management that could signal the start of a messier ongoing conflict.

"This conflict could result in user confusion and potential migration work, as automatic updates may lead to unknowing transitions to the new Secure Custom Fields plug-in," he notes. "Users may ultimately need to do further due diligence taking into account security and migration resources if needed, in order to choose between WP Engine's original ACF plug-in and WordPress' forked version, Secure Custom Fields."

Kowski perceives Mullenweg's decision as having a twofold impact. The newly forked Secure Custom Fields plug-in addresses a security issue that WP Engine has already patched and therefore is unlikely to be of any benefit for users. "On the other hand, the update process may introduce new risks if users are not aware of the changes or do not properly transition to the new plug-in," he says. "Users should exercise caution and carefully evaluate the plug-ins they use to ensure they are getting updates from trusted sources."

**About the Author**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

WP Engine Accuses WordPress of 'Forcibly' Taking Over Its Plug-in

A heated regulatory landscape, uncertainty over AI use, and how it all ties back to cybersecurity means CISOs have to add privacy to their portfolios.

Source: Leo Wolfert via Alamy Stock Photo

Years ago, when Mark Eggleston was tasked with building a privacy program for a national healthcare provider, he saw firsthand the importance of cross-functional collaboration.

"I needed legal experts to debate the HIPAA Privacy, NPRM \[Notice of Proposed Rulemaking\], final rule, and guidance and convert those requirements into internal policies," Eggleston recalls. "CISOs can bring efficiency and reliance to these procedures by implementing technical controls."

Eggleston, who is currently the chief information security officer (CISO) at CSC, a provider of business administration and compliance solutions, now recognizes how this collaboration underscores a larger trend occurring: CISOs are increasingly taking responsibility for privacy within organizations. According to research from IANS, CISO ownership of privacy has surged from 35% to 47% over the past five years. This growing role comes as privacy management and cybersecurity become more intertwined, fueled by regulatory pressures; evolving questions and concerns about certain technologies, like artificial intelligence (AI); and the always present desire to avoid becoming a victim of a data breach.

Traditionally, privacy and security were considered separate domains within an organization. Privacy was the responsibility of legal or compliance teams, while CISOs focused on protecting the organization from cyber threats. However, the line between these two areas is blurring, and more CISOs are being asked to handle privacy functions.

"When a CISO conducts a risk assessment or looks at data flow, they're already thinking about how to protect that information," says Rebecca Herold, CEO of The Privacy Professor and an IANS faculty member. Adding privacy to the role simply formalizes what they're already doing in many cases, she says.

Yunique Demann, senior director and data protection officer at NTT Data Americas, began her career in a security role and then moved into a privacy position, giving her a view into both disciplines.

"With the rise in data breaches, regulations, and regulatory scrutiny outside your legal, risk, or compliance functions, CISOs are becoming a natural fit to oversee privacy controls," she says. "Privacy is one of many areas that have impacted a CISO's role."

**Why CISOs Are Taking on Privacy Roles**

Another driver behind the shift in responsibility is the ever-changing regulatory landscape. Privacy laws, like the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CCPA) in the US, are placing greater demands on organizations to protect personal data. These regulations require organizations to have robust privacy controls, and, in many cases, the CISO is seen as integral to helping to oversee those efforts. CSC's Eggleston, who has held both CISO and chief privacy officer (CPO) roles, says the shift has been afoot for years, as CISOs have had to work with other departments where privacy is also essential.

"Most CISOs are already working strongly with human resources and legal teams, and the focus on privacy makes it paramount to continue to do so, as both HR and legal have core interest in privacy matters," he says. "Even the NIST Cybersecurity Framework is now integrating privacy into its guidelines."

With CISOs taking on more privacy duties comes a growing need to balance these responsibilities with their traditional focus on cybersecurity. There is also the potential for a conflict of interest, Demann says.

"But this is handled when operational privacy responsibilities are given to a DPO \[data protection officer\], while keeping the reporting line into security," she says.

In addition to regulatory pressures, advances in technology, such as the widespread adoption of AI, are contributing to CISOs' expanded role in privacy management. A recent survey from the International Association of Privacy Professionals (IAPP) found that 69% of chief privacy officers now have additional responsibility for AI governance, and 37% for cybersecurity regulatory compliance. And for good reason, says Demann, because many areas around AI require more scrutiny from both a privacy and security perspective.

"Privacy risks occur when the use of AI conflicts with these fundamentals and lacks transparency and incorporates bias in the process," she says. "Just because your LLM \[large language model\] can utilize huge amounts of data points, it doesn't mean it should, especially without consent of the individuals whose data you are using. Consent should be clear and explicit. Unfortunately, we are finding too many situations where consent is hidden."

**Reskilling to Handle Privacy**

The skills required for privacy management are also evolving, and CISOs must be prepared to adapt.

"Privacy is fundamentally about protecting individuals' rights and ensuring the processing of personal data is performed in accordance with applicable laws," Demann says. "This requires a deeper understanding of legal, ethical, and regulatory frameworks and a focus on data governance, consent management, and transparency."

She encourages CISOs to engage with privacy communities, collaborate with privacy leads, and actively seek opportunities to expand their knowledge of privacy issues.

For CISOs, collaboration with CPOs and legal departments is also key to ensuring both security and privacy compliance within their organizations. Demann recommends regular communication and joint initiatives, such as combined tabletop exercises and industry presentations, to create a unified approach to privacy and security.

"The more privacy and security leads can show up together, the easier it is for the organization to have a strategic approach," she says.

Eggleston stresses the importance of staying informed through think tank digests, privacy updates from legal firms, and ongoing discussions with jurisdictional staff.

"Many EMEA countries have much more detailed and stronger requirements for privacy," he notes, citing Luxembourg's Professional Secrecy obligation as an example.

Looking ahead, CISOs need to be prepared to navigate emerging privacy trends, whether or not privacy is in their purview. As the role expands, they will need to continue building their knowledge of privacy laws and collaborating across departments to protect both company data and individuals' rights.

"Security is about confidentiality, and privacy is fundamentally about confidentiality," Eggleston concludes. "Privacy and security are stronger together."

**About the Author**

Contributing Writer, Dark Reading

Joan Goodchild is a veteran journalist, editor, and writer who has been covering security for more than a decade. She has written for several publications and previously served as editor-in-chief for CSO Online.

CISOs' Privacy Responsibilities Keep Growing

Use SSO, don't use SSO. Have MFA, don't have MFA. An analysis of a snapshot of organizations using Push Security's platform finds that 99% of accounts susceptible to phishing attacks.

With organizations adopting cloud services, mobile devices, and other digital technologies to meet customer needs and to support an increasingly remote workforce, identity is the security perimeter. Identity is where organizations authenticate, authorize, and manage users, applications, and devices. This requires organizations to invest in identity technologies such as single sign-on, multifactor authentication, continuous monitoring, and identity access management.

Currently, there are a lot of gaps that leave organizations vulnerable to identity-based attacks such as credential stuffing, brute-force, and phishing.

In an analysis of 300,000 accounts and associated login methods, Push Security’s research team calculated the average employee in an average organization has 15 identities. A little over a third (37%) of identities used password-based logins with no MFA enabled, according to Push Security data.

According to the analysis, 61% of accounts relied only on single sign-on, and 29% had only passwords, and 10% of identities allowed both single sign-on and a password. Almost two-thirds (63%) of accounts — regardless of whether single sign-on was available or not — used some form of MFA. Almost all of them relied on what Push Security deemed “phishable MFA,” which refers to methods vulnerable to bypass attacks such as MFA fatigue or advanced attacker-in-the-middle phishing toolkits. Less than 1% of accounts using single sign-on methods used “phishing-resistant MFA,” according to Push Security.

For accounts that had only a password, 80% did not have MFA enabled, while 40% of accounts that had both SSO login and a password lacked MFA.

The problem with accounts having both SSO and passwords is that it opens the door to ghost logins, or situations where an account has multiple login methods. In this case, despite having single sign-on, these accounts could potentially be compromised if the attacker figures out the password via credential stuffing or brute-force attacks.

Even in cases where SSO is used, there is a password login to the identity provider at the beginning of the flow. A look at the identity provider account shows that 17% does not have MFA enabled, and 10% reused passwords. If this password is somehow compromised — perhaps by credential stuffing or phishing — the accounts with SSO logins are also compromised.

Another thing about MFA: identity provider accounts are among the “most critical accounts that a user can have,” Push Security noted, but 20% are missing MFA.

What was also worrying that 9% of identities had a breached, weak, or reused password and had no MFA enabled, making these identities susceptible to attack. “Accounts that are missing MFA are vulnerable to credential stuffing attacks targeting stolen, weak, or reused passwords, and even the most basic phishing toolkits,” Push Security said.

**About the Author**

Dark Reading

The Edge is Dark Reading's home for features, threat data and in-depth perspectives on cybersecurity.

Even Orgs With SSO Are Vulnerable to Identity-Based Attacks

With cybercriminal gangs raking in at least $18 billion regionally — and much more globally — law enforcement and policymakers are struggling to keep up as the syndicates innovate and entrench themselves in national economies.

Source: ru99 via Shutterstock

Cyber-enabled fraud, innovative criminal organizations, and advances in money laundering have created a booming shadow economy in Southeast Asia that grows more entrenched every year, creating challenges for governments in the region.

The criminal syndicates in the delta region of the Mekong River and the greater Asia-Pacific region operate out of casinos, hotels, special economic zones, and other properties, which have become hubs for massive cybercriminal enterprises, raking in between $27 billion and $37 billion a year in profits, according to a report published on Oct. 7 by the United Nations Office on Drugs and Crime (UNODC). While some law enforcement organizations and regional officials have mounted efforts to fight against the growing criminal syndicates, they often just move their operations to "inaccessible and autonomous non-state armed group territories and other criminal enclaves," the report stated.

The result is a cybercrime-induced crisis, where the profits are driving quick innovation in criminal professionalization, money laundering, and forced labor and human trafficking, John Wojcik, a regional analyst with the UNODC, said in an email interview.

"It is now increasingly clear that a potentially irreversible shift has taken place in which organized crime are able to target countries globally at an unprecedented scale while picking jurisdictions and moving criminal proceeds as needed, with the resulting situation rapidly outpacing the capacity of governments to contain it," he said.

The UNODC report — "Transnational Organized Crime and the Convergence of Cyber-Enabled Fraud, Underground Banking and Technological Innovation in Southeast Asia: A Shifting Threat Landscape" — is the latest update on the growing cybercrime ecosystem undermining economic development and human rights in Southeast Asia. The UNODC analysts estimated that victims in East and Southeast Asia had lost $18 billion to $37 billion in 2023 due mainly to organized crime groups. Globally, the groups garnered between $27 billion and $37 billion last year, while experimentation with generative AI technology will likely to lead to greater losses as a "force multiplier," USODC's Wojcik said.

The regional troubles are partly due to the geopolitics and the international rivalries in the region, which spilled over to the cyberspace domain, says Vishal Gupta, CEO of data-security firm Seclore. Operatives and hackers trained for that cyber conflict have either created their own cybercriminals groups or joined already existing crime syndicates, says Gupta, who has conducted business in the region for years.

"This ecosystem just didn't pop up, you know, all of a sudden," he says. "If you consider any of the nations — Malaysia, Thailand, Indonesia, and so on outside of China, which is the 800-pound gorilla over there — but if you look at any of these nations, there is very little collaboration with others ... and cybercriminals are using that to their benefit."

**Corruptions and Lax Legal Frameworks**

Most of the cybercriminal groups operate in the nations in the Mekong delta region — including Cambodia, Laos, and Myanmar — but have shown their ability to move to ungoverned regions or those with friendly governments.

The massive scale of profits — $37 billion is more than 7% of the GDP of those three nations — has driven the professionalization and innovation of money laundering, linking transnational criminal groups in Southeast Asia, which have emerged as global market leaders, UNODC's Wojcik said.

"Asian crime syndicates have effectively established and streamlined a parallel banking system capable of laundering and integrating vast amounts of illicit proceeds into the formal financial system undetected," he said. "The sophistication of these methods at this scale is something we have not seen before."

Source: Author created graphic using Google Earth historical maps of region identified by UNODC

The economic growth fueled by the cybercriminal boom in nothing short of astonishing. In one area of Myanmar across the river from Thailand, a town-sized compound with advanced internet communications technology (ICT) infrastructure has appeared over the past five years, according to the UNODC report.

The technical ability of the criminal syndicates has outpaced businesses and other regional organizations, Seclore's Gupta says.

"The pace at which the criminals are innovating \[and\] the pace at which companies are innovating — that pace has been different," he says. "The criminals are innovating on a daily basis, and companies are innovating with their defenses on a monthly or a quarterly or sometimes on an annual basis."

**Not Just "Pig Butchering"**

The cybercriminals have also diversified their income. While "pig butchering" has garnered the most media attention, the long-con cybersecurity scam — where a fraudster makes contact with the victim, gains their trust, and then cashes out by convincing them to invest through a seemingly legitimate financial service — is just one of the weapons in a cybercriminal syndicate's arsenal.

While casinos and online gambling are the foundation for the groups' profits, law enforcement authorities have encounter a burgeoning menagerie of cybercriminal techniques that lead back to Southeast Asian crime syndicates, UNDOC's Wojcik said. Information-stealing malware, ransomware, and impersonation and kidnapping scams — increasingly with deepfake components — have become common, he said.

"There is growing concern that Asian crime syndicates are rapidly maturing into more sophisticated cyber-threat actors, aided by technological advancements that have not only expanded the scope and efficiency of cyber-enabled fraud and cybercrime but have also lowered the barriers to entry for criminal networks that previously lacked the technical skills to exploit more sophisticated and profitable methods," Wojcik said.

Secore's Gupta has a more positive outlook.

"The chances that a year from now we will see better cooperation, more stringent laws, the equivalent of digital embargoes that I described and so on, will be better than today, I think, is very high," he says. "I see that happening, and countries are clamping down on all of these operations. So if you look at the number of raids and cyber investigation infrastructure that has been created by each of the countries in just the three, four years of COVID, it's gone up.

"There are positive signs," he says. "I think the nations are finally coming to a realization that if they breed snakes, then at some stage, the snake is going to come back and bite the breeder."

**About the Author**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Southeast Asian Cybercrime Profits Fuel Shadow Economy

Suspected nation-state actors are spotted stringing together three different zero-days in the Ivanti Cloud Services Application to gain persistent access to a targeted system.

Source: Kristoffer Tripplaar via Alamy Stock Photo

A deft chaining together of three separate zero-day flaws in Ivanti's Cloud Service Appliance allowed a particularly potent cyberattacker to infiltrate a target network and execute malicious actions, leading researchers to conclude a nation-state actor was actively targeting these vulnerable systems.

Fortinet's FortiGuard Labs published its findings, warning that any organization running Ivanti's CSA version 4.6 and prior without taking necessary remediation precautions is vulnerable to this method of attack.

The details of the newly uncovered attack chain come amid the announcement of a bevy of additional security flaws in Ivanti's CSA also under active exploit.

"The advanced adversaries were observed exploiting and chaining zero-day vulnerabilities to establish beachhead access in the victim's network," Fortinet's report said. "This incident is a prime example of how threat actors chain zero-day vulnerabilities to gain initial access to a victim’s network."

The three specific Ivanti CSA flaws used in the attack were a command injection flaw in the DateTimeTab.php resource tracked as CVE-2024-8190, a critical path traversal vulnerability in the /client/index.php resource tracked as CVE-2024-8963, and an unauthenticated command injection vuln tracked as CVE-2024-9380 affecting reports.php.

Once initial access was established using the path traversal bug, the threat group was able to exploit the command injection flaw in the resource reports.php to drop a Web shell. The group exploited a separate SQL injection flaw on Ivanti's backend SQL database server (SQLS) tracked as CVE-2024-29824 to gain remote execution on the SQLS system, the researchers noted.

After Ivanti released a patch for the command injection flaw, the attack group acted to ensure other adversaries do not follow them onto the compromised systems. "On September 10, 2024, when the advisory for CVE-2024-8190 was published by Ivanti, the threat actor, still active in the customer's network, 'patched' the command injection vulnerabilities in the resources /gsb/DateTimeTab.php, and /gsb/reports.php, making them unexploitable," the FortiGuard Labs team added in the report. "In the past, threat actors have been observed to patch vulnerabilities after having exploited them, and gained foothold into the victim's network, to stop any other intruder from gaining access to the vulnerable asset(s), and potentially interfering with their attack operations."

In this instance, analysts suspected the group was trying to use sophisticated techniques to maintain access, including launching a DNS tunneling attack via PowerShell, and dropping a Linux kernel object rootkit on the compromised CSA system.

"The likely motive behind this was for the threat actor to maintain kernel-level persistence on the CSA device, which may survive even a factory reset," Fortinet researchers said.

Serious Adversaries Circle Ivanti CSA Zero-Day Flaws

The gaming company reports that the server has been rebuilt after the leak, but has not confirmed if its insider video game data was leaked.

Source: Maximum Film via Alamy Stock Photo

Game Freak, the company behind the Pokémon franchise, is dealing with a security breach that has compromised the data of more than 2,600 employees and partners. 

The data leak first came to light on a forum known as 4chan earlier this month before it began circulating on social media and other online forums.

Coined "TeraLeak," the breach contains multiple gigabytes of information according to Centro Leaks, a Pokémon leak monitoring account.

The data also allegedly includes inside information of video games, source code for existing frames, and data on unreleased Pokémon games.

Game Freak confirmed on Oct. 10 that it experienced a security incident in August in which an unauthorized third-party actor gained access to the video game company's system and exposed sensitive data regarding current and former employees.

However, the gaming company has refrained from commenting whether or not data regarding its games and code have been compromised, though it has noted that it rebuilt and inspected the server and will try to prevent the event from happening again.

"We are contacting the affected employees individually \[and\] will set up a hotline for those who cannot be contacted directly and to handle inquiries regarding this matter," the company said.  

**About the Author**

Pokémon Gaming Company Employee Info Leaked in Hack

Organizations are grappling with the risks of having outdated hardware handling core workloads, mission-critical applications no one knows how to update or maintain, and systems that IT and security teams don't know about.

Dave Lewis, Global Advisory CISO, 1Password

October 14, 2024

3 Min Read

Source: Aleksey Popov via Alamy Stock Photo

COMMENTARY

When I began my security career, everything was an adventure — new technologies, new opportunities, and new lessons to learn. Some of those lessons have stayed with me over the years. Simple on the surface, these lessons have had a significant impact and proved valuable over time. Yet, when I look at the wider industry, I often find myself vexed at the current state of affairs. 

**The Beige Desktop Is Everywhere**

The best example of this flustered feeling is the pervasive nature of the "beige desktop." We have all seen them in our industry travels — machines that predate many of the technologies we rely on today. Hardware that soldiers on from the dark recesses of a data center's raised floor. 

You can see where this is heading. That system is invariably running code written by a summer student long ago and has now become mission-critical. Code that was not properly commented or documented. An application that has somehow become indispensable to the business. 

How does this keep happening? I've often pondered this question. Whenever I bring it up at conferences, heads always nod in understanding. Those systems that lurk in the shadows of a data center. 

**Hard to Get Rid of Shadows**

We often hear the term "shadow IT." It usually finds its way into conversations with a sense of derision. A few months ago, I was giving a talk at a conference when I asked the audience if they had encountered the beige desktop in their environments. The audience laughed, grimaced, and hung their heads — confirming my thoughts. I paused and asked how many companies present had controls in place in their environments for shadow IT. Every hand went up. 

I let the question hang in the air for a moment. Then I asked the audience a follow-up query: "How many of you here have shadow IT in your environments?" There was some hesitation. Eyes darted around nervously. Slowly but surely, every hand went up again. 

We had an interesting conversational moment. These companies all had controls in place to guard against shadow IT, yet … it still existed. We had discovered Schrödinger's IT security problem. It simultaneously exists and doesn't. 

**Who Owns the Risk?This begs the question: Who truly owns the risk of shadow IT? While the knee-jerk reaction might be to assign this to the chief information security officer, I wonder if that is fair. The CISO puts security controls in place. The CISO ensures that there are policies and procedures around handling the risks presented by shadow IT. But it continues. Is it fair to say the CISO is responsible at that point? Just thinking out loud. Could this risk be more appropriately assigned to the chief financial officer, as it presents a potential material enterprise risk so thereby is this executive's responsibility? I would love to see this develop into a broader conversation because, honestly, I'm unsure of the answer and would love the input from the CISO community. ****How We Wound Up Here**

Shadow IT rarely, if ever, originates from a place of malice. These projects are quite often built to satisfy the need for innovation. Other examples of why this happens could include the perceived inadequacy of the deployed systems that support development in the enterprise. Or it simply occurs out of a need for speed and convenience. 

It's often easier to ask for forgiveness than permission. While the beige desktop may be a tongue-in-cheek story, it serves as an example of what happens in environments across the globe. 

**Top Dead Center**

How do we move toward an enterprise or SMB environment that supports innovation while remaining safe and secure? There is a need to provide visibility and security to deal with tools and projects that may not have been vetted or approved by the IT and security teams. 

It's time to move away from the beige desktops and toward a technological engine that empowers businesses to drive innovation safely and securely. 

**About the Author**

Global Advisory CISO, 1Password, 1Password

Dave is the Global Advisory CISO at 1Password. He brings over 30 years of industry experience, extensively in IT security operations and management, at companies such as Akamai, IBM, Duo Security, Cisco, and AMD. He is also the founder of the security site Liquidmatrix Security Digest as well as host of the Liquidmatrix, Plaintext, and Chasing Entropy podcasts. Dave currently serves on the board of directors for BSides Las Vegas and the advisory board for the Black Hat Sector Security Conference. He co-founded the BSides Toronto conference and was a goon on the speaker operations team for DEF CON for over 13 years. He previously held a board position at (ISC)². For fun, Dave loves playing bass guitar, grilling, and spending quality time with his kids. He’s also a part owner of a whisky distillery and a soccer team.

The Lingering 'Beige Desktop' Paradox

Education, including K-12 schools and universities, has become the third most targeted sector due to the high variety of sensitive data it stores in its databases.

Source: SeventyFour Images via Alamy Stock Photo

Malicious actors are increasingly targeting K-12 and higher education institutions, an "industry of industries" as Microsoft's new report calls it, due to the immense amount of private data that these enterprises handle.

From information regarding financial data to health records and other sensitive information, hackers have a host of pickings to choose from if they are successful in their exploitation attempts, Microsoft's Threat Intelligence report explained.

"The combination of value and vulnerability found in education systems has attracted the attention of a spectrum of cyberattackers — from malware criminals employing new techniques to nation-state threat actors engaging in old-school spy craft," Microsoft said.

Education as an industry faces a variety of issues that prompt attacks from hackers: security staffing limitations; difficult-to-secure IT systems; virtual/remote learning environments; extensive QR code usage; open email systems; lack of funding; and more. There's also the issue of users — some as young as 6 years old — who are too young to know safe cybersecurity habits and are liable to compromise a network. 

The education sector deals with an average of 2,507 attempted cyberattacks on a weekly basis from nation-state groups to ransomware gangs, with universities especially presenting their own unique challenges due to the culture of sharing information, research, and innovation, Microsoft found.

Some of the nation-state actors that Microsoft highlights are Peach Sandstorm, Mint Sandstorm, Mabna Institute, Emerald Sleet, and Moonstone Sleet, with an honorable mention for Storm-1877, which is still in development. 

Education institutions can protect themselves from these threats by implementing a new security curriculum, such as maintaining and scaling core cyber hygiene, prioritizing cyber awareness at all levels, whether students, IT staff, or faculty. Microsoft also advised hardening overall security posture as well as centralizing the technology stack, and implementing better monitoring procedures to get a clear picture of security posture and potential vulnerabilities.  

Microsoft highlighted some institutions such as Oregon State University and the Arizona Department of Education, which are both doing noteworthy jobs of implementing an ace cyber posture. The former's progress came in response to a major cybersecurity incident, prompting its Security Operations Center (SOC) alongside the help of AI and automated capabilities; the latter which focuses on zero-trust principles by blocking any traffic outside of the US from its 365 environment, Azure, and data center.

Microsoft: Schools Grapple With Thousands of Cyberattacks Weekly

Attackers can introduce a malicious document in systems such as Microsoft 365 Copilot to confuse the system, potentially leading to widespread misinformation and compromised decision-making processes.

Source: Mopic via Shutterstock

Attackers can add a malicious document to the data pools used by artificial intelligence (AI) systems to create responses, which can confuse the system and potentially lead to misinformation and compromised decision-making processes within organizations.

Researchers from the Spark Research Lab at the University of Texas (UT) at Austin discovered the attack vector, which they've dubbed ConfusedPilot because it affects all retrieval augmented generation (RAG)-based AI systems, including Microsoft 365 Copilot. This includes other RAG-based systems that use Llama, Vicuna, and OpenAI, according to the researchers.

"This attack allows manipulation of AI responses simply by adding malicious content to any documents the AI system might reference," Claude Mandy, chief evangelist at Symmetry, wrote in a paper about the attack, which was presented at the DEF CON AI Village 2024 conference in August but was not widely reported. The research was conducted under the supervision of Symmetry CEO and UT professor Mohit Tiwari.

Given that 65% of Fortune 500 companies currently implement or are planning to implement RAG-based AI systems, the potential impact of these attacks cannot be overstated," Mandy wrote. Moreover, the attack is especially dangerous that it requires only basic access to manipulate responses by all RAG-based AI implementations, can persist even after malicious content is removed, and bypasses current AI security measures, he said.

**Malicious Manipulation of RAG**

RAG is a technique for improving response quality and eliminating a large language model (LLM) system’s expensive retraining or fine-tuning phase. It adds a step to the system in which the model retrieves external data to augment its knowledge base, thus enhancing accuracy and reliability in generating responses without the need for retraining or fine-tuning, the researchers said.

The researchers chose to focus on Microsoft 365 Copilot for the sake of their presentation and their paper, even though it is not the only RAG-based system affected. Rather, "the main culprit of this problem is misuse of RAG-based systems … via improper setup of access control and data security mechanisms," according to the ConfusedPilot website hosted by the researchers.

In normal circumstances, a RAG-based AI system will use a retrieval mechanism to extract relevant keywords to search and match with resources stored in a vector database, using that embedded context to create a new prompt containing the relevant information to reference.

**How the Attack Works**

In a ConfusedPilot attack, a threat actor could introduce an innocuous document that contains specifically crafted strings into the target’s environment. "This could be achieved by any identity with access to save documents or data to an environment indexed by the AI copilot," Mandy wrote.

The attack flow that follows from the user's perspective is this: When a user makes a relevant query, the RAG system retrieves the document containing these strings. The malicious document contains strings that could act as instructions to the AI system that introduce a variety of malicious scenarios.

These include: content suppression, in which the malicious instructions cause the AI to disregard other relevant, legitimate content; misinformation generation, in which the AI generates a response using only the corrupted information; and false attribution, in which the response may be falsely attributed to legitimate sources, increasing its perceived credibility.

Moreover, even if the malicious document is later removed, the corrupted information may persist in the system’s responses for a period of time because the AI system retains the instructions, the researchers noted.

**Victimology and Mitigations**

The ConfusedPilot attack basically has two victims: The first is the LLM within the RAG-based system, while the second is the person receiving the response from the LLM, who very likely could be an individual working at a large enterprise or service provider. Indeed, these two types of companies are especially vulnerable to the attack, as they allow multiple users or departments to contribute to the data pool used by these AI systems, Mandy noted.

"Any environment that allows the input of data from multiple sources or users — either internally or from external partners — is at higher risk, given that this attack only requires data to be indexed by the AI Copilots," he wrote.

Enterprise systems likely to be negatively affected by the attack include enterprise knowledge-management systems, AI-assisted decision support systems, and customer-facing AI services.

Microsoft did not immediately respond to request for comment by Dark Reading on the attack's affect on Copilot. However, the researchers noted in their paper that the company has been responsive in coming up with "practical mitigation strategies" and addressing the potential for attack in its development of its AI technology. Indeed, the latter is key to long-term defense against such an attack, which depends on "better architectural models" that "try to separate the data plan from the control plan in these models," Mandy noted.

Meanwhile, current strategies for mitigation include: data access controls that limit and scrutinize who can upload, modify, or delete data that RAG-based systems reference; data integrity audits that regularly verify the integrity of an organization's data repositories to detect unauthorized changes or the introduction of malicious content early; and data segmentation that keeps sensitive data isolated from broader datasets wherever possible to prevent the spread of corrupted info across the AI system.

**About the Author**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

ConfusedPilot Attack Can Manipulate RAG-Based AI Systems

By combining human and nonhuman identity management in one solution, Flock Safety is helping law enforcement solve an impressive number of criminal cases every day.

Source: ArtemisDiana via Alamy Stock Photo

When Jerrid Powell went on a shooting spree in Beverly Hills last year, he had no idea what he was up against. Law enforcement used Flock Safety's evidence-based crime-solving technology to help locate him. Powell was quickly apprehended and is now behind bars.

Flock Safety is a success story. In less than six years, the native-cloud company has become one of the country's largest public safety technology vendors. It plays a part in solving 10% of crimes in the United States, equating to about 2,000 cases per day, according to a report from the company and validated by independent criminology researchers. It does this by analyzing a vehicle's "fingerprint" using object detection and machine learning, focusing on everything from license plates to bumper stickers.

With so many law enforcement agencies relying on its technology, Flock Safety puts security first. That means securing the identity of its user accounts, along with 1,000 employees and a fleet of cameras, video cameras, and audio detection devices.

From the beginning, Flock Safety has been using Okta for human identity management against its corporate systems, like Salesforce, Google, and Amazon Web Services. Using Okta's customer and workforce identity cloud technology, employees, customers, and contractors authenticate themselves by entering their credentials. It also uses Okta subsidiary's Auth0 to authenticate Internet of Things devices, like cameras, to its FlockOS and devices.

"Imagine a network of cameras, drones, and gunshot detection devices across the United States," explains Eric Tan, the company's CIO and chief security officer. "Each one of those devices has a unique ID and secret associated \[with\] the device that's calling home to the mothership to authenticate and pass on images or videos."

Flock Safety's approach is comprehensive. Alfredo Ramirez, a senior director and analyst of security and emerging technology at Gartner, says that while most companies do use some type of modern technology for employee authentication, they are often less successful at handling nonemployee identities or correlating all of them across connected corporate applications.

**Covering All Bases**

While Tan is quite satisfied with the protection Okta and Auth0 are providing, he noticed that as Flock Safety's customer base and reach grew, it needed to expand past authentication into the realm of authorization. Essentially, authentication is the first step in identity management, but higher levels of security require authorization, which moves beyond identity verification to determining users' levels of access and granting access based on those levels.

"When an identity or user account authenticates onto our platform, we know we're covered, but what we don't know is where that identity is going once it's on the platform," Tan explains. "That's what we wanted to address."

With that goal in mind, Tan found Permiso Security, a cloud security company that had recently branched into identity management. With its ability to track both human and nonhuman identities across authentication boundaries, Permiso's Universal Identity Graph seemed like it could bridge the gap between authentication and authorization for Flock Safety.

Tan looks at it this way: "Auth0 and Okta are important preventative solutions, but Permiso is more like a motion detector system in a house. I want to know who or what is coming into all of the different rooms, and if anything looks off, I want it to let me know."

This is the first year where vendors are going to market claiming to be able to discover and secure all nonhuman identity types, but very few claim to be able to handle securing both human and nonhuman identities within the same solution, Gartner's Ramirez says. Most, like Permiso, are using some sort of graph database technology, unlike incumbent identity vendors.

Over the next three to five years, Ramirez expects incumbent identity security vendors to build, buy, or partner for nonhuman identity solutions to complement their human identity solutions. In addition, he expects startups to continue to advance in this area.

**Looking Ahead**

For Flock Safety, the time to get this up and running is now. Through an API, Permiso's solution can see the identities in Auth0 and Okta. Flock Safety also exposes the API to some of its more critical systems, like Google Workspace or GitHub, so it can monitor for suspicious activity.

"If one of our cameras were to call home and eventually grant themselves access to our GitHub source code library, that would be really odd. Permiso would pick that up," Tan explains. "Similarly, if you had an employee who was a field technician, and that person's user account was granted additional permissions or elevated access within our Google Active Directory or Workspace environment, it would alert us and automatically quarantine them."

Tan is considering adding Astrix Security's nonhuman identity security platform for real-time discovery and mitigation of breaches by nonhuman identities. He's currently evaluating the tool.

"For example, if there is a test API account connected to our GitHub instance with elevated privileges that the team isn't tracking, I would have the team either shut it down, reduce the privileges, or make it authenticate through Auth0," Tan says.

While it might seem like Flock Safety is adding a surprising number of identity-related security tools into its stack, it's always better to be as prepared as possible, Tan says.

"The concept of solving for nonhuman identity risks is still in the early innings, similar to LLM risks," he says. "The idea is to pick a handful of early innovators and compare the results. In my experience, they're usually always different, allowing us to think about the various threat vectors."

**About the Author**

Contributing Writer, Dark Reading

Karen D. Schwartz is a technology and business writer with more than 20 years of experience. She has written on a broad range of technology topics for publications including ITProToday, CIO, InformationWeek, GCN, FCW, FedTech, BizTech, eWeek, and Government Executive.

Source

DARKReading