Category: News

Posted on

AI and Information Security – should we be afraid of it?

By now, every teenager who needs help with homework got their access to ChatGPT 🙂 Also, some of my developer friends are trying to cut down on debugging time by using it. But many people are afraid of artificial intelligence – will it escape our control and start fighting us? Will it create more (and credible) fake news?

What will it do to Information Security? Will I be able to ask “is X company secure” and get a detailed answer? Most likely, especially if that company has been in the news for security breaches. But most importantly, AI will become, in the future, a second pair of eyes over our shoulders and see what we missed, because we humans are far from perfect…

Will a hacker be able to learn detailed techniques quicker? I asked the “machine” and here is what I got back:

Q: Show me a SQL injection code

A: As an AI language model, I cannot provide you with an actual SQL injection code since such code can be used for malicious purposes. SQL injection is a type of cyber attack that exploits vulnerabilities in the application layer to execute malicious SQL statements. It can cause significant harm to a website or a database and put sensitive information at risk.

It’s important to note that SQL injection is illegal and unethical, and any attempt to exploit such vulnerabilities can result in serious consequences, including legal action.

Instead of providing a SQL injection code, I would recommend developers and website owners to take proactive measures to prevent SQL injection attacks. This includes using prepared statements with parameterized queries, validating user input, and implementing input sanitization techniques to ensure that user input does not contain malicious code.

As we can see, we are safe so far – the system is not malicious 🙂 Therefore, the answer is that AI will be what we want it to be – good or bad. Let’s hope it will stay on the good side!

Posted on

Security in the time of COVID-19

It’s almost 2021 and we’ve experienced something unthinkable this year… A devastating pandemic, lives turned upside down, social relationships changed forever. While we learned how to deal with this new reality and tried to protect our health, let’s think a bit of how it impacted IT security.

Most of us who can, now work from home. Many businesses had to learn how to quickly allow their employees to do it. And with that, of course came security issues. Issues with video conferencing platforms like Zoom, with how to secure remote premises and so on.

Many managers had to quickly update their thinking and accept that people can actually be productive when working remotely. Or maybe they were forced to accept it for now only… Life is short, and some commutes are really hard – so when would we start putting people first? Not only during pandemics hopefully.

How did it go on the breaches side? Ransomware attacks have become the norm, affecting schools and hospitals, some of the online newbies of the pandemic world. Is this issue with applying patches so difficult to tackle? What about running an anti-malware program? It’s almost as basic as washing hands and wearing masks, but it can save us from a lot of trouble. Unfortunately, just as controversial and ignored in many places. “We’re too busy to apply patches” – but do we prefer to pay ransom to hackers instead?

Working remotely means your endpoints (employee laptops) should be secure and ready to work in any environment. It means your corporate apps and communications software have to offer encryption of all remote access, and you should actually verify it is in place end to end. Vendor management should include security due diligence, so you can discover any issues before signing on the dotted line… Multi-factor authentication should become a must and the zero trust model quickly adopted – can I trust an employee’s personal device knowing it could be infected with malware?

Many new lessons here… solutions are always there. And a new year is around the corner – so let’s hope for the best!

Proudly powered by WordPress