Learning Library

← Back to Library

AI Prompted Malware & OT Patch Gap

41m • Unknown Channel • security • news • intermediate • Watch on YouTube ↗

Key Points

The podcast stresses that AI isn’t autonomously creating malware; rather, humans craft prompts that make AI generate more sophisticated code, so a sentient‑AI threat like HAL or Skynet is still far off.
New IBM Institute for Business Value benchmarks reveal a significant OT‑IT patching gap, with median high‑severity vulnerability remediation at about 90 % for IT but only 80 % for OT, and an even larger lag for medium‑severity issues.
Hackers are increasingly targeting industrial control systems in critical sectors (water, energy, agriculture), exploiting the IT‑OT convergence that exposes formerly isolated OT environments to internet‑based attacks.
A key obstacle to closing the OT patching gap is that many OT devices remain physically isolated; patching often requires hands‑on, on‑site intervention, which conflicts with the desire to keep these systems online and secure.
OT teams prioritize continuous uptime and safety over rapid patch deployment, leading to slower remediation cycles compared with the more agile IT patching processes.

Sections

Full Transcript

# AI Prompted Malware & OT Patch Gap **Source:** [https://www.youtube.com/watch?v=N_wGf6PAP5U](https://www.youtube.com/watch?v=N_wGf6PAP5U) **Duration:** 00:41:28 ## Summary - The podcast stresses that AI isn’t autonomously creating malware; rather, humans craft prompts that make AI generate more sophisticated code, so a sentient‑AI threat like HAL or Skynet is still far off. - New IBM Institute for Business Value benchmarks reveal a significant OT‑IT patching gap, with median high‑severity vulnerability remediation at about 90 % for IT but only 80 % for OT, and an even larger lag for medium‑severity issues. - Hackers are increasingly targeting industrial control systems in critical sectors (water, energy, agriculture), exploiting the IT‑OT convergence that exposes formerly isolated OT environments to internet‑based attacks. - A key obstacle to closing the OT patching gap is that many OT devices remain physically isolated; patching often requires hands‑on, on‑site intervention, which conflicts with the desire to keep these systems online and secure. - OT teams prioritize continuous uptime and safety over rapid patch deployment, leading to slower remediation cycles compared with the more agile IT patching processes. ## Sections - [00:00:00](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=0s) **AI Malware Prompt Debate & OT Patch Gap** - The episode debunks the myth of sentient AI creating malware, explores the AI‑assisted malware controversy, and highlights a significant lag in OT patching compared to IT. - [00:03:12](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=192s) **OT Security Challenges and Legacy Risks** - The speakers explain how outdated operational technology, a focus on uptime over comprehensive protection, and limited patching create predictable exposure to cyber and physical threats—highlighting the need for stronger security measures and robust contingency plans. - [00:06:44](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=404s) **Balancing OT Security and Risk** - The speakers debate whether operational technology must accept inherent security risks or can be hardened—through network segmentation, stricter patch governance, vendor accountability, and incident response—without hindering economic activity. - [00:10:39](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=639s) **Water Pressure Panic, Freight Hack** - The segment shifts from residents gathering on streets to discuss low water pressure to a report on a sophisticated cybercrime ring that hijacks freight‑marketplace communications to steal cargo. - [00:14:37](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=877s) **Shipping Wars of the Modern Age** - The speaker likens the surge in cargo and package theft—including hijacked trucks and potential OT system attacks—to a Wild West‑style episode of the show *Shipping Wars*, emphasizing rising incident rates and looming threats to major logistics firms. - [00:20:07](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=1207s) **Delayed Logic Bombs in npm Packages** - Researchers uncovered malicious npm packages that operate normally but contain hidden, time‑delayed logic bombs set to activate years later, initially causing random process terminations and then silently corrupting write functions. - [00:23:16](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=1396s) **Strategic Threat of Hidden Malicious Apps** - The team debates how covert malicious packages exploit user inattention, urging prioritization of this evolving, long‑term persistence threat despite uncertainty about its broader prevalence. - [00:26:33](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=1593s) **Questioning AI Ransomware Hype** - The speakers critique inflated claims about AI‑driven ransomware, note the retraction of a flawed MIT Sloan paper, and discuss how model safeguards versus self‑hosted bots shape the real threat landscape. - [00:31:26](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=1886s) **AI-Enhanced Malware and Media Hype** - The speaker explains that threat actors use AI prompts to refine existing malware—not to generate it autonomously—and questions whether cybersecurity reporting is overstating the danger for headlines and hype. - [00:35:00](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=2100s) **Weak Passwords in High‑Value Institutions** - The speakers highlight how major organizations, such as a museum housing billions in priceless items, often neglect basic security measures like multi‑factor authentication and strong password policies, a laxity that appears common among executives. - [00:38:59](https://www.youtube.com/watch?v=N_wGf6PAP5U&t=2339s) **Human Layer as First Defense** - The speakers stress that staff training, strict physical access controls, and basic cyber hygiene are essential lessons from a recent physical‑intrusion incident with cyber implications. ## Full Transcript

0:01It's not the AI writing the malware. It's actually more 0:04in the prompt the individual is using to get the 0:08AI to make the malware better. So I don't think 0:11it's sentient either. I don't think we're going to have 0:13a HAL 9000 situation or a Skynet situation come up 0:17anytime and probably my lifetime. Anyway. All that and more 0:21on Security Intelligence. Hello and welcome to Security Intelligence, IBM's 0:30weekly cybersecurity podcast where we break down the most interesting 0:34stories in the field with the help of our panel 0:36of experts. I'm your host, Matt Kaczynski, and joining me 0:39today, Claire Nunez, creative director, IBM X Force Cyber Range, 0:43Austin Zeisel, Threat Intelligence consultant and valiantly fighting an illness 0:48to be here, Dave Bales, X Force Incident Command and 0:51part of the not the Situation Room podcast. Thank you 0:53all for joining me. This week's stories, we're going to 0:56be talking about some hackers who are stealing real world 0:59cargo, a delayed malware, the AI malware versus AI slop 1:05debate, the Louvre's password, which I'm sure you've all heard 1:08about. But first, I want to get into the OT 1:12IT patching gap. Now, according to a new set of 1:20benchmarks from the IBM Institute for Business Value, OT patching 1:24rates lag pretty significantly behind IT patching rates. So, for 1:29example, the critical high vulnerability Patching rates in it are 1:32about 90% in the median for OT, it's 80%. So 1:35there's a 10 percentage point gap right there. When it 1:38comes to medium vulnerabilities, the gap's even bigger. You've got 1:4082% in it versus 70% in OT. And this comes 1:44at the same time that hackers are increasingly taking aim 1:47at industrial control systems in critical sectors like water, energy, 1:51and agriculture. These attacks can lead to some pretty serious 1:55safety issues. Right? We've seen things like hackers getting in 1:58and adjusting the chemicals used in water treatments that could 2:01potentially poison people. So these attacks are all enabled by 2:06the kind of IT OT merger, Right? The idea that 2:08more and more OT systems are now Internet enabled and 2:11they're part of the enterprise network, and that means they're 2:14exposed to these kinds of things. So I want to 2:17ask, you know, if we're bringing OT into it, how 2:20come our patching practices haven't caught up? Is there something 2:23wrong with our approach to this merger? And I want 2:25to throw it to you first, Dave. What do you 2:26think's going on here? OT typically tends to be offline. 2:31And I think that the problem with Patching OT is 2:34that someone actually has to get up from their desk 2:36and physically walk over and patch the OT systems. In 2:41a perfect world you wouldn't have to do that, but 2:43then they'd be online and they'd be even more susceptible 2:46to attacks from threat actors. So I think it's really 2:51just a matter of having to actually visit each OT 2:54system and patch it from there. That makes sense. Austin, 2:57any thoughts to add? Yeah, going off what Dave just 2:59said. So within OT environments they often prioritize that uptime 3:05and safety over rapid patching and speed, unlike IT systems. 3:12So many of those OT systems can simply just be 3:16rebooted or updated without really disrupting critical operations. And I 3:22think that operational mindset has created really a predictable window 3:27of exposure. Exposure that a lot of these adversaries have 3:31been exploiting. Absolutely. Claire, your thoughts? Yeah. So ot, as 3:35Dave mentioned, is a lot harder to go in and 3:39patch and make changes to. Another issue with a lot 3:42of the infrastructure, especially in the United States, is it 3:45is old. It's very old. We see that being. We 3:49see the impacts not just in terms of cybersecurity, but 3:52also weather. So a lot of our systems are very 3:55susceptible to weather. You see the issues from like the 3:59Texas snowstorms a couple years back. So you know, these 4:03systems are very delicate and we don't always, we, we 4:10prioritize availability over actually ensuring that they're secure in every 4:14sense. So physically secure, cyber secure, it's not, it's not 4:19easy to go in and take care of these operational 4:22systems. It's also very expensive. There are also OT platforms 4:27that kind of help with security, but a of organizations 4:29don't actually necessarily use them. So it is a little 4:34bit scary to think about too. And not to be 4:36kind of like a doomsdayer, but like everybody should have 4:40an alternate plan in the case that these systems, you 4:43know, go down for whatever reason. So. But it is 4:47really scary. And I think, Matt, the example you shared 4:49was lye being shared added to the water on accident. 4:54There's also been cases of pressure changing. So there's a 4:58lot of kind of ways that threat actors can manipulate 5:02the power grids and the water systems. And it's just 5:06something that not everybody is super cognizant of because they're 5:10not necessarily thinking about the security that goes into these 5:14different systems that we use every day. And a lot 5:19of these programmable logic controllers are 20, 30 years old 5:23too because like Claire and Austin both said it's not 5:28as easy as just patching these Things and having the 5:32uptime stay stable. Once you take these down, it takes 5:37a while for them to go down and then come 5:39back up. So patching them is probably lower on the 5:43priority scale than, say, getting the lye out of the 5:47water. And turning it off doesn't mean just turning off 5:51one element. You're likely turning off several different elements, and 5:54you have to patch one and you have to patch 5:56another, and then you have to make sure they're still 5:59connected to your IT and the IT OT connection is 6:02working properly. So it. It's not as easy as just 6:06turning something off to fix it and turning it back 6:08on. And this impacts all kinds of businesses, not just, 6:14you know, us on a human level for needing energy 6:18and water and all that kind of stuff. Like a 6:20bank cannot operate its data centers if it doesn't have 6:24any power. So I think a lot of other businesses 6:28aren't necessarily fully thinking about the OT impact on their 6:31own organizations as well. Yeah, I think those are some 6:34really good points that you folks bring up, especially around 6:36how it's a lot more complicated to do some of 6:39these patches, do some of these security fixes for OT 6:42than some of these, other than your average IT system. 6:44And Claire, you even said that, you know, you brought 6:46up the point that a lot of this stuff is 6:47also not having maybe the physical maintenance that IT needs 6:50or those kinds of security issues. And so that brings 6:53me to maybe this is a naive question for, you 6:56know, because I'm not somebody who's in this realm, but, 6:58you know, is it just the case then, that we 7:00have to accept this level of risk, that this is 7:02just kind of. It comes with ot? This is just 7:04what it's like. Like the patching will always be less 7:07than IT or. I don't know, could we ever get 7:09to a point, you know, could we change things where 7:12we can actually maybe make these systems a little more 7:14secure, get those investments in without necessarily harming economic activity? 7:18Which I understand is a huge question, but I'll ask 7:20Austin. Austin, do you have any thoughts? Are we just 7:22kind of doomed to accept this level of risk? It 7:24comes down to a matter of prioritizing those security measures, 7:28and that first begins with network segmentation and passive monitoring. 7:34Those are really critical, especially in OT environments, but they're 7:37really only half the story. I think leaders in that 7:41space must also pair those controls with stronger patch governance, 7:46because we just talked about earlier how important that patching 7:49is also accountability with vendors, because with ICS systems, ot, 7:54you have so many different third parties and supply Chain 7:57vendors involved. So true. OT specific incident response planning is 8:04really critical here. Not just repurposing it from, you know, 8:09outdated IT playbooks. I like that a lot. You need 8:12a very specific approach to this kind of thing. You 8:14know, we might be making OT and it look similar 8:16in a lot of ways, but they're still very different 8:18systems and you need a very different approach. And Claire, 8:21I just wanted to ask you, another point that you 8:23had brought up was about how these OT systems are 8:25often entangled in so many other systems. And that's part 8:28of what makes it so complicated when it comes to 8:29patching them. You're not just shutting down like one machine. 8:32You can shut down like a whole, you know, production 8:35facility basically to do this. I'm wondering if you have 8:37any thoughts on how that feeds into our ability to 8:41maybe someday get this, you know, problem under control. I 8:44think it plays into it if we're only thinking about 8:48today. And I don't think that's the best way of 8:51looking at resiliency for these systems. Especially, again, we are 8:56looking at multiple challenges in terms of cybersecurity, physical security 9:01from natural disasters, and people sneaking into these locations and 9:05such. And I think, you know, the natural reality is 9:08that most organizations are just thinking about, you know, the 9:14near term in terms of some of these systems because 9:16the investment is so large. But the investment will be 9:20larger if you have to take your plants or your 9:23grids down for a very long time and you have 9:26constituents who are angry, citizens who are angry, or you 9:30can't produce at all. For some organizations, the cost of 9:35not being able to produce is in the millions per 9:38day. So it's kind of thinking, okay, if we have 9:42to take down our site for 24 hours, that's going 9:45to cost us this much. Plus the cost of changing 9:49everything within there versus being down for potentially two weeks, 9:53three weeks because of some kind of damage, and then 10:04backups or something, or like a natural disaster. So it's 10:08doing some cost benefit analysis. And I don't know if 10:11everybody's necessarily doing it because it's very expensive no matter 10:15what. It's just one much larger price point than the 10:21other. How would everyone feel if they just, for just 10:24the smallest example, lost water pressure for a couple of 10:30hours? People are going to complain about that. Yeah, people 10:32will absolutely. Just water pressure. Forget the lye, forget the 10:36fluoride, forget turning the water off, just lose water pressure. 10:39For a couple of hours and listen to your neighbors 10:42all start coming out into the middle of the street 10:43and talking about the fact that there's no water pressure. 10:46I was going to say, Dave, literally like a year 10:48ago, that's it. That happened in my neighborhood. And you're 10:50right, it's just water pressure. We're not even talking about 10:52something that's like life or death. It's just everyone's suddenly 10:55out in the streets. Is your water pressure working? Is 10:57your water working? Is it just my water? And yeah, 10:59so, you know, that does. You're right. That, that, that 11:01complicates things even more. You know, I guess, I guess 11:04we'll round out the segment by saying that I don't. 11:08I feel bad for the folks who have to make 11:09these decisions because Lord knows I couldn't make them. Let's 11:12move on to the next story. Hackers steal real. Now, 11:22speaking of cyber attacks that have some very material consequences, 11:26proofpoint reported last week on a sophisticated cybercrime ring that's 11:31targeting freight companies to steal their cargo. Now a real 11:34quick summary of how freight companies connect with carriers might 11:38be in order for those who aren't familiar with it, 11:40they tend to use a kind of marketplace system, right? 11:42So a freight company comes in and says, hey, we 11:44have this load. Carriers come and say, hey, we can 11:46carry it for this amount. They make a deal. It 11:48works that way. The way this cyber attack operates is 11:51that first the hackers get in there and they impersonate 11:54a freight company and say they have a fake load, 11:57carrier comes and bids on it. They use that opportunity 11:59to compromise the carrier's account, and then they act as 12:02the carrier and they bid on real loads and say, 12:05hey, we can take this job. When they secure the 12:08job, they send their own trucks over to pick up 12:10the load and take it. And of course, it never 12:13makes it to its final destination. I just, the brazen 12:16ness of this really struck me, which is why I 12:18wanted to kind of bring it up and see how 12:20folks feel about it. Claire, let me start with you. 12:22Any initial reactions to this cyber attack? I kind of 12:25think about it and in terms of like, that's such 12:29a mixed bag where you're just stealing people's Amazon packages. 12:33Like you can either get a computer or you're getting 12:35just soap or something. Where, I mean, I guess with 12:40cargo, it's, I'm, I'm like, initially I was like, oh, 12:43that's interesting. Like, how do you get rid of all 12:46of that cargo that's within? But I thought it was 12:49just an interesting overall concept where it's just like you're 12:54reselling these items and it's. You have to be really 12:59organized to take on that kind of level of crime 13:04and to kind of figure out what you're going to 13:07do with all those shipments as well. When I was 13:09reading kind of the Reddit thread that you sent over, 13:12Matt, about the person whose organization had faced this, it 13:16came down to these people receiving an email saying, you 13:22have to do this for a specific order and then 13:24they input their information. And that's kind of how the 13:27threat actor got in. And it's like, of course, in 13:30my mind, it came down to somebody rushing and clicking 13:33a link they shouldn't have. And I wonder how much 13:36more common this is than reported, because shipping is now 13:41like, everything has to be shipped within two days kind 13:44of thing. So there's probably just a tremendous sense of 13:49pressure on these people that, like, sending them a phishing 13:54email like, that would definitely get them to act. So 13:58I wasn't surprised seeing that. But it's interesting to see 14:02because sometimes I'm guessing, like, people will get packages delayed 14:06and such, and you don't necessarily know about why. And 14:10maybe it's because it was actually just lost by somebody 14:14in a warehouse or it was part of a larger 14:18cargo cyber crime ring. Yeah, it is funny, right? It 14:21is kind of like a scaled up version of the 14:23mail theft ring. I didn't really think about that, but 14:25it's, it's extremely obvious. And also, side note, one of 14:28my proudest moments was foiling some male thieves in my 14:30neighborhood. But we don't have to talk about that right 14:32now. Good for you. You were going to, you were 14:35going to say something. Come on in here. I was. 14:37I feel like I'm watching a true life episode of 14:40Shipping Wars. I don't know if anyone's ever seen the 14:42show. Yes, I have. But that's what this feels like. 14:46It feels like Shipping wars, except it's the old west 14:49version of Shipping wars where they're jumping on trains and 14:53stealing things. But no, like Claire was saying, it's, you 14:56know, when you start talking about whether or not your 14:59package has been lost or whether it's been stolen. I've 15:03actually had packages stolen from the truck, not from my 15:07doorstep. It will say, oh, well, your package has been 15:11delayed, and we'll let you know. If it doesn't arrive 15:13within two days, let us know. Well, so these pirates, 15:21these thieves, these people that do this, I don't understand 15:26what the end goal is. Aside from making money and 15:30making other people miserable. And they do. They make people 15:33miserable. That could be a load of diapers for a 15:38new grandfather, let's say. Or it could be, like Claire 15:41said, a computer. Why are they doing this? Because it's 15:45easy to do. That's why. The attack numbers have increased 15:48year over year. Like 2024, I think it was 25, 15:5327%. And then projected for this year, it's another 22% 15:57increase. I mean, it's. They're going after large transport firms 16:01and it's just a matter of time before they hit 16:02an Amazon truck and then we're all in trouble. Now 16:05I'm sort of wondering too, in light of that last 16:08story that we were talking about, you know, in terms 16:10of the OT systems being attacked, and now we're talking 16:12about these cargo theft getting into the mix. It almost 16:15feels to me like our concept of cyber attack needs 16:18a little bit of updating. And again, maybe this is 16:21just myself and my own projection, but I think cyber 16:23attack and that cyber part comes in pretty big, right? 16:26You still kind of think this stuff is happening on 16:28computers, but it's spilling out into the real world in 16:30these very interesting ways for me. And I just, I'm 16:32wondering if, I don't know, do other people kind of 16:36feel the same thing going on? Or maybe you've been 16:37thinking about this much longer than I have. Austin, let 16:41me, let me throw it to you. Have any thoughts 16:42on this kind of blurring of the lines between real 16:45world security, physical security and cybersecurity? Yeah, that's an interesting 16:48point because, you know, the tides have shifted. You know, 16:52we think of cyber attacks as strictly being digital and 16:56data oriented, whereas these, these attacks are having real world 17:02physical implications. And I don't think people, at least the 17:06general public, fully fully understand that, especially when there's so 17:10many different third parties involved, smaller brokers, multiple carriers within 17:16those supply chains. So that creates much more fragility amongst 17:22those supply chains in this logistics and transportation sector. Absolutely. 17:27Claire, any thoughts on your end? Yeah. In this cyber 17:30range, we've increasingly seen clients go from being more focused 17:34on the loss of data, which is an awful thing 17:36for a lot of US consumers, to more like material 17:40impacts of having either impacting shareholders, employees, and again, customers 17:45in terms of service availability. So I think it's also 17:48a bigger concern for organizations too, where it's like, I 17:52will not be able to produce X products and there 17:56will be an outage for a certain amount of time 17:58and then all of our customers are going to switch 18:00to Y product because it's not available. So I think 18:05as a consumer we also don't care as much about 18:08our data being lost because our data has been lost 18:11how many times. I'm sure everybody on this call has 18:13like, you know, at least 10 years of data credit 18:17monitoring. So you know, like, I think it's something that 18:23organizations are also thinking about because they're scared because that's 18:26more of a, like an impact to their business if 18:29they can't produce or provide services and that's going to 18:33impact them more. And I think at the end of 18:35the day, if you can't kind of going back to 18:37the OT, if you have to pay $2 million to 18:41get your site back up and running and it costs 18:445 million a day of downtime, you're going to pay 18:47the 2 million in ransom. You might not admit it, 18:50but you're, you're going to pay it because it's, it's 18:53again the cost benefit analysis. So you're either going to 18:56lose X number of customers and it's going to cost 18:59you this much or you know, so I think it's 19:03just kind of a, it's a mental shift a lot 19:05for businesses and then consumers were starting to get annoyed 19:08by it as well as it trickles down. I'm going 19:11to age my 50 year old self here. Back when 19:14I got my first computer back in the early 90s, 19:18we'll go with that. No one ever thought about the 19:22number of IP addresses that we had or had available 19:25or whether or not we were going to run out 19:27as our landscape shifts to having computers control everything. And 19:33let's be honest, it does. Everything is a cyber attack 19:37now. So we can't just think of cyber attack as 19:41one person attacking a computer. You have to put that 19:44the supply chain, that's a cyber attack. You know, the 19:47physical attacks, yeah, those are different but for the most 19:51part we're looking at cyber attacks on everything. So yeah, 19:54our definition definitely needs to be updated for cyber attacks 19:58right now. It's still the old school definition and we 20:01need to get away from that and towards a more 20:04modern definition. Move on to our next story here folks. 20:08This is malicious packages that drop time delayed logic bombs. 20:17Researchers at Socket identified nine malicious nougat packages with hidden 20:22logic bombs designed to detonate years after they've been installed 20:26and working properly the whole time. So these packages, they 20:29do work, they do what they say on the tin, 20:30but hidden inside of them are these logic bombs that 20:33are set to detonate, go off after 2027 or 2028, 20:38depending on what package you're dealing with. And the way 20:41they work, kind of their malicious components are that, you 20:45know, when you first install them, they will start immediately 20:47terminating some processes. But they only do it with a 20:5020% chance because it's designed to kind of make it 20:52seem random, like it's not related to the package, it's 20:54just something crashed. But then the specific kind of code 20:58that detonates after a few years is they start silently 21:02corrupting write functions. Right. And so I just. The thing 21:06for me was trying to figure out what's the point 21:08of the time delay, what does the attacker gain, what's 21:11the play here? And I want to throw to you, 21:13Austin, what do you think about this technique? Well, first 21:15off, I've actually never even heard of this technique being 21:19used. So it's pretty, pretty wild that this is going 21:23on. But as you're asking, what's the point here? Well, 21:26I think it's really about the dependency on time that 21:31because this gives attackers so much dwell time, by the 21:34time say the payload is triggered, that initial dependency has 21:39been forgotten because so much time has passed already. So 21:44attackers really aren't thinking and days, weeks or months, they're 21:47thinking in years. And that's where they're using time to 21:52their advantage and these threats are becoming successful. It's funny, 21:55right? The attackers have the long term thinking, but we 21:58talked quite a bit about how our organizations don't always 22:01have the long term thinking. Right. When it comes to 22:04OT patching. There's a little bit of an asymmetry here 22:07that is, I don't know, something to think about. Dave, 22:10any thoughts on your end about this technique? Yeah, so 22:13what they're looking for is complacency. How many times have 22:16you installed a piece of software and five years later 22:20it's still sitting there? Whether you use it or not 22:22is irrelevant, but it's still sitting there. I personally probably 22:26don't uninstall about 90% of the software that I install. 22:30So if I'd have downloaded one of these NuGet packages 22:34in couple of years, I'm going to have a logic 22:36bomb go off on my machine because I just don't 22:40do it. I don't uninstall things. And I think that's 22:42what these attackers are counting on. They're going to get 22:45these packages installed. They've been downloaded what, 9,500 times. So 22:519,500 people who haven't read this story are going to 22:54be in for a very big surprise come September of 22:5827 and October of 28th. That's a really good point. 23:02I mean, I'm looking at my own desktop right now. 23:03It is littered with things I've downloaded I haven't touched 23:07in forever. And you're right, I don't bother to get 23:09rid of them. Storage isn't really a problem anymore. So 23:12you download a thing and you just let it sit 23:14there. That's a good point. I hadn't thought about that. 23:16I should delete some apps. Claire, what about you? Any 23:18thoughts on your end? I just think it's smart from 23:21a threat actor perspective. It's just. It's smart. Most people 23:25will forget about things. Most people won't even read that 23:28headline and know that there's something they shouldn't have downloaded 23:33in that. In whatever they downloaded. So I just think 23:36it's really like a innovative way of getting malicious packages 23:43on people's devices without them knowing, even though they, at 23:47this point, I guess, should know since it's out there. 23:50But it's just smart from a threat actor perspective. Yeah. 23:54Austin, I want to come back to you again because 23:55as you had said, right, this is something you hadn't 23:58really seen before. This is kind of a new one 23:59for you. I'm wondering, do we need to be paranoid 24:03about this kind of thing lurking in more packages? Do 24:06we need to be worried about this or do you 24:08think this is one incident? How should we approach this? 24:11How should we think about this is kind of threat 24:13on a scale level? Any thoughts there? Yeah, I mean, 24:15I think we should prioritize this threat because again, the 24:19threat landscape's always evolving and we're seeing this play out. 24:23And so we need to sort of think ahead of 24:26the threat actor because there is some strategic intent here. 24:30This is about long term persistence and also leverage by 24:33using time to their advantage. And again, it's not just 24:37about stealing data. It's about planting those seeds for future 24:41leverage and control as well as just overall sabotage. Gotcha. 24:45Dave, any thoughts on your end about how defenders should 24:48be thinking about this kind of thing? Typically, I would 24:51think that the defenders of databases and industrial controls would 25:04wipe it out completely. I mean, now you've got four 25:08years worth of data that you can play with. Industrial 25:12controls, same thing, you've got four years worth of data 25:16to play with. So you're in for some really big 25:19disruptions if we don't get all of these traced or 25:23as many as we can traced to the downloaders and 25:27get them off of those systems because they're probably going 25:30to extremely important functions. Absolutely. No, that's a very good 25:35point and I neglected to mention, but yeah, these packages 25:38target largely database systems and icss, and so yeah, they 25:42can cause some serious problems there. Let's move on then 25:45to the next topic. And this is honestly maybe the 25:48one I'm most excited about to ask you folks about 26:04reports of AI powered malware that we've seen come out. 26:06And in the last week, two big instances happened that, 26:10that made me want to bring this before you folks 26:11today. The first was that Google started talking about an 26:14experimental malware it found called Prompt Flux, which can interact 26:18with Gemini's API to regularly request rewrites to its code 26:22with the intent of evading detection. But as cybersecurity researcher 26:26Marcus Hutchins points out, this self modification function was commented 26:31out in the code, so it wasn't even actually active. 26:33And even if it were, it probably wouldn't operate all 26:36that seamlessly. Just because it's requesting, you know, code rewrites 26:39doesn't mean those rewrites are actually going to evade any 26:41detection system or they might not even work. The other 26:44thing that happened was that there was a widely cited 26:46MIT Sloan working paper that came out in the spring 26:49and it claimed that 80% of active ransomware attacks were 26:53using AI. It has since been withdrawn after some serious 26:57criticism came out regarding the methodology, with researchers wondering how 27:01the authors were able to definitively say AI was involved 27:04in any of these attacks. So my question is, have 27:08we lost the plot when it comes to these AI 27:11powered threats? You know, are we getting a little ahead 27:13of ourselves with the way we talk about these things? 27:16Dave, what are your thoughts here? So there are built 27:18in protections in, in all the AI models for the 27:22public iterations of these, these AI models that keep you 27:26from putting your code in and getting some more malicious 27:30code out. However, you can take the training wheels off 27:33of these and put your own instance in. And now 27:37you've got your own little personal AI bot who is 27:41willing to do whatever you want. And as long as 27:45we, and we talked about this on the other show, 27:49once you start removing the gates, you start allowing more 27:54things to happen, we're going to see this more and 27:56more, the research paper from MIT notwithstanding. I mean, they 28:00did make some grandiose claims, but you are going to 28:05see AI malware come into existence and it's going to 28:09be dangerous and it's going to be good and it's 28:11going to be a way for adversaries to get into 28:16systems that they wouldn't normally have the skill set to 28:19get into. But, but AI absolutely has the skill set 28:23to do whatever it needs to do, programmed by humans. 28:28It's a lovely partnership. You know Austin, your thoughts on 28:33this kind of subject? Do you think we are maybe 28:35a little sensational about this or do you think this 28:37kind of thing is something to be worried about right 28:39now? I mean, I think AI, the idea of AI 28:43being fully autonomous, self evolving malware is sort of in 28:47the realm of science fiction than reality. Because at the 28:51end of the day, AI is a tool created by 28:54humans and it's really a reflection of us. It's not 28:57independent of, of human nature. Perhaps that day will come. 29:03But I think for now that isn't fully operational. You 29:08know, I don't think AI is going to become conscious 29:11and self aware. So I don't really see a 2001 29:14Space Odyssey scenario playing out. But maybe I'm just being 29:18too optimistic. So. Yeah, yeah. And it's kind of like 29:23Dave said, right? The threat necessarily isn't the sentient malware, 29:27but it's like if a hacker has their own little, 29:29you know, training wheels off model to help them do 29:33things they couldn't do otherwise. Right. It's, it's sort of 29:35less sensational, but just as dangerous, maybe more dangerous. Claire, 29:40your thoughts on this kind of situation? Yeah, I agree 29:43with Austin. I don't think it's something, it is very 29:47sci fi right now. But I do think it would 29:50be a mistake to say that threat actors aren't using 29:53AI in some capacity. I mean, again I mentioned in 29:56like, I think our last episode that I was on, 30:05So they are also trying to optimize their operations, which, 30:08which probably includes bringing in AI to that. So I 30:12mean, it would be kind of silly for a threat 30:15actor to not be using AI to check their code 30:19or to write phishing emails or something. It would just 30:23extremely speed up their operations. So I think it's safe 30:28to assume that most of them are using AI in 30:30some capacity like that. But I don't know if we 30:32fully have gotten to the point of like self evolving 30:37malware that is, is almost like a real like biological 30:43virus of some kind. I. We're just, I don't think 30:46we're there yet. And if we are I don't, I 30:51don't know if we'd pick up on it yet. But 30:53I, I mean, I don't necessarily think it's like something 30:58super true yet, but I think a lot of people 31:01are like, forget that AI can be a little scary 31:06if you are trying to do prompt injections and trying 31:11to evade the safeguards. I agree that I don't think 31:14it's sentient yet. And I don't think that anyone would 31:18be foolish enough to think that AI is writing malware 31:22itself. It's all human based. I think it's more code. 31:28What is the word code embellishment that AI is being 31:31used for looking at the code that, that they're putting 31:35in. Hey, make this better for me. So it's not 31:37the AI writing the malware. It's actually more in the 31:41prompt that the individual is using to get the AI 31:46to make the malware better. So I don't think it's 31:49sentient either. I don't think we're going to have a 31:52HAL 9000 situation or a Skynet situation come up anytime 31:56and probably my lifetime anyway. But they are using it 32:01to make malware better because they do have these sandbox 32:05AI instances that allow them to do things that they 32:10wouldn't normally be able to do on say, Gemini or 32:13Copilot or chatgpt or anything else like that. Yeah. And 32:17I want to ask about something else that I've seen 32:19cybersecurity researchers increasingly talk about, is that some of this 32:23might be a kind of communication issue. And by that 32:26they mean some of the organizations reporting on this malware. 32:29They might feel a little, I don't know, motivated to 32:31make it seem more impressive than it actually is for, 32:34you know, first of all to get some headlines, to 32:36get some clicks. But also because if you're helping to 32:39kind of secure AI systems, you might have an investment 32:41in making the AI systems look super, super spooky. So 32:45I'm kind of wondering if you folks feel like we 32:48might be dealing with partially a communication issue here. Are 32:51we just like sensationalizing things too much? Is that. What 32:54do you think is going on? And I'll start with 32:56you, Austin. What do you think about that? This recent 32:58report that was what redacted it has definitely been sensationalized. 33:03Because if a board believes, you know, AI is driving 33:0780% of, of ransomware, which the stat they put on 33:11the headline, you know, they may start overspending and misallocating 33:15resources on AI detection tools, which will also underspend on 33:21basic security hygiene like Patching, segmentation and identity and access 33:27management. So I think that misallocation of resources can become 33:32a massive strategic risk for organizations. Cool. All right, well, 33:37then we will wrap that section up and move on 33:39to our final story of the week. Oh, my favorite. 33:43The password for the Louvre's video surveillance system was Louvre. 33:52By now, we've all heard about the theft of some 33:55$100 million worth of jewels from the Louvre. And in 33:58the wake of this incident, some news outlets have resurfaced 34:01some old reports on the Louvre's security measures, including warnings 34:05from the National Cybersecurity Agency about its kind of weak 34:08systems and the fact that at one time, at least, 34:10the museum's surveillance system password was Louvre. Now, Dave, given 34:14that you were so eager to dive into this one, 34:16I feel like I should just throw it to you 34:18first. Give me your thoughts here. What do you think? 34:20What do you think were they thinking? Honestly, password 1, 34:272, 3 would have been better, you know, and I'm 34:31sure they probably tried that and said, wait a minute, 34:33let's just go with the most simple thing and let's 34:35just see if it's luv. And they got in with 34:37that. And this was the camera system, right? This wasn't 34:42like the password to the Louvre cyber security system. It 34:47wasn't. I'm sorry, their security system, it wasn't keeping the 34:51jewels safe. It's just the camera system. Just the camera 34:55system? Really? I mean, that's a pretty big system there. 35:00I mean, this is a building that houses hundreds of 35:04billions of dollars worth of priceless. I mean, you can't 35:08put a price on it of priceless items. And they 35:12couldn't be bothered to put multi factor authentication in there. 35:16They couldn't be bothered to come up with something was 35:18more than six characters long. They couldn't be bothered to 35:21put even an exclamation mark at the end of it. 35:25Really? Or. You say for the E speak in there? 35:31Yeah, exactly. We need leet speak in there so that 35:34at least someone with half a brain would have to 35:37use it. Nope. Nope. My son could have probably done 35:40this and he doesn't know anything about computers. Claire, I 35:43wanted to ask you as somebody who, you know, I 35:46know you spend a lot of time working with organizations, 35:48training. I'm sure the Louvre is not the only institution 35:52that's been guilty of these kinds of lax sort of 35:54security processes. And I'm not asking you to tell us 35:57about other ones you've seen, but I'm wondering in general, 35:59have you noticed these kinds of lax Measures in places 36:02before. Is this a trend? I think it's pretty common, 36:05but a lot of people will not admit to it. 36:08They won't admit that their password is admin or password 36:12or whatever the username is, but I think it's very 36:17common. But a lot of the people that we have 36:20that come through the range probably wouldn't admit that. And 36:25these are, you know, executives, so they're not always like 36:28the most tech savvy folks either. They pro. They probably 36:31will not admit that that's their password as well. This 36:37is just, I feel like the password and the surveillance 36:40camera thing, that's like one of the first things you, 36:42you do when in a heist movie is you disable 36:47the camera. So it's like, even if the security association 36:51or the national whatever coalition it was didn't say you 36:55should do something about this, if you watch any of 36:58those kind of movies, wouldn't, you know. But it also, 37:02to me, this whole thing makes the heist so much 37:05less impressive because, I mean, just seeing all of the, 37:10like, lax security measures they had, it's like I. Someone 37:15could have a lot. Anyone could have done it. And 37:17I don't want to say anyone could have done it 37:18because it's definitely something that's very difficult. But if you 37:21look at like the Isabella Stewart, Stewart Garden, like heist 37:24in the 90s in, in Boston, that was just like, 37:28so well thought out. They still don't know who did 37:31it. But it's like with this one, they just kind 37:35of went in and they like typed in Louvre and 37:37called it a day. And they like, they used their 37:40drill and they took the jewels and walked, walked away. 37:43So. And we didn't find them yet. So it's as 37:46far as I know, I think there's suspects in. But 37:49still, I believe they're still at large. But yeah, they 37:51just kind of wore construction uniforms and walked in and 37:55nobody really stopped them until they were taking jewels and 37:57at which point it was over, you know. Austin, any 38:00thoughts on your end? This was a matter of not 38:04being a technical flaw, but it was a flaw in 38:07human behavior and governance. I mean, that's really the big 38:11failure there. Sadly, convenience typically overrides policy when it comes 38:17to cybersecurity. And without any accountability, those critical systems remained 38:24pretty defenseless, especially with CCTV cameras. So kind of crazy 38:31that, you know, an institution as big as the Louvre, 38:35world renowned, thought maybe they were too good for any 38:39password hygiene or password rotation. Also, like, how many people 38:44pass through the Louvre a day? I'm sure. There are 38:47other devices that are just available that you could type 38:50that password into and get in. Like, how many people 38:54are in there that. That, you know, could. Something's not 38:56watched and you could just type it in. It's scary. 38:59You know, I want to end on a constructive note 39:01here. So I'm wondering, you look at a situation like 39:04this, what kind of lessons you think we can learn 39:06from. From the lose, you know, maybe lax approach to 39:10some of their cyber security measures. Let's start with you, 39:14Claire. Any thoughts there? There's just so many things that 39:17they could have. Could have done. I feel like training 39:20of their staff as well would have helped too. But 39:26I. I think this whole thing goes back to when 39:28we earlier said, or Dave earlier said, like, everything is 39:31cyber now. So, like, this wasn't a cyber attack. It 39:33was a physical attack, but there is cyber involved. So 39:36it's just like, I don't know, have your folks trained, 39:39have better passwords. I, you know, don't let people just 39:44drive up to your institution with, like, a van with 39:47a ladder on it and go through the window. I 39:49mean, it's just. Claire has ruined every heist movie I've 39:55ever seen now. Ocean's Eleven will never be the same. 39:59I'm sorry. True. I was just gonna say, you wear 40:03a shiny vest and carry a clipboard into anywhere and 40:06no one bats an eye. Right. So it really comes 40:09down to the human layer as. As the first line 40:11of defense there. I like that. I like that it 40:13comes out of the human layer. I also just want 40:15to say real quick, I do think not letting people 40:16drive up to your. Anything with a ladder is a 40:19good, you know, thing to do in general. Like you 40:21said, Claire, really great advice to Dave. Any thoughts on 40:25your end in terms of lessons we can learn here? 40:27The typical answer is practice good password hygiene. I can 40:31almost assure you that whomever installed the cameras at the 40:37Louvre put the Louvre in as password, and no one 40:40ever thought to go back and change it, least of 40:43all the people who were in charge of it. They 40:45just thought, we'll get to that. And getting to that 40:49was the next day, and then it was the day 40:51after, and then it was the day after, and I 40:52think it just became forgotten. I don't think that the 40:57Louvre purposely used the easiest password that they could find. 41:02I think it was just forgotten. And I think they 41:07probably learned their lesson and it cost them a few 41:09bucks. I think that's a really good place to end 41:12it on. And it is all the time we have 41:14for today, folks. So I want to thank you, Dave, 41:16Austin, Claire, for sitting here and having this conversation with 41:19me. Thank you to the viewers and the listeners. As 41:21always, folks, subscribe to security intelligence wherever podcasts are found. 41:25Stay safe out there. And I don't know, just change 41:27your passwords up, man.