The annual RSA conference, akin to a piece of persistent malware that no antivirus software can seem to eliminate, was back this year with a vengeance. While the malware example was inherently malicious, and the event had a positive message, the industry seemed to brim with goodwill. The theme of the conference for this year is “Stronger Together.”
Like many other industry events, RSA slowed down during the peak of Covid and shifted to an online-only format. From April 24 to 27, San Francisco’s Moscone Conference Complex reigned again as the center for cybersecurity. This year’s conclave, the 32nd annual event, “attracted more than 40,000 attendees including 650+ speakers, 500+ exhibitors, and 500+ media members.”
This year’s event featured several distinguished speakers, including former and current elected and appointed government officials, academics, researchers, and representatives from dozens of commercial and nonprofit security groups.
Even a few celebrities were in attendance, such as Eric Idle (Monty Python co-creator and star) and Chris Stapleton, an eight-time Grammy Award-winning country western singer.
Cybercrime on the Rise Boosts Security Industry Outlook
The mood at this year’s RSA was much more positive than last year when the conference returned to an in-person format but only had 26,000 attendees. It also was overshadowed by reports of layoffs in tech companies in and around the cybersecurity industry.
It’s incredible how much a year can change. Linda Gray Martin, Senior Vice President of the RSA Conference, described the event in 2023 as “the enthusiasm and buzz that was felt all week around RSA Conference,” and this hyperbole seemed justified.
The resurgence in attendance and interest at this quintessential event is due to the increased awareness of the increasingly sophisticated threats, such as those posed by ransomware, malware, and new forms, and of the challenges and opportunities that generative AI, open source, and other technologies present.
As usual, RSA offered a convenient milestone to release new security products and services, along with reports and insights focusing primarily on the changing threat landscape. The event featured several reports that highlighted industries at particular risk. These included manufacturing, healthcare, and finance.
AT&T Business released its 12th annual Cybersecurity insights at RSA. The report contains findings from its survey conducted among 1,400 security professionals in North America, South America, Europe, and Asia. The respondents were limited to organizations with integrated “edge use-cases” such as robotics, virtual realities, or IoT devices. Unsurprisingly, they found that these respondents were constantly under attack.
With the notable exception that the U.S. State and Local Government and Education (SLED) market was surveyed, the majority of respondents were more concerned with distributed denial-of-service (DDoS) and fraud incidents involving business email compromise (BEC) than they were ransomware, other forms of malware or advanced persistent threats (APTs).
The results indicate that many security professionals working in industries with high levels of edge, often considered critical infrastructure for their countries, are out of touch regarding the threats they face, including those from state-sponsored attacks.
The report’s authors state that “cyberspace as a geopolitical tool has forced government regulators to be aware of the possibility of destructive nation-state attacks.” However, The only use cases where nation-state cyberattacks are ranked in the top three of perceived likelihood are building management for the U.S. SLED and fleet tracking for transportation.
BlackBerry’s second quarterly Global Threat Intelligence Report was also released at the RSA conference. It highlighted several industries that were receiving heavy cybercrime attacks. The report reveals that cybercriminals are targeting the healthcare industry, which is exposed to 59 malicious samples daily, with increased Emotet variants.
BlackBerry found that the attacks on government entities, manufacturing, and critical infrastructure were targeted by “sophisticated, sometimes state-sponsored, threat actors engaged in espionage campaigns and intellectual property theft.”
According to the company’s subscription service for cyber threat intelligence, CylanceIntelligence, also formally launched during RSA, “crimeware, commodity malware, and other types of malware are often found within these critical industries.”
Please watch my video with Ismael Valenzuela (the Vice President of Threat Analysis at BlackBerry) that I conducted during RSA. Note: I am also the editorial director of Blackberry, in addition to my reporting for TechNewsWorld.
AI gets VIP treatment
The use of artificial intelligence as a powerful tool for both attackers and defenders was a major topic of discussion at RSA 2023.
AI has existed in many forms for decades. However, it has achieved its greatest success at the box office, playing the villainous role that Hollywood is known for. Since the 1968 film adaptation of Sir Arthur C. Clarke’s “2001: A Space Odyssey” in which HAL 9000, a murderous AI, made its debut in Stanley Kubrick’s version by Stanley Kubrick, AI has been typecast as a homicidal villain in popular fiction.
Watson, IBM’s AI product, has been working hard to demonstrate more benign uses of the technology. In 2011, Watson even appeared as a competitor on “Jeopardy.” AI has been embraced by pioneering cybersecurity companies such as CrowdStrike, and Cylance. (Acquired in 2018 by BlackBerry).
AI is now a standard part of endpoint protection, replacing outdated signature-based malware. The commercialization of AI tools that use large language models, such as ChatGPT, has brought AI to a mainstream level in the last year. Watson could only have dreamed.
One of the first malicious applications of these AI tools, which are widely available, was to improve phishing baits. Zscaler’s ThreatLabz Phishing Report was released at RSA and confirms the use of AI tools like ChatGPT to improve phishing success rates. These use cases are likely to be the easiest for threat actors to exploit.
According to the report, “the emergence of AI technology and large-language models like ChatGPT has made it easier for Cybercriminals to create malicious code and Business Email Compromise attacks (BEC), and (to develop) polymorphic malware which makes it harder for the victim to identify phishing.”
In his RSA roundup, Forbes contributor Will Townsend explains that discussions at the tradeshow and in the surrounding area highlighted how AI is quickly becoming “a double-edged blade that will need to be sharpened” as both attackers AND defenders increasingly use it.