First published: 17th September 2020
The Association of Anti-Virus Asia Researchers (AVAR) held a Cyber Conclave on 17th September 2020 from 10:00 to 13:00 IST (12:30 to 15:30 HKT). The online meeting featured a keynote speech and three papers, covering Artificial Intelligence in Cyber Security and Mobile Security and Vulnerability. Although the first AVAR Cyber Conclave was a face-to-face meeting, held in Bengaluru in 2019, the current COVID-19 pandemic situation made it necessary this short-format meeting online.
AVAR CEO Mr. J Kesavardhanan welcomed the participants and contrasted the dual role of modern communications during the pandemic. Beneficially, as a means to keep people in-touch, with emotional and psychological support, and as a means of cooperation for researchers and health workers to fight the virus, but also to our detriment, with cyber attacks increasing and criminals specifically targetting response efforts including hospitals and WHO. There are even suspected nation state attacks, targetting theft of vaccine research. This makes cyber security something we must do, and cooperation is a force multiplier, which is why AVAR exists. AVAR is not high profile, we don't notice the attacks that were thwarted.
In the Keynote Speech, Mr. Vinayak Godse, VP of the Data Security Council of India, advocated Intelligent Security with a move from security based on static controls to using data and intelligence to drive actions. The key concepts involve governance (ensuring attention to issues), where to decide and enforce policies and orchestration of the response over the necessary breadth and depth of elements.
Mr. Aashiq Ramachandran demonstrated how artificial intelligence transforms social engineering and phishing attacks by transcending the traditional limitation of attackers having to choose between a generic, mass attack and a spear phishing approach that is difficult to scale. He showed that the open source natural language AI GPT-2 (Generative Pretrained Transformer 2) can be weaponised to read social media and respond in a naturalistic way, with the potential to distribute malicious links, conduct intelligence gathering or run disinformation campaigns. This AI-generated content is generally not recognised as bot activity by bot detectors.
Mr. Smit Kotadiya, Cyber Security Consultant at Check Point Software Technologies, identified AI Security as one of the top six trends in the future of cyber security. Tracing the development of AI from its conception in the 1950's to our immersion in various types of AI in our daily lives, he emphasised the difference between classical machine learning and deep machine learning. There is a continuous evolution between attacks and defences and a hypothetical AI malware could only launch its payload when it recognised the targetted victim's face on camera.
The final speaker, Mr. Lukas Stefanko, Malware Researcher at ESET, gave an update on the latest COVID-19 - themed Android attacks. At the start of the pandemic there were a lot of fake websites and malicious apps offering fake advice, infection heatmaps and virus-tracking. As the pandemic developed, all types of malware got involved. Some ransomware posed as fake tracking apps and were very unsophisticated, actually using the same unlock key for all victims. Metasploit was utilised to trojanise genuine apps into malicious variants. Banking trojans were particularly prevalent, posing as COVID-19 help apps. The speed of response at the start of the pandemic and the involvement of all types of Android malware producers are notable. Out stay home behaviour during the pandemic makes us more vulnerable, and to stay safe we should only download from the Google Play Store.
The AVAR Conference will also be held virtually this year, on 3rd to 5th December. Full details are at the AVAR website.
Updated: 25th September 2020
The conclave witnessed the participation 300+ participants which included CEOs, CTOs, CISOs, cyber security experts, and government authorities from companies like Avira, Bullguard, ESET, Cyren, AhnLabs, CISCO, Fortinet, Akamai, IBM, Verizon, VirusTotal, Appguard, Acronis, K7 Computing, DSCI, Xceedance, Electronics Sector Skills Council of India and many more well-known companies from 30+ different countries.