Thu Mar-21-2024: AI Hacking March Madness Bets, Tech Support Scam, Ransomware Battles, EU & Broadcom

[00:00:00] It's Thursday, March 24, 2024 and I'm Dave Sult-4, things to know today.

[00:00:07] AI hacking on March madness bets and rising cyber frauds, a costly season for US businesses,

[00:00:15] ransomware gangs, ego battles and stolen password tactics unveiling the chaos behind the cyber

[00:00:21] threats.

[00:00:22] Tech support scams leading to a $26 million FTC settlement highlighting a need around industry

[00:00:28] standards and EU cloud a trade body calls for an investigation into Broadcom's VMware

[00:00:35] licensing changes, citing market harm.

[00:00:39] This is the Business of Tech.

[00:00:43] Are you and your clients tired of the time consuming ticket tennis of coordinating meetings

[00:00:49] and health desk calls?

[00:00:51] Wouldn't it be better to automate this process with a tool that connects directly to ConnectWise

[00:00:57] manage or auto tasks?

[00:01:00] Times S offers scheduling automation that gives you complete control of your schedule and

[00:01:05] eliminates the hassle of calendar ping pong.

[00:01:09] As the only service design specifically for MSPs, it integrates into your workflow and

[00:01:14] makes scheduling appointments easy on you and your clients.

[00:01:19] Plus, you can try Times S for free.

[00:01:23] At TimesS.com slash MSP radio and use the code MSP radio to get 10% off your first year

[00:01:31] of Times S.

[00:01:35] The NCAA's March madness began today.

[00:01:38] Now this isn't a sports show, but you knew a tech angle was coming, right?

[00:01:44] Data released by AdVisex indicates that AI hacking of March madness betting is expected

[00:01:50] to cost US companies record amounts in 2024 with an estimated revenue loss of over $18.3

[00:01:57] billion.

[00:01:58] Seasonally, we're also in the tax season in the US.

[00:02:02] Microsoft warns of a fishing campaign targeting earlier tax filers where malicious emails

[00:02:08] containing a blurred document lead users to a fake website, clicking on the attachment

[00:02:13] installs malware that steals account credentials.

[00:02:16] First, trick vulnerable taxpayers using social engineering techniques, AI-generated emails

[00:02:22] and deep-bake images.

[00:02:24] According to the FBI's annual internet prime report, Americans lost a record of $12.5

[00:02:30] billion to online fraud last year with investment fraud and cryptocurrency scams being the most

[00:02:37] damaging type of crimes.

[00:02:40] Business email compromised scams and ransomware attacks also contributed to the alarming

[00:02:44] increase in cyber fraud.

[00:02:47] However, the report highlighted the positive effects of the IC3's Rectuary asset team

[00:02:53] increasing over $538 million and recovering more than 70% of funds in some instances.

[00:03:02] According to more FBI data, Americans lost approximately $1.3 billion in 2023 to scammers

[00:03:08] impersonating government officials or tech support agents.

[00:03:13] These scams have increased with losses growing more than 7-fold since 2019.

[00:03:20] Tech support scams in particular have significantly increased, and older people are more vulnerable

[00:03:26] to them.

[00:03:27] In-personation scams have become easier due to generative AI tools and the popularity of

[00:03:32] remote work.

[00:03:33] And relevant to this audience per a threat report from Red Canary, IT help desk workers

[00:03:38] are increasingly targeted by cyber criminals who often impersonate employees to request

[00:03:43] changes to identity and access management controls.

[00:03:47] These attacks can lead to the takeover of user accounts, data theft, crypto mining or

[00:03:52] destructive attacks.

[00:03:54] Sophos has released its 2024 threat report, highlighting the major cyber threat small and

[00:04:00] medium-sized businesses' fakes.

[00:04:02] The report reveals that keyloggers, spyware and stealers accounted for nearly 50% of malware

[00:04:08] detections for SMBs in 2023.

[00:04:12] Initial access brokers also use the dark web to target SMB networks or sell access

[00:04:17] to already compromised networks.

[00:04:20] Ransomware remains the biggest threats to SMBs with Lockbit, Akira and Blackcat identified

[00:04:26] as the top ransomware gangs.

[00:04:28] Business email compromise attacks are also increasing in sophistication with attackers

[00:04:33] engaging in conversational emails and using new formats for malicious content.

[00:04:39] Why do we tear?

[00:04:42] Seasonal tie-ins are useful to keep the threat top of mind, although I'll temper that by

[00:04:46] noting the constant threat level.

[00:04:48] My key insight is this, cybersecurity is an ongoing base service offering, and you'll

[00:04:53] want to temper it with a solid basic hygiene strategy.

[00:04:58] Most businesses should do that.

[00:05:01] As in law enforcement appear effective too, a 70% recovery level is a pretty good number

[00:05:07] with some room for improvement.

[00:05:11] So let's talk about the threat actors on the other side.

[00:05:14] From Axios, according to experts, ransomware attackers are often ego-driven and willing

[00:05:19] to scam each other.

[00:05:21] They are not the organized criminal masterminds that organizations may perceive them to be.

[00:05:27] Recent incidents such as the self-implosion of the ransomware gang behind the attack on

[00:05:31] change healthcare highlight the infighting and lack of trust among cybercriminals.

[00:05:37] Entry level hackers have become more valuable in the ransomware as a service model, leading

[00:05:42] to constant infighting between operators and relance hackers.

[00:05:46] Victims should be aware that paying the ransom does not always guarantee the deletion

[00:05:50] of stolen data, and there may need to be a shift in mindset to stop paying and encourage

[00:05:56] cybercriminals to change their tactics.

[00:05:59] Hackers increasingly rely on stolen passwords and legitimate user accounts to infiltrate companies,

[00:06:05] being it harder to detect their activities.

[00:06:08] Reports from CrowdStrike and IBM highlight the growing trend of hackers using passwords

[00:06:13] tamed from data breaches.

[00:06:15] Using stolen passwords and account sessions has been the root cause of high-profile attacks,

[00:06:20] emphasizing the need for stronger security measures such as multi-factor authentication

[00:06:25] and implementing a zero-trust security framework.

[00:06:29] Why do we care?

[00:06:31] I focus on using the cybercriminal and organized crime persona to reinforce that attackers

[00:06:37] are systemized and more professional than the lone wolf basement script kitty persona

[00:06:43] often stuck in business leaders mind.

[00:06:46] Tony soprano as organized crime is a useful mental model.

[00:06:50] Tommy Shelby and Peaky Blinders works too.

[00:06:53] Remember the part of that persona is the frequent fighting and infighting between and within

[00:07:00] gangs.

[00:07:01] No arm among thieves is a saying for a reason.

[00:07:04] It doesn't make them less effective.

[00:07:08] Two tech support companies have agreed to pay $26 million to settle charges from the

[00:07:14] Federal Trade Commission for scamming people into buying unnecessary computer repair services.

[00:07:20] The companies use deceptive marketing schemes, targeting primarily older adults and lured

[00:07:26] victims through pop-up ads for free virus scans.

[00:07:30] The scammers then convinced victims to purchase repair plans and download software that gave

[00:07:34] them remote access to the victim's devices.

[00:07:37] And about a loan in distrust.

[00:07:40] From the information Microsoft's security breaches have raised concerns among its biggest customers,

[00:07:46] particularly in the US government.

[00:07:48] After a series of hacks exploiting Microsoft software, the US State Department has started

[00:07:53] moving its data to servers of other cloud providers like Amazon Web Services and Meal Cloud.

[00:08:00] The agency is also considering larger cloud deals with those rivals.

[00:08:05] The UK government failing to address the national cyber threat posed by ransomware is causing criticism.

[00:08:11] The government rejected key recommendations from a parliamentary committee report, including

[00:08:16] stripping the home office of its responsibility to tackle ransomware.

[00:08:20] The committee expressed deep concerns about the government's lack of preparation and planning,

[00:08:25] stating that the UK remains exposed and unprepared in the face of this threat.

[00:08:31] Why do we care?

[00:08:34] Remember, those companies look the same as yours from a customer perspective.

[00:08:39] There's no licensing, there's no industry validation.

[00:08:42] The person who cuts my hair has more licensing requirements than those responsible for my

[00:08:47] data integrity.

[00:08:49] That said there are laws violating them as a distinct bar for conduct, and governments

[00:08:55] are both critical and criticized in this space.

[00:09:01] The Broadcom and VMware story continues to evolve.

[00:09:05] Broadcom is facing criticism from a European cloud trade body, CISPE, over changes it made

[00:09:12] to VMware licensing structures.

[00:09:15] CISPE is hauled for an investigation into Broadcom's action, claiming the changes will harm

[00:09:21] the region's cloud infrastructure.

[00:09:24] Broadcom's acquisitions of VMware in 2023 has simplified software licensing with customers

[00:09:29] being pushed toward a subscription only model.

[00:09:33] CISPE argues that this move, coupled with dramatic price hikes, is holding the sector to

[00:09:38] ransom and limiting customer choices.

[00:09:41] The trade body is called for Broadcom to be recognized as a designated gatekeeper under

[00:09:46] the Digital Markets Act.

[00:09:49] Why do we care?

[00:09:51] I'm slightly out of order for those on the podcast feed as I also covered their new white

[00:09:56] label option on the live show yesterday that will drop in this feed on the weekend.

[00:10:01] We need a really steppin' at Broadcom.

[00:10:03] Is it illegal?

[00:10:04] I don't think so, but I'm not a lawyer and especially not an EU-what.

[00:10:09] Just note that making this significant change to your business model is diff-

[00:10:14] Well, there's many breaches and security concerns as I report in this show, it should be obvious

[00:10:21] that cybersecurity is not just about technology, but also the human expertise needed to interpret

[00:10:27] and respond to complex threats.

[00:10:30] Huntress is focused on elevating SMBs and MSBs around the world.

[00:10:36] Huntress has a suite of fully-managed cybersecurity solutions powered by a 24x7 human-led sock,

[00:10:43] dedicated to continuous monitoring, expert investigation, and rapid response.

[00:10:48] And the proof is the execution.

[00:10:50] Huntress is the number one rated EDR for SMBs on G2.

[00:10:56] Want to know more about the platform?

[00:10:58] Visit huntress.com slash MSB Radio to learn more.

[00:11:04] Thanks for listening, it's National Common Cardicy Day.

[00:11:08] That's what I think we should do every day.

[00:11:11] Have a question you want answered?

[00:11:12] We take lists or questions, send them IPL is a voice-memor video to question at msbradio.com.

[00:11:18] I answer those lists or questions live each week on our Wednesday live show on YouTube

[00:11:22] and LinkedIn.

[00:11:23] Next week, 3pm.

[00:11:24] You got a comment or a thought, put it in the comments if you're on YouTube or reach

[00:11:28] out to me on LinkedIn if you're listening to the podcast.

[00:11:30] I'll talk to you again tomorrow.

[00:11:34] The business of tech is written and produced by me Dave Sobel under ethics guidelines

[00:11:39] posted at businessof.tech.

[00:11:41] If you liked the content, please make sure to hit that like button, follow or subscribe.

[00:11:47] It's free and easy and the best way to support the show and help us grow.

[00:11:52] You can also check out our Patreon where you can join the businessoftech community

[00:11:56] at patreon.com slash MSB Radio or by our Why Do We Care Merch at businessof.tech.

[00:12:04] Finally, if you're interested in advertising on this show, visit mspradio.com slash engage.

[00:12:12] Once again, thanks for listening to me and I will talk to you again on our next episode

[00:12:17] of the businessoftech.

[00:12:21] Part of the MSP Radio Network.