S Ventures Invests in Auguria to Solve SecOps Overload

We are excited to announce S Ventures investment in Auguria to empower the vision of achieving 90%+ efficiency in SOC investigations and reducing SIEM costs. Auguria is driving the transformation of traditional security operations by optimizing data for human and AI consumption with the industry’s first Security Knowledge Layer.

SecOps’ Data Dilemma | How to Manage Costs and Maximize Security?

Security fundamentally revolves around managing and analyzing vast quantities of data. Security teams tasked with safeguarding digital assets amass extensive datasets from diverse origins, such as system logs, network traffic, threat intelligence feeds, and endpoint telemetries. The volume of this collected data is on an ever-upward trajectory.

Amidst this data deluge, a significant challenge emerges: distinguishing data related to genuine threats from the multitude of benign noise. This task is not only complex but also critical for effective threat detection and response. Consequently, many organizations opt to retain all gathered data, erring on the side of caution. This approach, however, leads to a substantial increase in SIEM costs.

To mitigate these burgeoning SIEM expenses, a practical strategy involves the meticulous identification and elimination of duplicate, repetitive data, followed by the strategic categorization of the remaining data based on its necessity for either immediate investigation or long-term storage for forensic and compliance purposes. Only the most interesting and anomalous log data and events, those crucial for real-time analysis, dashboards, active threat hunting, and prompt incident response, should be allocated to the priciest data storage solutions.

How Does Auguria Solve the SecOps Data Problems?

Auguria’s Security Knowledge Layer, or Auguria SKL™, instantly identifies whether an event is unique or bears similarities to others through transforming data into vector embeddings and pairing it with insight and organization. Auguria uses AI and ML to reduce data noise, lowering storage and processing costs. This allows existing teams to do more with less. At the core of Auguria’s platform is a vector database and embedding engine, powered by the unique security knowledge model and ontology distilled from extensive real-world security operations experience.

Sitting between XDR, SIEM, or data lake, Auguria provides “grounded” methods that de-noise, rank, and prioritize security events and alerts – optimizing data for both human and AI consumption. This strategy significantly improves the signal-to-noise ratio, thereby enhancing the reliability of alerts for SOC analysts as well as making it easier to hunt for the malicious activity related to it.

By enabling autonomous security operations, Auguria is setting new benchmarks for operational efficiency, driving superior outcomes and ROI for security teams. We are excited to support Auguria in delivering on its vision!

“Auguria can be game-changing for SOC analysts and incident responders, as it pinpoints where one should look for the most actionable data and discards the noises.” Josh Blackwelder, Deputy CISO at SentinelOne

How Did We Learn About Auguria and How Does S Ventures Fit In?

Our journey with Auguria’s core team began at RSA 2022 where Keith Palumbo and Chris Colter first unveiled their visionary concept. Both Keith and Chris are as impressive as the technology they are building. They started Skout Forensics in 2010, which was acquired by Cylance in 2012. Chris has extensive digital forensics experience working across PwC and most recently, SentinelOne, where he tackled complex cybersecurity investigations. Keith combines a legal and business background with years in data investigations, bringing a unique perspective to Auguria. These diverse experiences and skills will drive Auguria to the forefront of security innovation and will enable them to attract top-tier talent.

Conclusion

Auguria is empowering customers to conduct threat investigations with unparalleled cost efficiency, thereby diminishing their dependence on traditional SIEM technologies. New solutions like Auguria SKL™ further the abilities of SecOps analysts by synthesizing the power of AI with the skill of expert-level human defenses.

As SentinelOne’s S Ventures continues to invest in the next generation of security, data, and AI companies, we look forward to seeing Auguria SKL™ augment SecOps teams by delivering hyper-fast and automated security event data comprehension. Please join us in congratulating Auguria on their launch out of a stealth, seed investment round and vision to redefine the standards of digital security to pave the way for a safer tomorrow.

S Ventures
Investing in the next generation of category-defining security and data companies.

PinnacleOne ExecBrief | Nation-State Targeting of Enterprise Cloud

Key Takeaways

  • The Russian Foreign Intelligence Service (SVR) continues to intensively exploit their breach of Microsoft, leveraging access to source code, internal systems, and sensitive data including Microsoft executive’s emails and customer secrets. This poses severe risks to organizations using Microsoft’s products and services.
  • Microsoft’s communications have been minimal and inadequate, likely because it lacks a full understanding of the implications of its breach.
  • The SVR is actively exploiting stolen information (at an increased scale via password sprays) to target enterprise cloud customers in government and industry for further compromise.
  • This is the latest in a string of breaches against Microsoft by nation-state threat actors, including China, highlighting systemic weaknesses in Microsoft’s security posture and customer protections.
  • Immediate actions by MS customers are needed, including enforcing MFA, auditing for suspicious activity, disabling unused accounts and devices, and considering third-party security capabilities.

Microsoft’s Security and Public Communications Failures

Microsoft’s recent disclosure of additional information on the Russian SVR breach, three months after it began, raises acute concerns about the scale and scope of the incident. In an SEC filing and blog post, Microsoft shared that the SVR gained access to source code repositories, internal systems, and sensitive data including executive emails. However, key questions remain unanswered:

  1. What source code was accessed and was it modified to introduce supply chain vulnerabilities?
  2. What customer secrets were exposed and how is Microsoft notifying impacted organizations?
  3. How did the SVR pivot from breaching an unused test tenant to accessing executive emails and critical internal systems?
  4. Does Microsoft have full confidence the SVR has been completely evicted from its networks?

Microsoft’s lack of transparency leaves customers unable to accurately assess risks to their own organizations from this incident. Microsoft has so far communicated the bare minimum required by law. The paucity of details suggests Microsoft does not have a good handle on the situation and likely cannot answer fundamental questions about the impact of the breach.

This fits a troubling pattern – in 2023, Chinese state-sponsored hackers breached Microsoft email servers and used that access to steal sensitive data from U.S. government agencies. Just as with the SVR incident, Microsoft said very little, leaving customers frustrated and concerned.

Experts have been sounding alarm bells about Microsoft’s security weaknesses for some time. The company is a huge target for nation-state attackers, yet struggles with fundamental security hygiene like enforcing multi-factor authentication and network segmentation. Microsoft’s authentication systems seem to be a particular issue. Nation-state actors are exploiting these gaps to clear effect.

Meanwhile, organizations are growing ever-more reliant on Microsoft, trusting the company not just for office software but for mission-critical cloud infrastructure, identity and access management, and security tools. This concentration of risk and responsibility in Microsoft is deeply concerning in light of repeated security failures.

Microsoft’s track record does not inspire confidence in its ability to defend against determined nation-state adversaries, who are now actively targeting Microsoft clients.

Recommendations for Senior Executives

Given the severe risks and Microsoft’s failure to provide sufficient information and assurances, organizations should take immediate defensive actions:

  1. Enforce MFA everywhere, with no exceptions. Compromising credentials is the top technique the SVR and other advanced threats use for initial access.
  2. Audit and monitor all user identities and device registrations in Azure AD and M365. Look for any suspicious activity like reactivated dormant accounts or new device registrations. Remove any unused accounts and devices.
  3. Reduce privilege as much as possible. Only grant admin rights where absolutely necessary and avoid standing privileges. Enforce conditional MFA access and one-time passwords and move to a zero trust identity model.
  4. Review all Azure security settings and compare to best practice guides from NSA, CISA, and CIS. Centralize all log and audit data for automated analytics, monitoring, and threat hunting.
  5. Implement email data loss prevention and encryption tools to prevent sensitive data from being exfiltrated via email.
  6. Consider third-party security tools to complement Microsoft’s native capabilities. Having multiple layers of defense from different vendors is prudent.
  7. Update incident response and disaster recovery plans to account for the potential of compromised Microsoft systems being unavailable or untrustworthy. Have fallback crisis communication and collaboration systems in place.
  8. Brief senior leadership and the board on Microsoft risks and your organization’s response plan. Ensure the C-suite understands the potential business impact.

Conclusion

The SVR breach of Microsoft is a stark reminder of the serious risks posed by sophisticated nation-state adversaries targeting major cloud providers. Over reliance on any single vendor, even one as prominent as Microsoft, can be catastrophic.

Microsoft’s opacity in its breach disclosure and history of security missteps means customers cannot simply take the company at its word that the situation is under control. Organizations must take proactive steps to mitigate risks and reduce their attack surface as much as possible.

Ultimately, a defense-in-depth approach with multiple layers of security controls and aggressive monitoring for threats is needed to combat determined nation-state actors. Senior leaders must be engaged and willing to make hard choices, including potentially diversifying away from Microsoft where it cannot meet the organization’s security and resilience needs. Failing to act decisively in the wake of this breach would be an abdication of the duty to protect the enterprise.

The Good, the Bad and the Ugly in Cybersecurity – Week 11

The Good | Top LockBit Ransomware Admin Charged & Ordered to Pay Restitutions

Russian-Canadian cybercriminal Mikhail Vasiliev has been sentenced to nearly four years in prison for his involvement in the LockBit ransomware operation. Initially arrested in November 2022, Vasiliev has pled guilty to eight charges, including cyber extortion, mischief, and weapons-related allegations.

Court sketch of Mikhail Vasiliev by John Mantha

Within LockBit, Vasiliev held a significant administrative role, participating in numerous high-profile attacks totalling over $100 million in ransom demands, which primarily affected businesses across Canada. Alongside a four-year sentence, he must pay $860,000 in restitution to his Canadian victims and faces extradition to the United States for further charges. American prosecutors have Vasiliev lined up to receive up to five years in a US prison for conspiring to intentionally damage protected computers and transmitting ransom demands.

LockBit, a notorious ransomware-as-a-service (RaaS) operation, has extorted at least $120 million in ransom payments from over 2000 victims in the last 3 years alone. The gang experienced major setbacks just last month, though, when a joint law enforcement operation seized its main infrastructure and arrested key affiliates. While the group quickly resumed operations on new leak sites to maintain activity, analysis suggests that most data leaked post-operation belonged to victims from before the takedown, indicating the threat groups’ struggle to regain momentum.

Currently, the Department of State is offering rewards up to $15 million for information that could lead to the arrest of other LockBit key leaders and affiliates. Two suspected members of LockBit, Ruslan Astamirov and Mikhail Matveev, were also apprehended in 2023 though only Astamirov has been officially charged for deploying LockBit ransomware. Matveev remains at large facing cyber sanctions and a 20-year prison term in the event of arrest and conviction.

The Bad | Almost 13 Million Authentication Secrets Exposed on GitHub

Threat actors are increasingly exploiting GitHub and repositories as a conduit for malicious activities. In a recent report detailing the issue of secrets sprawl, the findings show that in 2023 alone, GitHub users inadvertently exposed a 12.8 million authentication and sensitive secrets across over 3 million public repositories, with only 1.8% of users rectifying the issue upon receiving alerts.

These exposed secrets include critical data such as passwords, API keys, TLS/SSL certificates, OAuth tokens, and encryption credentials – all of which, if obtained by a threat actor, lead to unauthorized access and costly data breaches. This data corroborates another report from summer of 2023 pointing to compromised credentials as the root cause of 50% of recorded attacks in the first half of last year.

Just this week, security researchers observed a new phishing campaign that delivered remote access trojans (RATs) like VCURMS and STRRAT via a malicious Java-based downloader. The attackers behind these RATs are employing sophisticated tactics, leveraging public services such as GitHub and Amazon Web Services (AWS) to store malware and evade detection.

Millions of organizations rely on source code management platforms like GitHub for software development, version control, and continuous integration and deployment (CI/CD). The abuse of such platforms speaks to a concerning trend where threat actors leverage public infrastructure for malicious purposes.

Securing DevOps platforms and open-source code repositories involves implementing access controls, updating dependencies, and enforcing strong authentication. Threat intelligence and security monitoring tools help detect and respond to suspicious activities, while solutions like XDR offer comprehensive protection against cyber threats and infrastructure abuse.

The Ugly | One-Day Flaws Exploited by Money-Hungry ‘Magnet Goblin’ Threat Actor

A financially motivated threat actor dubbed ‘Magnet Goblin’ has been exploiting one-day vulnerabilities in public-facing servers to distribute custom Linux malware. Magnet Goblin’s adoption of the flaws has been quick: Security researchers confirmed cases where the one-days were already being leveraged to gain initial entry.

In one instance, Magnet Goblin integrated an exploit for the Ivanti Connect Secure RCE bug (CVE-2024-21887) just a day after a proof-of-concept (PoC) was published online. This exploit facilitated arbitrary code execution, enabling the group to compromise systems that had not yet patched to the latest updates. Magnet Goblin’s exploits extend beyond Ivanti, targeting platforms like Magento (CVE-2022-24086), Qlik Sense (CVE-2023-41265, CVE-2023-41266, and CVE-2023-48365), and potentially Apache ActiveMQ.

The group is currently deploying custom remote access trojans (RATs) and backdoors, including variants of the Nerbian family such as NerbianRAT and MiniNerbian. Upon execution, NerbianRAT establishes communication with a command-and-control (C2) server, allowing malicious activities like executing commands, modifying connection intervals, and updating configurations.

Source: Check Point

Over the years, the Linux OS has attracted threat actors for its ubiquity, powering a significant portion of servers, cloud infrastructure, and IoT devices which, in turn, provides a large attack surface. Its open-source nature also allows actors to study its codebase, identifying vulnerabilities and developing tailored exploits. With emerging threat actors like Magnet Goblin adding to the threat landscape who take advantage of the chaos that follows released PoCs, having a strict patch management process in place becomes a critical factor in staying ahead of one-day flaws.

CEO of Data Privacy Company Onerep.com Founded Dozens of People-Search Firms

The data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.com finds this company is operating out of Belarus and Cyprus, and that its founder has launched dozens of people-search services over the years.

Onerep’s “Protect” service starts at $8.33 per month for individuals and $15/mo for families, and promises to remove your personal information from nearly 200 people-search sites. Onerep also markets its service to companies seeking to offer their employees the ability to have their data continuously removed from people-search sites.

A testimonial on onerep.com.

Customer case studies published on onerep.com state that it struck a deal to offer the service to employees of Permanente Medicine, which represents the doctors within the health insurance giant Kaiser Permanente. Onerep also says it has made inroads among police departments in the United States.

But a review of Onerep’s domain registration records and that of its founder reveal a different side to this company. Onerep.com says its founder and CEO is Dimitri Shelest from Minsk, Belarus, as does Shelest’s profile on LinkedIn. Historic registration records indexed by DomainTools.com say Mr. Shelest was a registrant of onerep.com who used the email address dmitrcox2@gmail.com.

A search in the data breach tracking service Constella Intelligence for the name Dimitri Shelest brings up the email address dimitri.shelest@onerep.com. Constella also finds that Dimitri Shelest from Belarus used the email address d.sh@nuwber.com, and the Belarus phone number +375-292-702786.

Nuwber.com is a people search service whose employees all appear to be from Belarus, and it is one of dozens of people-search companies that Onerep claims to target with its data-removal service. Onerep.com’s website disavows any relationship to Nuwber.com, stating quite clearly, “Please note that OneRep is not associated with Nuwber.com.”

However, there is an abundance of evidence suggesting Mr. Shelest is in fact the founder of Nuwber. Constella found that Minsk telephone number (375-292-702786) has been used multiple times in connection with the email address dmitrcox@gmail.com. Recall that Onerep.com’s domain registration records in 2018 list the email address dmitrcox2@gmail.com.

It appears Mr. Shelest sought to reinvent his online identity in 2015 by adding a “2” to his email address. A search on the Belarus phone number tied to Nuwber.com shows up in the domain records for askmachine.org, and DomainTools says this domain is tied to both dmitrcox@gmail.com and dmitrcox2@gmail.com.

Onerep.com CEO and founder Dimitri Shelest, as pictured on the “about” page of onerep.com.

A search in DomainTools for the email address dmitrcox@gmail.com shows it is associated with the registration of at least 179 domain names, including dozens of mostly now-defunct people-search companies targeting citizens of Argentina, Brazil, Canada, Denmark, France, Germany, Hong Kong, Israel, Italy, Japan, Latvia and Mexico, among others.

Those include nuwber.fr, a site registered in 2016 which was identical to the homepage of Nuwber.com at the time. DomainTools shows the same email and Belarus phone number are in historic registration records for nuwber.at, nuwber.ch, and nuwber.dk (all domains linked here are to their cached copies at archive.org, where available).

Nuwber.com, circa 2015. Image: Archive.org.

A review of historic WHOIS records for onerep.com show it was registered for many years to a resident of Sioux Falls, SD for a completely unrelated site. But around Sept. 2015 the domain switched from the registrar GoDaddy.com to eNom, and the registration records were hidden behind privacy protection services. DomainTools indicates around this time onerep.com started using domain name servers from DNS provider constellix.com. Likewise, Nuwber.com first appeared in late 2015, was also registered through eNom, and also started using constellix.com for DNS at nearly the same time.

Listed on LinkedIn as a former product manager at OneRep.com between 2015 and 2018 is Dimitri Bukuyazau, who says their hometown is Warsaw, Poland. While this LinkedIn profile (linkedin.com/in/dzmitrybukuyazau) does not mention Nuwber, a search on this name in Google turns up a 2017 blog post from privacyduck.com, which laid out a number of reasons to support a conclusion that OneRep and Nuwber.com were the same company.

“Any people search profiles containing your Personally Identifiable Information that were on Nuwber.com were also mirrored identically on OneRep.com, down to the relatives’ names and address histories,” Privacyduck.com wrote. The post continued:

“Both sites offered the same immediate opt-out process. Both sites had the same generic contact and support structure. They were – and remain – the same company (even PissedConsumer.com advocates this fact: https://nuwber.pissedconsumer.com/nuwber-and-onerep-20160707878520.html).”

“Things changed in early 2016 when OneRep.com began offering privacy removal services right alongside their own open displays of your personal information. At this point when you found yourself on Nuwber.com OR OneRep.com, you would be provided with the option of opting-out your data on their site for free – but also be highly encouraged to pay them to remove it from a slew of other sites (and part of that payment was removing you from their own site, Nuwber.com, as a benefit of their service).”

Reached via LinkedIn, Mr. Bukuyazau declined to answer questions, such as whether he ever worked at Nuwber.com. However, Constella Intelligence finds two interesting email addresses for employees at nuwber.com: d.bu@nuwber.com, and d.bu+figure-eight.com@nuwber.com, which was registered under the name “Dzmitry.”

PrivacyDuck’s claims about how onerep.com appeared and behaved in the early days are not readily verifiable because the domain onerep.com has been completely excluded from the Wayback Machine at archive.org. The Wayback Machine will honor such requests if they come directly from the owner of the domain in question.

Still, Mr. Shelest’s name, phone number and email also appear in the domain registration records for a truly dizzying number of country-specific people-search services, including pplcrwlr.in, pplcrwlr.fr, pplcrwlr.dk, pplcrwlr.jp, peeepl.br.com, peeepl.in, peeepl.it and peeepl.co.uk.

The same details appear in the WHOIS registration records for the now-defunct people-search sites waatpp.de, waatp1.fr, azersab.com, and ahavoila.com, a people-search service for French citizens.

The German people-search site waatp.de.

A search on the email address dmitrcox@gmail.com suggests Mr. Shelest was previously involved in rather aggressive email marketing campaigns. In 2010, an anonymous source leaked to KrebsOnSecurity the financial and organizational records of Spamit, which at the time was easily the largest Russian-language pharmacy spam affiliate program in the world.

Spamit paid spammers a hefty commission every time someone bought male enhancement drugs from any of their spam-advertised websites. Mr. Shelest’s email address stood out because immediately after the Spamit database was leaked, KrebsOnSecurity searched all of the Spamit affiliate email addresses to determine if any of them corresponded to social media accounts at Facebook.com (at the time, Facebook allowed users to search profiles by email address).

That mapping, which was done mainly by generous graduate students at my alma mater George Mason University, revealed that dmitrcox@gmail.com was used by a Spamit affiliate, albeit not a very profitable one. That same Facebook profile for Mr. Shelest is still active, and it says he is married and living in Minsk (last update: 2021).

The Italian people-search website peeepl.it.

Scrolling down Mr. Shelest’s Facebook page to posts made more than ten years ago show him liking the Facebook profile pages for a large number of other people-search sites, including findita.com, findmedo.com, folkscan.com, huntize.com, ifindy.com, jupery.com, look2man.com, lookerun.com, manyp.com, peepull.com, perserch.com, persuer.com, pervent.com, piplenter.com, piplfind.com, piplscan.com, popopke.com, pplsorce.com, qimeo.com, scoutu2.com, search64.com, searchay.com, seekmi.com, selfabc.com, socsee.com, srching.com, toolooks.com, upearch.com, webmeek.com, and many country-code variations of viadin.ca (e.g. viadin.hk, viadin.com and viadin.de).

The people-search website popopke.com.

Domaintools.com finds that all of the domains mentioned in the last paragraph were registered to the email address dmitrcox@gmail.com.

Mr. Shelest has not responded to multiple requests for comment. KrebsOnSecurity also sought comment from onerep.com, which likewise has not responded to inquiries about its founder’s many apparent conflicts of interest. In any event, these practices would seem to contradict the goal Onerep has stated on its site: “We believe that no one should compromise personal online security and get a profit from it.”

The people-search website findmedo.com.

Max Anderson is chief growth officer at 360 Privacy, a legitimate privacy company that works to keep its clients’ data off of more than 400 data broker and people-search sites. Anderson said it is concerning to see a direct link between between a data removal service and data broker websites.

“I would consider it unethical to run a company that sells people’s information, and then charge those same people to have their information removed,” Anderson said.

Last week, KrebsOnSecurity published an analysis of the people-search data broker giant Radaris, whose consumer profiles are deep enough to rival those of far more guarded data broker resources available to U.S. police departments and other law enforcement personnel.

That story revealed that the co-founders of Radaris are two native Russian brothers who operate multiple Russian-language dating services and affiliate programs. It also appears many of the Radaris founders’ businesses have ties to a California marketing firm that works with a Russian state-run media conglomerate currently sanctioned by the U.S. government.

KrebsOnSecurity will continue investigating the history of various consumer data brokers and people-search providers. If any readers have inside knowledge of this industry or key players within it, please consider reaching out to krebsonsecurity at gmail.com.

Exploiting Repos | 6 Ways Threat Actors Abuse GitHub & Other DevOps Platforms

For millions of organizations today, source code management platforms like GitHub play a fundamental role in software development, operating as a central hub for both proprietary and open-source code repositories, enabling collaboration, version control and continuous integration and deployment (CI/CD).

In this blog post, we explore the less-discussed side of these essential platforms, where threat actors leverage their features for malicious activities, to stage cyber attacks and steal sensitive data. By understanding the ways threat actors abuse such platforms, organizations can better equip themselves to protect their repositories and mitigate the potential risks associated with code sharing and CI/CD platforms.

Current Threat Landscape | SaaS Abuse On the Rise

The compromise of open-source software projects is becoming more prevalent, with threat actors targeting libraries distributed via package managers and public repositories like PyPI, Crate.io, and GitHub. After infiltrating these trusted resources, threat actors can inject vulnerabilities into widely-used software, potentially compromising the security of many more associated applications and systems.

Beyond the cyber threat on open-source platforms, a broader trend has emerged: Legitimate internet services and critical platforms are frequently exploited by threat actors for malicious activities. GitLab and BitBucket, used for source code management and version control, have also suffered from bugs leading to opportunities for threat actors to gain access to sensitive data, propagate malware, and orchestrate various forms of cybercrime.

Notable Cases of Recent Repo Hacks

Some prominent cyber attacks that leveraged shared code repositories include:

  • Pro-Russia hacktivist group NoName057(16) made headlines by leveraging GitHub to host its toolkit and enticing key contributors with payments.
  • The Rust development community fell victim to the CrateDepression supply-chain attack, which specifically targeted organizations using GitLab Continuous Integration (CI) pipelines.
  • The 3CX SmoothOperator supply chain attack involved pulling encrypted C2 details hidden in icon files hosted in a dedicated GitHub repository.
  • The recent ‘everything’ package prank exposed the potential for GitHub to be used in denial-of-service attacks, highlighting the broader repercussions of such abuse on global software ecosystems.
  • Secret Gists and git commit commands have been used to deliver C2 commands and retrieve malware payloads.
  • A GitHub leak reported earlier this year impacted major brands like Toyota, Mercedes Benz, Binance, and X (formerly Twitter), exposing sensitive proprietary code and credentials.

1. Hosting Malware & Phishing Campaigns

The most obvious misuse of code sharing platforms is hosting malware in plain sight. Threat actors create repositories that appear benign at first glance but can be used to trick developers into downloading and executing code that holds malware or facilitates phishing schemes. Poisoned projects can help attackers reach far more victims if developers unwittingly build bad code into legitimate software, as well as target specific enterprises.

Robust code review processes are essential for detecting malicious code within repositories. Automated scanning tools can further enhance security by identifying known malware signatures and suspicious patterns. To combat the risk of phishing, educating developers and users about common schemes is crucial, especially when users are interacting with code from untrusted sources.

GitHub Malware Advisory
GitHub Malware Advisory

2. Hosting Command & Control (C2)

Public repositories can serve as a strategic platform for threat actors to distribute or host command-and-control (C2) servers, or more commonly to serve as channels by which to distribute C2 URLs, fallback commands or configuration files.

The ability to blend in with legitimate network traffic and sidestep domain block lists makes public code repositories highly attractive. In addition, high uptime and ubiquity of the services make GitHub and similar platforms ideal for attackers’ decentralized C2 infrastructure. Tactics such as dead drop resolvers and obfuscated domains embedded within web services help adversaries to obscure back-end C2 infrastructure from discovery through malware binary analysis.

Organizations can implement network traffic monitoring and anomaly detection systems to help identify unusual patterns indicative of C2 communication. Additionally, leveraging threat intelligence feeds to block known malicious IP addresses and domains associated with C2 infrastructure can enhance defense mechanisms. Defenders should also conduct regular auditing and proactively revoke access for suspicious accounts or repositories.

3. Credential Theft & Supply Chain Attacks

Code repositories have become a prime target for threat actors targeting credential theft and supply chain attacks.

Git repositories can contain not only proprietary code but also sensitive credentials like API keys, passwords, and cryptographic keys.

To defend against such risks, organizations can adopt robust authentication mechanisms such as multi-factor authentication (MFA) and OAuth to safeguard their user accounts and credentials. Implementing a secrets management solution can also support more secure storage and management of sensitive credentials, reducing exposure to potential attackers. Security leaders can also consider deploying code signing and verification mechanisms to ensure the integrity of software supply chains.

4. Cloning & Manipulating GitHub (& Other) Repos

Adversaries may inject malicious code directly into exposed libraries or submit fraudulent pull requests, introducing backdoors, executing code injection attacks, or leverage proof-of-concept code, often itself hosted on public repositories like GitHub, to expliot vulnerabilities in open source code.

Attackers have been seen cloning GitHub repositories and adding malicious code to forks designed to infect developer systems and pilfer sensitive files that included software keys.

In another case, suspicious commits in hundreds of GitHub repositories were discovered to be carrying malicious code. All of the commit messages were created by attackers to disguise their exfiltration of secrets to a C2 server before they injected web-form password-stealing malware into JavaScript files.

Regularly updating and patching dependencies is critical for addressing known vulnerabilities and security issues. Security defenders are also advised to stay informed on emerging security alerts providing updates related to third-party libraries used by their organizations.

Software composition analysis (SCA) tools can enhance security by scanning repositories for vulnerable dependencies and automating remediation or flagging issues for manual review.

5. Abuse of GitHub Actions & CI/CD Pipelines

Threat actors have exploited GitHub’s continuous integration/continuous deployment (CI/CD) pipelines and automation features, such as GitHub Actions, to automate malicious activities and orchestrate attacks. By leveraging these capabilities, they deploy malware, exfiltrate data, or execute unauthorized commands within CI/CD workflows.

To combat these risks, enforce least privilege access controls to restrict the execution of CI/CD workflows and automation scripts and reduce the attack surface. Pre-defined templates and secure coding practices can also help prevent injection attacks and unauthorized code execution.

Security teams may also adopt logging and auditing features in order to more thoroughly track changes and activities within CI/CD pipelines. GitHub’s guide to security hardening for GitHub Actions provides further advice, as does CISA’s guide on how to defend CI/CD environments.

6. Distributed Denial of Service (DDoS) Attacks

Public hosting infrastructure and version control systems have been increasingly exploited to orchestrate distributed-denial-of-service (DDoS) attacks. Flooding repositories or services with a high volume of requests disrupts normal operations, degrades performance, and renders services unavailable to legitimate users.

In the case of the GMP project, an open source arithmetic library, servers came under attack by several hundred IP addresses owned by Microsoft, causing a surge of network traffic and slowed associated programs linked to the library to a crawl.

Note by principal author of GMP to the project’s mailing list
Note by principal author of GMP to the project’s mailing list

Deploying web application firewalls (WAFs) and implementing rate limiting mechanisms can help mitigate DDoS attacks targeting public repositories and services. Content delivery networks (CDNs) can enable organizations to distribute traffic and absorb volumetric attacks, reducing the impact on GitHub’s infrastructure.

Security teams are also recommended to implement network-level defenses such as traffic filtering and IP reputation blocklisting, which aid in preventing malicious traffic and safeguarding public infrastructure from disruption.

Conclusion

Defending Continuous Integration/Continuous Delivery environments is an essential part of an enterprise’s security posture. Implementing least privilege access controls to restrict unauthorized actions, prioritizing on regularly updating and patching dependencies are key to mitigating vulnerabilities, along with enforcing strong authentication mechanisms to protect user accounts and credentials for resources hosted on source code management platforms.

Utilizing threat intelligence feeds and security monitoring tools designed to proactively identify and respond to suspicious activities are also key to minimizing the risk of exploitation and data breaches. Solutions like XDR can play a large role in protecting organizations from cyber threats originating from public infrastructure abuse and exploitation by providing comprehensive visibility, advanced analytics, automated response, and centralized management capabilities.

Learn more about Singularity XDR by booking a demo with us today, or contacting our expert team directly.

SentinelOne Singularity XDR
See how SentinelOne XDR provides end-to-end enterprise visibility, powerful analytics, and automated response across your complete technology stack.

Patch Tuesday, March 2024 Edition

Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS. Meanwhile, Apple’s new macOS Sonoma addresses at least 68 security weaknesses, and its latest update for iOS fixes two zero-day flaws.

Last week, Apple pushed out an urgent software update to its flagship iOS platform, warning that there were at least two zero-day exploits for vulnerabilities being used in the wild (CVE-2024-23225 and CVE-2024-23296). The security updates are available in iOS 17.4, iPadOS 17.4, and iOS 16.7.6.

Apple’s macOS Sonoma 14.4 Security Update addresses dozens of security issues. Jason Kitka, chief information security officer at Automox, said the vulnerabilities patched in this update often stem from memory safety issues, a concern that has led to a broader industry conversation about the adoption of memory-safe programming languages [full disclosure: Automox is an advertiser on this site].

On Feb. 26, 2024, the Biden administration issued a report that calls for greater adoption of memory-safe programming languages. On Mar. 4, 2024, Google published Secure by Design, which lays out the company’s perspective on memory safety risks.

Mercifully, there do not appear to be any zero-day threats hounding Windows users this month (at least not yet). Satnam Narang, senior staff research engineer at Tenable, notes that of the 60 CVEs in this month’s Patch Tuesday release, only six are considered “more likely to be exploited” according to Microsoft.

Those more likely to be exploited bugs are mostly “elevation of privilege vulnerabilities” including CVE-2024-26182 (Windows Kernel), CVE-2024-26170 (Windows Composite Image File System (CimFS), CVE-2024-21437 (Windows Graphics Component), and CVE-2024-21433 (Windows Print Spooler).

Narang highlighted CVE-2024-21390 as a particularly interesting vulnerability in this month’s Patch Tuesday release, which is an elevation of privilege flaw in Microsoft Authenticator, the software giant’s app for multi-factor authentication. Narang said a prerequisite for an attacker to exploit this flaw is to already have a presence on the device either through malware or a malicious application.

“If a victim has closed and re-opened the Microsoft Authenticator app, an attacker could obtain multi-factor authentication codes and modify or delete accounts from the app,” Narang said. “Having access to a target device is bad enough as they can monitor keystrokes, steal data and redirect users to phishing websites, but if the goal is to remain stealth, they could maintain this access and steal multi-factor authentication codes in order to login to sensitive accounts, steal data or hijack the accounts altogether by changing passwords and replacing the multi-factor authentication device, effectively locking the user out of their accounts.”

CVE-2024-21334 earned a CVSS (danger) score of 9.8 (10 is the worst), and it concerns a weakness in Open Management Infrastructure (OMI), a Linux-based cloud infrastructure in Microsoft Azure. Microsoft says attackers could connect to OMI instances over the Internet without authentication, and then send specially crafted data packets to gain remote code execution on the host device.

CVE-2024-21435 is a CVSS 8.8 vulnerability in Windows OLE, which acts as a kind of backbone for a great deal of communication between applications that people use every day on Windows, said Ben McCarthy, lead cybersecurity engineer at Immersive Labs.

“With this vulnerability, there is an exploit that allows remote code execution, the attacker needs to trick a user into opening a document, this document will exploit the OLE engine to download a malicious DLL to gain code execution on the system,” Breen explained. “The attack complexity has been described as low meaning there is less of a barrier to entry for attackers.”

A full list of the vulnerabilities addressed by Microsoft this month is available at the SANS Internet Storm Center, which breaks down the updates by severity and urgency.

Finally, Adobe today issued security updates that fix dozens of security holes in a wide range of products, including Adobe Experience Manager, Adobe Premiere Pro, ColdFusion 2023 and 2021, Adobe Bridge, Lightroom, and Adobe Animate. Adobe said it is not aware of active exploitation against any of the flaws.

By the way, Adobe recently enrolled all of its Acrobat users into a “new generative AI feature” that scans the contents of your PDFs so that its new “AI Assistant” can  “understand your questions and provide responses based on the content of your PDF file.” Adobe provides instructions on how to disable the AI features and opt out here.

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform.

An extortion message currently on the Incognito Market homepage.

In the past 24 hours, the homepage for the Incognito Market was updated to include a blackmail message from its owners, saying they will soon release purchase records of vendors who refuse to pay to keep the records confidential.

“We got one final little nasty surprise for y’all,” reads the message to Incognito Market users. “We have accumulated a list of private messages, transaction info and order details over the years. You’ll be surprised at the number of people that relied on our ‘auto-encrypt’ functionality. And by the way, your messages and transaction IDs were never actually deleted after the ‘expiry’….SURPRISE SURPRISE!!! Anyway, if anything were to leak to law enforcement, I guess nobody never slipped up.”

Incognito Market says it plans to publish the entire dump of 557,000 orders and 862,000 cryptocurrency transaction IDs at the end of May.

“Whether or not you and your customers’ info is on that list is totally up to you,” the Incognito administrators advised. “And yes, this is an extortion!!!!”

The extortion message includes a “Payment Status” page that lists the darknet market’s top vendors by their handles, saying at the top that “you can see which vendors care about their customers below.” The names in green supposedly correspond to users who have already opted to pay.

The “Payment Status” page set up by the Incognito Market extortionists.

We’ll be publishing the entire dump of 557k orders and 862k crypto transaction IDs at the end of May, whether or not you and your customers’ info is on that list is totally up to you. And yes, this is an extortion!!!!

Incognito Market said it plans to open up a “whitelist portal” for buyers to remove their transaction records “in a few weeks.”

The mass-extortion of Incognito Market users comes just days after a large number of users reported they were no longer able to withdraw funds from their buyer or seller accounts. The cryptocurrency-focused publication Cointelegraph.com reported Mar. 6 that Incognito was exit-scamming its users out of their bitcoins and Monero deposits.

CoinTelegraph notes that Incognito Market administrators initially lied about the situation, and blamed users’ difficulties in withdrawing funds on recent changes to Incognito’s withdrawal systems.

Incognito Market deals primarily in narcotics, so it’s likely many users are now worried about being outed as drug dealers. Creating a new account on Incognito Market presents one with an ad for 5 grams of heroin selling for $450.

New Incognito Market users are treated to an ad for $450 worth of heroin.

The double whammy now hitting Incognito Market users is somewhat akin to the double extortion techniques employed by many modern ransomware groups, wherein victim organizations are hacked, relieved of sensitive information and then presented with two separate ransom demands: One in exchange for a digital key needed to unlock infected systems, and another to secure a promise that any stolen data will not be published or sold, and will be destroyed.

Incognito Market has priced its extortion for vendors based on their status or “level” within the marketplace. Level 1 vendors can supposedly have their information removed by paying a $100 fee. However, larger “Level 5” vendors are asked to cough up $20,000 payments.

The past is replete with examples of similar darknet market exit scams, which tend to happen eventually to all darknet markets that aren’t seized and shut down by federal investigators, said Brett Johnson, a convicted and reformed cybercriminal who built the organized cybercrime community Shadowcrew many years ago.

“Shadowcrew was the precursor to today’s Darknet Markets and laid the foundation for the way modern cybercrime channels still operate today,” Johnson said. “The Truth of Darknet Markets? ALL of them are Exit Scams. The only question is whether law enforcement can shut down the market and arrest its operators before the exit scam takes place.”

Five Ways to Inspire Inclusion Through Allyship

On International Women’s Day, we celebrate the diverse talents, skills, and perspectives that women bring to our workplace and our world. This year’s theme is #InspireInclusion – a fitting call to action for women and allies to continue on this journey as we work to enjoy the same rights, opportunities and impact as our male counterparts.

Allyship is defined as the actions, behaviors, and practices that leaders take to support, amplify, and advocate with others, most especially with individuals who don’t belong to the same social identities as themselves. Men are a key part of our strong ally base at SentinelOne, fortified by an amazing group of female leaders who have ascended on their career trajectory in cybersecurity and have committed to taking other women with them on the journey.

Today we want to share five ways to #InspireInclusion through allyship at your organization to enable women to have the same access to successful, fulfilling careers in tech and have game-changing impact on their workplaces and communities.

Change Starts At the Top

According to the Women In Cybersecurity Report, women held 25% of cybersecurity jobs globally in 2022, up from 20% in 2019 and 10% in 2013. When we look at women in leadership, the gap is even wider. According to Women in Tech Network, only 5% of leadership positions in the tech sector are held by women.

At SentinelOne, we prioritize bridging the gender gap at the leadership level knowing it propels our efforts as we continue to diversify at all levels of the organization. Today, over 30% of all VPs at SentinelOne and 39% of the C-Suite leaders are women. Last year, 47% of our newly hired VP+ leaders and 32% of our internal VP+ promotions were also women. Driving massive change like this takes an intentional strategy and the collective efforts of committed allies who believe that equity in the workplace drives better business results.

1 – Commit to Purposeful Talent Acquisition & Development

You can’t wish for 50% of female candidates to walk through your door – you have to work for it! It starts with a diverse candidate slate, which can be extremely challenging in tech and specifically cybersecurity. Our goal is to have the top of the candidate pipeline consist 50-75% of women to increase the likelihood of having at least two female finalists. Critically adjacent to this strategy is having one woman on the interview panel.

Sourcing women early in career is a great strategy to find female talent. Having an internship program funneled by a university recruiting effort is very effective at SentinelOne. Partnering with collegiate chapters of Women in CyberSecurity (WiCyS) to engage candidates across the globe only strengthens this part of our pipeline.

We know that if we don’t work to develop our people and enable them with career opportunities, our competitors will. Losing women to the next opportunity will negate your efforts to bridge the gender gap, so keep them engaged and learning while making space for them to grow within your organization. Robust learning and development opportunities are critical for all, and maybe even more so for women as we try to make progress. A well-laid out career pathing program with defined experiences and skill sets for each level will let women know what needs to be added to their knowledge base to prepare for their next opportunity.

2 – Understand That Mentorship Matters

It’s a zero-cost, high-return strategy to drive gender parity. A win-win on both sides of the equation, both parties can learn and grow through high-quality mentor-mentee relationships. Mentorship is critical in shaping careers, giving women a safe place to ask questions and gain insights that can build confidence and guide them through career challenges.

I encourage you to seek the power of difference in the women you mentor. We often gravitate to the people most like us, but considering a mentee of a different gender, function, level or even organization can contribute to the richness of the relationship. Embracing a growth mindset and being conscious of your bias can be extremely beneficial for both sides of the relationship.

If your organization does not have a formal mentorship program, consider advocating for one. At SentinelOne, we launched MentorOne last year with tremendous success and already established 200+ mentor relationships. If that’s not a feasible option, I urge you to recruit a woman to mentor. A thoughtful quarterly conversation is an investment that could pay dividends for years to come.

3 – Champion & Sponsor Women At All Levels

Making this effort a daily behavior can drive substantial change in your workplace culture. Amplifying the women you know doing great work by giving them credit for their ideas and accomplishments can go a long way in boosting confidence and helping strong performers shape their brand. So often we are onto the next task without recognizing how we accomplished the last one, so celebrate! Reach out to the leaders of high-performing women and share authentic accolades to recognize their impact.

Getting involved with the Employee Resource Groups at your organization is a great way to show your allyship. Our Women’s Inclusion Network at SentinelOne is an army that is 160+ strong, full of women and allies who start conversations that both move the business forward and create a safe space for learning, making space for all voices.

Inviting more women into conversations serves two purposes – instilling confidence and sourcing ideas and solutions to drive your business forward! Asking them to share opinions and ideas is an easy way to build the muscle of confidence. Also be careful not to interrupt someone sharing an idea, even if it’s just to reinforce their point.

If you are new to the sponsorship game, get creative! It can be as simple as attending an event sponsored by an employee resource group and asking a thoughtful question or offering support in the live chat. Just seeing your face in a room or on Zoom can let your female colleagues know that you are an ally. Volunteering is another way to become a champion, sharing your career insights and skill sets to inspire the next generation of tech and cybersecurity professionals.

4 – Embrace the Tough Conversations

Tough conversations are often great catalysts for change. It’s important to speak up – if you hear something, say something. Allowing microaggressions in the workplace only reinforces the age-old problem of imposter syndrome, something 75% of all working women have experienced at some point in their career.

Women often face a double standard at work in regards to their behavior. Historically in the workplace, women with confidence and strength were described as pushy and aggressive. If you hear a woman being described in that way, ask yourself, would the same words be used to describe her male counterpart showing the same behavior? If the answer is ‘no’, challenge that in the moment. Be part of the action that helps to build up the brand of a strong woman while taking down the cycle of this double standard.

Give women in your network the gift of direct, in the moment feedback. Women are often juggling so much, multi-tasking the full-time responsibility of family and career. Communicating with honesty, patience and kindness makes even difficult feedback a teachable moment that can change the trajectory of a woman’s career. Be sure to ask probing questions, listening carefully to understand before jumping into working through a solution.

5 – Inspire Inclusion All Year Long 

March is just a moment for celebration. Action planning and execution needs to be top of mind 12 months of the year if we are going to close the gender gap in the workplace.

I challenge all non-birthing parents to start at home by sharing household responsibilities, freeing up time and energy for your partner to also focus on career growth. If your company offers a gender-neutral parental leave, take it to establish your role as a caregiver. Hearing from Sentinel parents who cherished our 16-week benefit is a huge source of pride, knowing the ripple effect it will have on their child’s lifetime.

Just recently, a father returning from parental leave sent me the following thank you note:

“Having this uninterrupted time with my children has strengthened our bond and created cherished memories that will last a lifetime. It has allowed me to return to work feeling refreshed, energized, and even more committed to my role at the company. I witnessed how my wife experienced her postpartum period in a totally different, much more pleasant and relaxing way. I also gained a deeper appreciation for the sacrifices and dedication my wife makes each day to care for our family.”

Happy International Women’s Day from SentinelOne!

Take action, in small ways and big ways, and we will continue to drive progress. Start by joining your organization’s Women’s Inclusion Network and contributing to the conversation. Continually ask how you can help, and seek out an important role in gender parity efforts. Making a commitment to #InspireInclusion is not just something we are doing to improve the workplace – it’s a call to action to improve the world!

The Good, the Bad and the Ugly in Cybersecurity – Week 10

The Good | U.S. Sanctions Spyware Targeting Government Officials & Journalists

This week the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) took a stand against commercial spyware specifically crafted to target government officials, journalists, and policy experts within the nation. Sanctions were placed on individuals and five entities affiliated with Intellexa Alliance for their involvement in the creation, operation, and dissemination of the spyware.

This move comes in response to the threat posed by escalating adoption of commercial spyware, which not only poses significant security risks within the United States, but has also been exploited by foreign entities to abuse human rights, suppress dissident voices around the world, and foster state-sponsored cyber espionage campaigns. According to OFAC, Intellexa boasts a global clientele, including authoritarian regimes, and acted as a consortium of several companies linked to mercenary spyware solutions such as Predator.

Predator spyware is capable of infiltrating both Android and iOS devices through zero-click attacks, granting operators unrestricted access to sensitive data and the ability to monitor designated targets covertly. OFAC disclosed that Predator had been deployed against U.S. government officials, journalists, and policy experts by unspecified foreign actors.

The sanctions target key figures and entities within the Intellexa Alliance, including its founder, a corporate specialist, and various affiliate companies, all of which belong to economic blocklists. A strong follow-up to the Biden administration’s commitment to countering spyware technology, the sanctions place visa restrictions on all individuals involved in the misuse of commercial spyware. This is a significant and first-of-its-kind step in curbing the illicit activities of mercenary spyware companies and rallies international organizations against doing business with or supporting sanctioned entities and individuals.

The Bad | Google AI Technology Stolen by Ex-Employee for China Tech Firms

A 38-year-old Chinese national and a California resident has been indicted for allegedly stealing trade secrets from Google while secretly collaborating with two China-based tech firms.

Linwei “Leon” Ding, a former Google engineer arrested this week, stands accused of illicitly transferring proprietary and confidential data to his personal account while covertly affiliating with companies in China’s artificial intelligence (AI) sector, as stated by the DoJ. Ding purportedly stole over 500 confidential files containing AI trade secrets with the intent of providing an advantage to Chinese companies in the ongoing, global AI race.

The DoJ emphasized that Ding’s actions gave unfair competitive benefits to himself and the affiliated PRC-based companies by stealing information on Google’s supercomputer data center infrastructure used specifically for hosting large and sophisticated AI models.

Ding is accused of concealing the theft by copying data from Google source files to the Apple Notes application on his company-provided MacBook, converting them to PDF files, and then uploading them to his Google account. Ding currently faces four counts of theft of trade secrets, each carrying a maximum penalty of 10 years in prison and up to a $250,000 fine if convicted.

Last year, President Biden issued an executive order on AI, intended to maintain America’s leadership in AI development, particularly in light of competition from nations such as China. Both the U.S. and Chinese governments recognize AI as an emerging technology that is strategically important with vast potential to enhance economic productivity across civilian industries and provide key capabilities for military and intelligence purposes. Theft of trade secrets and intelligence fuels economic espionage and other national-level security concerns related to advancements in AI technology.

The Ugly | BlackCat Ransomware Gang Pulls off Exit Scam

It seems that BlackCat ransomware operators have pulled a vanishing act this week, taking down their darknet website after allegedly scamming $22 million from one of their affiliates, currently attributed with attacking a subsidiary of healthcare giant, UnitedHealth Group.

While the gang has shut down its servers, data leak blog, and ransomware operation negotiation sites, security researchers have called out the likely possibility of an exit scam or an effort in rebranding the entire ransomware-as-a-service (RaaS) operation under a new identity. Source code analysis done on the takedown notice shows that it was taken from an archived leak site and displayed using a Python HTTP server. Further, Europol and the U.K.’s National Crime Agency (NCA) have declined involvement in taking down BlackCat operations.

This abrupt disappearance follows reports of a purported $22 million ransom payment received from UnitedHealth’s Change Healthcare unit, with allegations that the group reneged on sharing the proceeds with an affiliate involved in the attack. Speculations emerged from a disgruntled affiliate, known as ‘notchy’, who accused BlackCat of embezzling funds after their account suspension on the RAMP cybercrime forum, which also hints at the possibility of an exit scam and eventual rebranding.

So far, the cyber defense community has seen BlackCat ransomware run through various life cycles and monikers, including DarkSide/BlackMatter. The latest occurred in December of 2023 when BlackCat’s servers were hacked by the FBI and an international law enforcement operation seized their Tor negotiation and data leak sites. However, the gang was able to restart its operations. With a speculated exit scam to evade consequences and a possible rebrand on the way, organizations are reminded of the resilience and adaptability of modern ransomware operations.

PinnacleOne ExecBrief | Malicious Insider Threat to Strategic Enterprises

Last week, PinnacleOne examined China’s application of emerging AI tools to augment their rapidly improving cyber capabilities and emphasized the urgency for defenders to keep pace.

This week, we focus on the recent arrest of a PRC national indicted for theft of Google AI IP and we identify lessons learned for firms to improve malicious insider threat detection and response.

Please subscribe to read future issues — and forward this newsletter to your colleagues to get them to sign up as well.

Feel free to contact us directly with any comments or questions: pinnacleone-info@sentinelone.com

Insight Focus: Malicious Insider Threat to Strategic Enterprises

The recent indictment and arrest of a PRC national for theft and transfer of Google’s AI related trade secrets illustrates the nature and scope of the insider threat facing strategic enterprises.

The case shows how relatively unsophisticated techniques were able to evade Google’s data loss prevention system and insider threat program, and how a delayed response increased risk.

Firms working at the leading edge of technology (like frontier AI model labs) and those in the crosshairs for strategic geopolitical targeting must catch up to the scale of the threat, immediately.

Google’s Insider Detection and Investigation Failures

  1. An indicted lead software engineer, Ding Linwei worked on confidential LLM infrastructure and software systems that trained and ran Google Brain, DeepMind, and Anthropic IP.
  2. He exfiltrated over 500 confidential files by copying data from Google source files into the Apple Notes application on his Google-issued MacBook laptop, converted those notes into PDF files, and uploaded them from the Google network into a separate, personal Google drive account, which evaded detection by Google’s data loss prevention systems.
  3. He also had a fellow employee use his access badge to scan into his assigned Google office building while he was in China conducting business activities using the stolen information.
  4. Ding was only investigated by Google when he uploaded files from the Google network to a second personal account while he was in the PRC, but his access was not subsequently limited. He arrived in China on October 29th, but his presence was not detected until December 8th, 2023.
  5. Google suspended his network access and remotely locked his laptop 27 days after the investigation began, three days after he resigned, and only when Google discovered that Ding had presented his business plan at a Beijing investor conference as CEO of a company that would focus on the same technology stolen from Google.

Lessons Learned

  1. The attack surface goes beyond narrow trust boundaries and access control for crown jewels and extends across distributed or 3rd-party networks and infrastructure.
  2. Malicious insiders may spend years in the firm enhancing their access and conducting covert collection – more overt indicators tend to only arise after the horse has left the barn.
  3. Physical correlation of network detections enhanced by AI are necessary but not sufficient. Expert counterintelligence investigators must discern and mitigate at speed to mitigate enterprise risk.
  4. Tradecraft for lone wolf commercial espionage is less sophisticated than a foreign intelligence operation, but it was nevertheless successful in this case – the accelerating economic returns from AI businesses will exponentially increase the financial incentive for insider employees to steal.
  5. Frontier model labs and other firms working on strategic and prized technologies should consider (as an ideal, if potentially unreachable goal) security controls that mirror those used to protect government special access programs, including strict compartmentalization, personal reliability examinations, travel monitoring and reporting, comprehensive network monitoring, and continuous insider threat hunting. Design programs with the future value of the tech in mind.

Insider Threat Mitigation

Firms should develop and assess a comprehensive set of insider threat scenarios tailored to their threat model, technical controls, organizational design, and internal culture. See below for some example threat scenarios that span nation-state and lone-wolf/commercial threat actor profiles, plausible targets and objectives, and attack paths/exploitation methods.

Insider Threat Scenarios for Security Control Validation and Program Assessment

These scenarios are by no means comprehensive but should serve as a starting point for firms to validate controls and develop a roadmap for process, technology, and organizational improvements. In 2022, PinnacleOne worked with a firm exiting Russia to test over 100 insider scenarios. We found their detection and response capabilities (alerts, triage, escalation, etc.) mostly inadequate. We are also currently helping a systemically important SaaS firm assess and improve their insider trust program.

Implications for Geopolitically Targeted Multinationals

China has an explicit strategy to target industries via insider and cyber espionage to transfer valuable IP and know-how that supports economic competitiveness and military capabilities. The set of firms that fall into this geopolitical bullseye are known, but the list is expanding and the political incentives to pursue more aggressive targeting will continue to grow.

Insider threats extend beyond IP theft and include intentional weakening of cybersecurity controls (e.g., cloud misconfigurations by IT insiders) or even covert sabotage of products or services (where such sabotage might support tactical objectives in a conflict scenario). The threat is real and growing.