The annual RSA Conference is nearly San Francisco’s biggest yearly trade show. Only the immense DreamForce conference put on by Salesforce beats RSAC size-wise. Not one of this year’s 40,000 attendees could possibly absorb all the knowledge shared at this conference, but we tried to hit the high spots. Here’s what we saw.
AI as Villain, Savior, and Victim
As in almost every field these days, AI was a major buzzword at RSAC 2024.
Google DeepMind Research Lead Elie Bursztein presented a Google study on using AI against phishing frauds. Google’s Gemini detected 91% of fraudulent emails, though a special-purpose AI was more efficient and accurate. The team concluded that generative AI is better at explaining why a given email is suspicious versus actually flagging malicious messages.
A generative AI chatbot shouldn’t tell you how to make a bomb or work up fake nude pictures of celebs. Chatbot companies devise guardrails, called alignments, to suppress these responses. And researchers have found a way to create adversarial text additions that break the guardrails. Their attacks look like a weird conglomeration of words and punctuation. In a recent twist, they created a Large Language Model that could produce these adversarial attacks, which means it should also be possible to detect and defend against such attacks.
As soon as it became clear that ChatGPT and its ilk could write code, some pundits predicted a scourge of AI-written malware. Researcher Vicente Diaz, representing Google’s VirusTotal division, reports there’s been no evidence of AI-written malware, at least not yet. VirusTotal is a huge catalog of known malware and receives new samples for analysis continually. Diaz suggested that extremely sophisticated malware, beyond human coding abilities, could be a sign it was AI-created.
With this fall’s election comes a heightened danger of disinformation spread through deepfake videos. At an offsite one-on-one meeting, McAfee CTO Steve Grobman demonstrated technology that can detect deepfakes strictly by analyzing the audio track. While the system works on any modern CPU, it’s both more efficient and more accurate when backed by an Intel NPU There’s no product at this time, but developers are working on a consumer-friendly interface. In a mockup of the interface, a simple percentage overlay showed the likelihood of the video behind it being fake.
Impressive Representation From the Feds
At his keynote, Secretary of State Anthony Blinken proclaimed a transformative vision, but most attendees we spoke with considered it “more of the same,” and many said they got more out of the intro by Matthew “WarGames” Broderick. Blinken proposed international cooperation, while keeping competitors from misusing our tech, describing a “small yard high fence” stance. The real message here, even more than Blinken’s words, is the fact that the administration considered RSAC important enough to send the Secretary of State.
US Homeland Security Secretary Alejandro Mayorkas also presented a keynote, focused on AI. Mayorkas addressed concerns about bias emerging in machine learning, and promised that government agencies will head off AI threats to civil liberties. He offered details on using AI by government agencies in enforcement, such as taking down drug gangs. But he also pointed out situations in which AI could help people, such as aiding those hit by disaster to wade through FEMA applications and working with those applying for citizenship.
Globally famous security expert Bruce Schneier reiterated that AI could aid citizens with tasks like completing government paperwork and wading through benefits backlogs. In his well-attended talk on AI and democracy, he expressed optimism that AI can be a positive force. Examples ran the gamut, from using AI in place of overworked public defenders to giving each citizen a representative AI rather than electing politicians to represent us. Schneier wound up with the admonition: “AI is coming for democracy. Let’s tilt things toward the positive.”
Passkeys Gain Ground
In an off-site meeting, Trend Micro VP of Strategy Eric Skinner reviewed a type of attack that can defeat many multi-factor authentication (MFA) techniques. Called attacker-in-the-middle, it’s a variation on a standard phishing attack. Once you log into the fake site, the attacker passes your credentials to the original. When you enter the MFA code, the attacker captures that and logs into your account. Even so, Skinner recommends MFA as better than nothing, but suggests that going forward we should use passkeys in place of MFA whenever possible.
In a separate meeting, 1Password Chief Product Officer Steve Won touted that company’s passkeys.directory site, which lists all the places you can use passkeys. He explained that 1Password is the leading provider of passkeys, ahead of Apple, Microsoft, and Google. “We have more experience on Android than Apple and more experience on Apple than Google,” he noted.
Ransomware Gangs Run on Reputation
For more than 30 years, starting with the very first computer viruses, WithSecure Chief Research Officer Mikko Hypponen has been collecting and scrutinizing malware. In a lively talk, Hypponen traced the rise of ransomware from simple consumer hacks to corporate attacks netting millions of dollars.
Ransomware gangs earn more money than most startups, leading Hypponen to call them “cybercrime unicorns.” A reputation for being honest criminals enhances their power. A failure like the widespread WannaCry worm diminishes that power, as does any government takedown of gang leaders. “Cybercrime is organized crime,” concluded Hypponen, “and fighting crime is nothing new.”
Former NSA Director of Cybersecurity Rob Joyce and his successor, Dave Luber, echoed the importance of reputation to ransomware gangs, especially given that Russia won’t extradite ransomware gangsters. They explained that when the government takes down a ransomware operation, the gangsters have a problem restarting it. Affiliates don’t know whether it’s real or an FBI front. Sowing distrust erodes the gang’s reputation.
In between the several hundred informative sessions, RSAC attendees had the opportunity to wander through not one but two Expo Halls, showcasing security technology at all levels.
For more about the conference, visit our RSAC landing page.
This post was originally published on 3rd party site mentioned in the title of this site