HP Addresses Rising Security Threats Before an AI-Driven Wave of Pain

computer programmers analyzing cybersecurity systems

I’ve spent much of my career in and around security, and if there were ever a time not to be in the security business, this would be it.

The cause for this is not because the business isn’t still potentially lucrative but because the threats appear to be increasing at an alarming rate. This escalation is particularly noticeable with the advent of AI and understaffed security departments.

According to HP, we lack the 3.5 million, yes, that’s million, security professionals we need to address current threats, let alone the impending AI-created threats.

Let’s talk about security this week in the context of HP’s Quarterly Security Report, what HP is doing to step up to the problem, and we’ll close with what may be my new favorite phone: the Motorola 2023 Razr foldable phone, which is kind of a blend of the future and the past.

Shampoo Targets Content Pirates

Pirating content is a cheap way to get music, TV, and movies you’d otherwise have to pay for. It is a bad idea because not only could you be charged up to $10,000 for each piece you get caught pirating, but some of that content could contain malware that could infect or destroy your PC or infect or destroy your company.

Well, the situation just worsened.

Users have been attempting to download an application called Shampoo that bypasses the Chrome Web Store. As it’s one of many unvetted apps for Android, Shampoo can infect users’ PCs, causing them to run malicious VBScript. This action then triggers a series of scripts that download the browser extension. The extension then loads into a new browser session and sets up persistence mechanisms that make removing it almost impossible.

Initially, this malicious app, which is part of the ChromeLoader family known for injecting malware, uses a complex injection chain that funds those sent out by redirecting search inquiries and injecting ads. Users will notice their PCs are acting differently, but if they remove the app, it will just reinstall itself when they reboot, making it very difficult to get rid of the thing.

Back to pirating.

This application is specifically targeting users who have been actively searching for pirated content, particularly games. The fact that the folks behind these attacks are explicitly targeting pirates suggests that there may be reporting aspects of this app that may not have been triggered yet or other painfully punitive elements that haven’t yet become visible.

The best defense against this is not to pirate and certainly to stop any side-loading (bypassing the Google Store) because this isn’t the only hostile app out there, and things are about to become far less safe as a result.

FormBook Malware

Microsoft tightened the security around Office substantially, but threat actors have already begun to work around these restrictions.

For instance, last March, attackers gained access to Microsoft 365 credentials of employees. They used these credentials to log into the employees’ online Outlook accounts. Next, they set up a new email address and used it to masquerade as the target organization’s finance department. Then, they emailed employees malicious Word documents. The employees, believing the documents were from their employer’s finance department, opened them.

Since the emails seem to originate from within the company, bearing the label of the finance department, recipients view them as trustworthy. Thus, the internal macros in the documents are not disabled as they normally would be for an externally sourced email. In this instance, the downloaded malware is FormBook, an information-stealing application sold on a few hacking forums.

Top Threat Vectors and the Rise of AI

Currently, email is at 80%, with browser downloads at 13% and others at 7%. Certain kinds of malware are increasing dramatically, with gzip (a common data compression application) archive malware up 53% and HTML threats in general up 37%. According to the HP report, document threats containing exploits are up 85%, and compression tool-connected exploits are up 6%.

However, this is all before the wave of AI-generated threats, which are not included in the report and are also increasing rapidly.

For example, reports of people getting faked phone calls from loved ones in distress have increased. Unlike prior scams, the callers have sampled the person’s voice they claim was kidnapped so that the screams and pleading coming over the phone sound just like the relative you want to protect. An example of one of the attacks was reported to Congress.

This alarming trend suggests we should all have a verification code that we can use to determine if the person on the other end of the phone is who they say they are when such a call comes in and to approach these calls with a great deal of skepticism. Another analyst got a call like this seemingly from his wife, saying she was being held for ransom while she was just out shopping. Even though he didn’t fall for it, the call shook him up badly.

In this Wharton School video, you can get a sense of the breadth of things that AI can do currently — from writing complete apps for you even if you can’t code to creating credible deepfake videos to scam others with minimal effort.

It’s important to note that the tools the speaker used are mostly not even current, let alone capable of what they will be able to do in a few short months.

HP’s Wolf Security Response to Emerging Cyber Threats

HP has missioned its Wolf Security unit to tackle a wide range of these threats, although AI-based threats seem to remain outside its scope for now. However, HP’s business-focused products and security services, which span small businesses to enterprises, have largely mitigated the threats identified in its report.

HP has a unique security controller and special protections, which secure the PC during booting. If the PC becomes compromised, it can recover it reliably. In case of theft or before transferring the PC to someone else, it can wirelessly remove the data.

Out of the 125 million devices equipped with HP’s advanced security solution, not a single one has been breached. Although no system can guarantee absolute security, HP’s designs offer protection far exceeding their competitors, significantly increasing the likelihood that an attacker would abandon their efforts in favor of a less secure target.

In the early 2000s, HP was also the first to highlight to me the risk of quantum technology against existing encrypted files, and it has been working on a fix for this longer than any other PC vendor. With a combination of unique hardware, software, and a stand-alone security entity called Wolf Security, HP stands alone when it comes to PC security right now.

Wrapping Up

The surge of security threats is escalating at an unprecedented rate, a trend likely to be amplified by the upcoming wave of AI-created threats that are already drawing significant attention at the congressional level.

HP’s investment in Wolf Security now appears prophetic as it not only anticipated this problem but also ramped up its capabilities to address the threats present in today’s market and those predicted to arise in the future. Still, the emergence of generative AI threats could potentially overwhelm everyone in the sector.

AI threats will likely require an AI response, and the folks at HP are also working on that. Let’s hope they complete it before the impending AI malware apocalypse.

Tech Product of the Week

Motorola Razr+ Foldable Phone

The original Motorola Razr phone was a massive hit. Anyone that was someone had one. It was the iPhone of its age, and younger buyers have been flocking to that form factor in a retro trend recently, but you give up most of the smartphone features to get what is arguably a far better device for TikTok videos.

The Motorola Razr+ foldable phone, which costs substantially more, provides the benefits of portability and ergonomic design that makes it easier to hold, with the capability of a complete smartphone. It costs $999.99, a sharp decline from the last model, and comes in three colors: Infinite Black, Viva Magenta, and Glacier Blue. The Razr+ has 256GB of internal storage, and you can buy it unlocked from Motorola, giving you flexibility between cell phone carriers.

Motorola Razr40 / Razr+

Razr+ foldable phone in Glacier Blue (Image Credit: Motorola)

Battery life at 14 hours is significantly higher than the prior model as well. However, you have to be more careful with this phone because its water resistance is more limited than the older model, and foldable screens tend to be more vulnerable to dust. Performance is good though it does use a down-speed Qualcomm processor to get to this price point. Like most foldable screen phones, it does tend to draw attention when you use it.

It appears particularly well-designed for selfies and TikTok videos, given its external display over the camera lenses, and it is nearly as useful while folded as it is when unfolded. Motorola (a Lenovo division) clearly has paid close attention to how millennials use flip phones. Thanks to its design, you can even prop the phone up in a tent-like position for video viewing on the smaller screen.

The Razr+ has a whopping 6.9-inch display when unfolded, complemented by Atmos sound and decent performance. I really like this phone, so it is my Product of the Week. It comes to market this week on June 29.

Rob Enderle

Rob Enderle has been an ECT News Network columnist since 2003. His areas of interest include AI, autonomous driving, drones, personal technology, emerging technology, regulation, litigation, M&E, and technology in politics. He has an MBA in human resources, marketing and computer science. He is also a certified management accountant. Enderle currently is president and principal analyst of the Enderle Group, a consultancy that serves the technology industry. He formerly served as a senior research fellow at Giga Information Group and Forrester. Email Rob.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Rob Enderle
More in Malware

Technewsworld Channels