Digital Trace

  Not all cyber-attacks start with clever malicious code. Sometimes, it begins with an unknown account still active in the background, or a support call that felt just a little too normal, that granted access to the adversary, or a clever AI-generated phishing email that mimics your friend. Snowflake, 2024 - Attackers used stolen credentials to get into cloud accounts. MGM & Caesars, 2023 - Social engineering were enough to take down casinos. MOVEit, 2023 - A hidden flaw in the file transfer package gave attackers access to data. They were quiet, effective and noisy. They worked because someone, somewhere, had more access than needed. Because a token was alive. Because temporary access turned permanent. Because there is no multi-layer authentication. And now, an interesting time as attackers' AI collaboration makes things worse. Fake voice-videos are so convincing. (Scammers used deepfake to impersonate the Hong Kong-based employees during a video conference, convincing the em...