Image: Getty Images/iStockphoto
The New South Wales Police Force is in the process of bringing its back-end into the 21st century, turning to Microsoft and its Azure cloud platform for help.According to Microsoft, the force is retiring, re-architecting, or replacing over 200 legacy systems with cloud-based systems. Part of this transformation is changing the way the force analyses CCTV footage.Labelled as the “AI/ML-infused Insights policing platform”, the system essentially speeds up the processing of data. In one example, NSW Police collected 14,000 pieces of CCTV as part of a murder and assault investigation and analysed it in a manner faster than it previously could.”The AI/ML infused Insights platform ingested this huge volume in five hours and prepared it for analysis by NSW Police Force investigators, a process that would otherwise have taken many weeks to months,” Microsoft said in a case study prepared alongside NSW Police.”Detectives were able to then within days piece together the time sequence of events, movements, and interactions of the person of interest as well as overlay this onto a geospatial platform, visualising the data for detectives and aiding in the preparation of the brief of evidence for Courts.”Leveraging Microsoft Azure cognitive technologies, machine learning, and deep learning capabilities, NSW Police has been able to train the system on image classification allowing it to interpret petabytes of CCTV footage automatically and at speed provide rapid access to leads that officers can pursue to ultimately solve crime faster.”Must read: Human Rights Commission calls for a freeze on ‘high-risk’ facial recognition

The platform can also turn voice to text, allowing for the speedy transcription of police interviews, and can also stitch together CCTV with dash cam footage and then search for objects, including overlaying this on a geospatial solution, the pair added.”Using computer vision it can search to recognise objects, vehicles, locations, such as a backpack, or a tie, or type of shoes a person of interest might be wearing,” NSW Police CITO and executive director of digital technology and innovation Gordon Dunsford said.”The system has been designed with ethics front and centre, and in consultation with privacy experts with a particular focus on avoiding bias,” Microsoft added.Insights is currently hosted internally, but will “shortly” migrate to the cloud. NSW Police, however, is already using a containerisation strategy to parcel up data that needs to be interpreted rapidly, and sending that to Azure for processing.Elsewhere, the force is also working on its Integrated Policing Operating System (IPOS), which will replace the existing 27-year old central database and be used to manage all the data from operations including triple zero calls, arrests and charges, firearms, criminal investigations, forensics, complaints, and public reports.IPOS is based on Mark43’s public safety software.IPOS also provides the force with a single view of a person of interest and can be viewed on an officer’s MobiPol mobile devices. “It can also provide access to important additional information; for example, alerting police to the fact that the address where they are going to apprehend someone is located next to another house where residents are known to be antagonistic to the police through its geofencing capability,” Microsoft added.See also: How Victoria Police handled the Bourke Street incident on social media (TechRepublic)Dunsford said that, at present, officers share MobiPols, but with IPOS there are plans to equip every officer with their own device and access to IPOS.NSW Police also has plans to replace the legacy data store systems with the Digital Evidence Cloud, and has built a small-scale capability that it has trialled with NSW Police’s Forensics Command.Dunsford also wants to understand how low earth orbit (LEO) satellites could be used to support police; how data from the Integrated Connected Officer program which collects data from an officer’s firearm, taser, car, and body worn camera can be ingested into Insights; and how drones could be deployed to collect video that could help identify potentially dangerous situations.Advanced AI and machine learning could, he thinks, be used to train systems to identify everything from the colour, make, and model of vehicles, to a backpack in a crowded street, to finding a particular individual based on their unique gait.In June 2020 Microsoft said that it would not sell or deploy facial recognition to police services.RELATED COVERAGE More

Max Buondonno/ZDNETApple announced significant updates for the iPhone with iOS 18 during last month’s WWDC event. In addition to a customizable home screen, Control Center, and lock screen, iOS 18 will give users a Photos app overhaul, new Messages enhancements, a new Passwords app, and many artificial intelligence (AI) updates under Apple Intelligence to enhance app functionality.Also: Every iPhone model that will get Apple’s iOS 18 (and which ones won’t)While the iOS 18 general release is still a couple of months away, users can now download a public beta version. Apple released the iOS 18 developer beta a month ago. Before you download a beta version of an operating system, you should have some housekeeping items in mind:Back up your device and personal information.Don’t download beta software, which will likely have bugs and glitches, on your everyday iPhone.You should go into the experience to test new features and share feedback to improve iOS, which is why beta versions are released.  More

Researchers have discovered a strain of cryptocurrency-mining malware that abuses Windows Safe mode during attacks. 

The malware, dubbed Crackonosh by researchers at Avast, spreads through pirated and cracked software, often found through torrents, forums, and “warez” websites. After finding reports on Reddit of Avast antivirus users querying the sudden loss of the antivirus software from their system files, the team conducted an investigation into the situation, realizing it was due to a malware infection.  Crackonosh has been in circulation since at least June 2018. Once a victim executes a file they believe to be a cracked version of legitimate software, the malware is also deployed.  The infection chain begins with the drop of an installer and a script that modifies the Windows registry to allow the main malware executable to run in Safe mode. The infected system is set to boot in Safe Mode on its next startup.  “While the Windows system is in safe mode antivirus software doesn’t work,” the researchers say. “This can enable the malicious Serviceinstaller.exe to easily disable and delete Windows Defender. It also uses WQL to query all antivirus software installed SELECT * FROM AntiVirusProduct.” Crackonosh will scan for the existence of antivirus programs — including Avast, Kaspersky, McAfee’s scanner, Norton, and Bitdefender — and will attempt to disable or delete them. Log system files are then wiped to cover its tracks. 

In addition, Crackonosh will attempt to stop Windows Update and will replace Windows Security with a fake green tick tray icon.  The final step of the journey is the deployment of XMRig, a cryptocurrency miner that leverages system power and resources to mine the Monero (XMR) cryptocurrency. Overall, Avast says that Crackonosh has generated at least $2 million for its operators in Monero at today’s prices, with over 9000 XMR coins having been mined.  Approximately 1,000 devices are being hit each day and over 222,000 machines have been infected worldwide. In total, 30 variants of the malware have been identified, with the latest version being released in November 2020.  “As long as people continue to download cracked software, attacks like these will continue and continue to be profitable for attackers,” Avast says. “The key take-away from this is that you really can’t get something for nothing and when you try to steal software, odds are someone is trying to steal from you.” Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

skynesher/Getty Images Cybersecurity researchers have been warning for quite a while now that generative artificial intelligence (GenAI) programs are vulnerable to a vast array of attacks, from specially crafted prompts that can break guardrails, to data leaks that can reveal sensitive information.  The deeper the research goes, the more experts are finding out just how […] More

Cyber criminals are increasingly targeting universities with ransomware attacks and academic institutions are being urged to make sure their networks are resilient enough to protect against them.
The warning from the UK’s National Cyber Security Centre (NCSC) – the cyber arm of GCHQ – comes following a recent spike in hackers targeting universities with ransomware attacks during August. In some instances, hackers have not only demanded a significant bitcoin ransom from victims of attacks, but they’ve also threatened to leak stolen personal data of students if they’re not paid.

More on privacy

The NCSC says it dealt with several ransomware attacks against universities that caused varying levels of destruction depending on the level of cybersecurity the institutions already had in place.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)    
And with colleges and universities gearing up to start the new academic year and welcome new students – while already facing challenges because of the ongoing coronavirus pandemic – they’ve been urged to make sure their cybersecurity infrastructure is ready to defend the additional challenge of a ransomware attack.
“This criminal targeting of the education sector, particularly at such a challenging time, is utterly reprehensible,” said Paul Chichester, director of operations at the NCSC.
“While these have been isolated incidents, I would strongly urge all academic institutions to take heed of our alert and put in place the steps we suggest, to help ensure young people are able to return to education undisrupted.
“We are absolutely committed to ensuring UK academia is as safe as possible from cyber threats, and will not hesitate to act when that threat evolves,” he added.
The Targeted ransomware attacks on the UK education sector alert details some of the most common attack infection vectors, including Remote Desktop Protocols (RDP), phishing emails and software and hardware that’s been left vulnerable due to lack of security patching.
Mitigation against ransomware attacks that universities are being urged to adopt include effective vulnerability management and patching, securing RDP services with multi-factor authentication, installing anti-virus software, and ensuring staff and students are aware of the risks posed by phishing emails.
It’s also recommended that universities have up-to-date and tested offline backups, so that if systems are encrypted by a ransomware attack, they can be restored without paying a ransom to cyber criminals.
SEE: My stolen credit card details were used 4,500 miles away. I tried to find out how it happened
The NCSC also urges universities to test how they’d respond to a ransomware attack by using the NCSC’s free Exercise in a Box tool, which allows organisations to see how their defences would hold up against hacking scenarios based on real events.
“As the last six months have shown us, it has never been more important for colleges to have the right digital infrastructure in order to be able to protect their systems and keep learning happening, whatever the circumstance,” said David Corke, director of education and skills policy at the Association of Colleges.
“This needs a whole college approach and for a focus wider than just systems, it needs to include supporting leaders, teachers and students to recognise threats, mitigate against them, and act decisively when something goes wrong. This guidance will prove incredibly useful for colleges to ensure that they can do just that,” he added.
MORE ON CYBERSECURITY More