The Dark Side of ChatGPT + this org told their customers to STOP using their services

In this week's Cyber Weekly:

1. The Dark Side of ChatGPT
2. LCBO Hacked
3. Investigation unravelling
4. Is this what every company should do when they're hacked?
5. In case you didn't know

Thanks to all 11, 237 subscribers. It really takes a community to fight against cyberattacks. By sharing and commenting on these newsletters, we can reach more people and help others from becoming a statistic. Share your comments below or simply like the post.

Also, follow me on LinkedIn for daily cyber security discussions >> Luigi Tiano.

1. The Dark side of ChatGPT

‍

The Generative AI platform launched by OpenAI took the world by storm when over 1 million people signed up to the free software program within one week. YouTube videos, News segments and blogs have poured into mainstream media about the pros and cons of the platform. As many reports focus on ChatGPT disrupting the education system with “plagiarism,” very few are addressing how it’s affecting cyber crime.

‍

There is evidence that cybercriminals are using ChatGPT to create their first malware scripts. Underground hacking forums are discussing how to use the AI tool to recreate malware strains. Conversations on this forum also discussed how to install a backdoor on a computer and could infect a PC with more malware. (PCmag)

‍

Thoughts: There is no doubt that Generative AI like ChatGPT is an impressive tool that will definitely be a game changer for individuals and industries. However, should we consider restricting it’s capabilities? Will ChatGPT help law enforcement to identify those who are using it for harm? How will OpenAI govern the use of the platform and will they cooperate with law enforcement to catch potential criminals?

‍

‍

2. LCBO hacked

‍

In Ontario, the government distributes the alcohol across the province through the Liquor Control Board of Ontario (LCBO). Last week, an unauthorized party hacked their website and embedded malicious code. As a result, a third-party collected names, credit card information and passwords of those who used the website since the malicious code was embedded. The extent of the incident is unknown. The ransomware gang responsible for the attack is also unknown. (cbcnews)

‍

My thoughts: If people couldn’t get alcohol, (more importantly the government didn’t collect their taxes) would cyber security be a higher priority?

‍

‍

3. Investigation of Louisiana Hospital

‍

On October 21, 2023 unusual activity was identified at the Lake Charles Memorial Health System in Louisiana. The largest medical complex in Lake Charles, Louisiana with over 400 beds suffered a data breach. Upon investigating, almost 270,000 were affected by the breach. The ransomware group, The Hive, was responsible for the attack. An internal investigation concluded on October 25, 2022 and revealed the types of files stolen:

• Full names
• Physical addresses
• Dates of birth
• Medical records
• Patient identification numbers
• Health insurance information
• Payment information
• Limited clinical information regarding the received care
• Social Security numbers (in some cases)

‍

They started emailing victims in December 2022. (bleepingcomputer)

‍

My thoughts: The internal investigation took 4 days. Then they took 3 months to let patients know what happened. This brings up two points. First, companies who claim they are still “investigating” after months, in my opinion are not telling the whole truth. They absolutely have a good idea of what happened and who is affected. Second, why did they take so long to let patients know. It was probably too late for some people. I wouldn’t be surprised if they were already part of another attack.

‍

‍

4. When company tells you to stop using its services

‍

The UK’s Royal Mail service were hit by a ransomware attack last week. They described it as a “cyber-incident”. The attack affected their international shipping abilities. The service came out and urged customers to not send any packages or letters internationally until further notice. The Royal Mail didn’t have many details to share about the incident. They did blame the LockBit ransomware gang. However, the cyber criminals did not confirm they were responsible. (mirror)

‍

Thoughts: When a company tells you NOT to use their service, you know it’s bad. Also, I wonder if companies weren’t trying to make a profit, would they also warn their customers to avoid using their product. It makes you wonder about the services you’re still using and if you should still be using them.

‍

‍

5. In case you didn't know...

I started Assurance IT with my childhood friend Ernesto Pellegrino in 2011. Our mission is to help 100,000 companies become cyber resilient through our services and free content. We focus on helping mid-sized organizations with data protection and data privacy. Our primary services include: endpoint management, cloud backup, DRaaS, Microsoft 365 backup, and Quebec's Law 25 training.

‍

‍

‍