AI-powered/designed malware bots may be coming after everyone

In the current issue of the Ask Woody newsletter, I saw this item titled Bot-powered attacks will evade many antivirus programs, and we all should be very concerned …

Ernie

I thought that had closed years ago after Brian livingstone took over, I used to read every edition but fell out of love with Microsoft so no longer needed

No … still alive and keeping-on … website

Ernie

I read your link, it says

" state-sponsored malware attacks"

what does that mean . Is the government becoming an originator of malware?

It is a good thing Windows is there to absorb most of the brunt of these new AI generated attacks.

EDR sounds like a desperate last ditch defence. Cant we simply not allow any outside access to home computers?

It’s a depiction of malware attacks by state-sponsored cracker (original term for Black-hat hackers) groups.

The attacks being described are AI-generated and may be exploiting zero-day vulnerabilities, and they may be able to bypass most or all LAN-based and computer-based defenses. That’s why the potentially coming threats are so concerning.

It is, and it’s also prohibitively expensive - one I cannot afford, so all I can do is wait and see, and hope that daily restarts and image backup restorations can help to mitigate these new threats.

Ernie

I doubt if they can bypass NAT. If you dont publish your IP they can not find you.

If you want to improve on that , stick a second computer with another NAT barrier between your computer and the modem.

Only let sshd listen to the interfaces you want it to, and certainly not the modem interface. If you dont use sshd disable it.

These are just examples and are not meant in any political or against any country …

There has always been talk of this type of thing from the start of the cold war, Russia is spying on America who is spying on China who is spying on … don’t use kerspinski anti virus as its russian, don’t use avg, avast, because they are all the same funding by … so just change spying to malware, blame the antiviral products.

Think at a high level the malware, spy attacks exist from the opposition country but with the amount of data being passed today against 20 years ago, most home users are not that interesting to watch or attack. Cannot imagine a country interested in picking up Fred for the football is useful, nor is planting malware on my computer.

Yes the problems exist with virus on windows hopefully we are not going to see the same movement towards linux

I only posted the item because the issue sounded serious enough for as many people as possible to be aware of. I can’t vouch for the item’s content, or whether what’s already in place can defend against the exploits that may be in the offing. The one thing I do know is that AI capabilities are rapidly improving, and that most, if not all agents will soon be able to identify unpatched/unknown vulnerabilities very quickly, and that soon after, they will be able to produce exploits for those vulnerabilities. As far as I’m concerned, the best hope is that both open and closed source vendors add protections for these potentially upcoming threats before they arrive in too great of numbers ,

Ernie

AI bot is coming … for Everyone!

Sounds a bit scary to me so …

Repent and turn off your PC.

Better unplug it as well.

I quite often tell clients on how to stop getting virus issues on windows to do the same, best advic go back to the library read a book, write a letter… then spend hours looking for a post office that is open and sells stamps.

It is today almost impossible to conceive of using a PC without an internet connection. No updates, no email, no browsing … it becomes just a calculator.

We could get by without IOT devices, and they are apparently a soft attack surface.

We need to look into more secure modems, as that is a single point of entry to a home system that cannot be bypassed.
Can one do anything to configure current modems better?

No! Be vigilant, and back-up your system,

Ernie

I have my Wi-Fi 7 router configured to ignore all incoming connection requests, so my home LAN’s effectively invisible on the Internet. If your router doesn’t respond to IP scans in any way, not even refusing them, the scanners have no way of detecting your presence. If you want to check how your Modem/router’s configured go to GRCs Shields Up! website. You can have your computers IP address scanned in a variety of ways (just read and follow) to discover any weaknesses, and hints at how to fix them.

As for Wi-Fi, I use the Wi-Fi 3 protocols for its increased security over Wi-Fi 2. As far as I know, the above’s about all we can do for our home Networks, and it’s been good enough for me so far.

Ernie

This item mentions the kernel in linux effected, not AI exploited but a cause of concern, android as well

That’s cool! Timing’s everything, isn’t it?

Ernie

Backing up your system and data is the Golden Rule.

I am surprised when some Linux users do not have a backup.

Me too! I learned that lesson way back in my MS-DOS 3.1 days when I contracted a virus from a file I downloaded from a BBS. Since I had no antivirus app installed, I erased my disk and re-installed MS-DOS. After rebuilding my system, I did my research and found a free backup app and a tool that I could put on a CD and use it to wipe my drive when needed. I can’t recall their names anymore, but they were fairly well know names at the time. That was also when I discovered Norton Antivirus - before it was bought by Symantec.

Ernie

I worked in IT (back then at was called Data Processing) back in the 70’s. Part of the nightly billing process was to backup the file after the billing programs ran. The backup was to reel tapes that then were stored in a fire proof vault in another wing of the building.

Later on, the tapes would be shipped off-site each morning for even safer storage.

That’s cool! Timing’s everything, isn’t it?

Ernie

Yeah! Especially since I was considering paying a local company a few 100 to set it up for me!

When I worked for Purolator Courier, I carried similar tapes for several companies, locally!