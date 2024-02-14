Good morning. It's Thursday 15th February.

Microsoft and OpenAI are revealing today that hackers are already using large language models like ChatGPT to refine and improve their existing cyberattacks. In newly published research, Microsoft and OpenAI have detected attempts by Russian, North Korean, Iranian, and Chinese-backed groups using tools like ChatGPT for research into targets, to improve scripts, and to help build social engineering techniques. The Verge

The U.S. Department of Defense is notifying tens of thousands of individuals that their personal information was exposed in an email data spill last year. According to the breach notification letter sent out to affected individuals on February 1, the Defense Intelligence Agency — the DOD’s military intelligence agency — said, “numerous email messages were inadvertently exposed to the Internet by a service provider,” between February 3 and February 20, 2023. TechCrunch

TikTok is taking measures to combat misinformation about the upcoming European Union elections, including setting up fact-checking hubs inside the app, the video-sharing platform said Wednesday in a blog post. TikTok plans to launch local language in-app “election centers” next month for each of the 27 EU countries so that “people can easily separate fact from fiction.” The Associated Press

National resilience for Australia—learning the lessons

Marc Albong

The last four years have been tough for Australia. We have seen the disastrous 2019-20 fire season, the Covid-19 pandemic, devastating floods and cyclones, the most comprehensive punitive trade measures used against any country in recent history, a doubling of cybersecurity incidents, including some of the largest data breaches and the most serious ransomware cases, more Australians targeted for espionage and foreign interference than at any time in Australia’s history, the re-emergence of right-wing extremism as a more visible and a growing threat to national security, and an acute threat to Australia’s supply chains sparked by the pandemic and exacerbated by the war in Europe.

Academics in US, UK and Australia collaborated on drone research with Iranian university close to regime

The Guardian

Jonathan Yerushalmy and Johana Bhuiyan

Academics in the UK, Australia and the US collaborated on research related to drone technology with an Iranian university that is under international financial sanctions and known for its close ties to the military, the Guardian can reveal. The collaborative research was described by one security expert as having direct military applications, while another called it potentially “very dangerous”. Iranian-made drones have been responsible for a number of deadly attacks in the Ukraine and Middle East conflicts, and their development is known to be a top priority for the government in Tehran.

ASD sees "frequency, richness" of cyber info sharing fall away

iTnews

Ry Crozier

The Australian Signals Directorate has lamented a decline in the “frequency and richness” of cyber incident data shared with it by the private sector, underlining - it says - the importance of restoring trusted channels for information exchange. In a parliamentary submission, the ASD makes its pitch for a so-called “limited use obligation”, an idea floated in last year’s federal cyber security strategy that could encourage cyber incident disclosure to the ASD and the national cyber security coordinator. The information would be subject to restrictions, both in terms of who else can see it and in what it can be used for; the idea being that it would not be used against the sharer, such as to impose financial penalties.

Hundreds of ‘high-risk’ Chinese-made cameras still in MPs’ offices

The Age

Broede Carmody

Hundreds of Chinese-made surveillance cameras are still being used in the local offices of Victorian state MPs one year after a federal government purge over espionage fears. Government documents seen by The Age reveal more than 80 electorate offices across metropolitan Melbourne and regional Victoria have at least one Hikvision camera installed. The devices have been banned from government buildings in America and the United Kingdom.

Victoria police were asked to look at HyperVerse information in 2020 – but sent case back to Asic 22 months later

The Guardian

Sarah Martin

Australia’s corporate watchdog referred information about the alleged US$1.89bn “Ponzi scheme” known as HyperVerse to Victoria police in 2020, only for it to be referred back almost two years later without any action being taken. The Australian Securities and Investments Commission made the referral to Victoria police for alleged “possible fraud offences” after concerns were raised with the corporate regulator about a related company, Blockchain Global. Asic did not provide detail on what prompted the referral.

Chinese tech startups quietly stop testing driverless cars on Californian roads

Business Insider

Tom Carter

Chinese authorities ultimately banned Didi from taking on new customers until January 2023 after the company went public in the US in 2021, amid concerns over possible leaks of sensitive data. Didi is not the only Chinese company that appears to be scaling back autonomous vehicle testing in California, or pulling out entirely. Didi’s exit from California comes amid growing geopolitical tensions between the US and China. US lawmakers have raised concerns that Chinese autonomous vehicle companies might be collecting sensitive data whilst testing their vehicles in the US, with several asking Chinese firms including Baidu and WeRide to detail their data collection practices last year.

Volt Typhoon targeted emergency management services, per report

CyberScoop

Christian Vasquez

Volt Typhoon, the China-sponsored hacking group that has been the focus of grim warnings from U.S. security agencies, has been targeting satellite and emergency management services in addition to electric utilities, according to a new report.The industrial cybersecurity firm Dragos’s Tuesday report outlines how the notorious hacking group is positioning themselves to have disruptive or destructive impacts on critical infrastructure in the U.S.

2,000 new CCTV cameras ‘not enough,’ says Hong Kong police chief, does not rule out face detection function

HKFP

Kelly Ho

The 2,000 new security cameras to be installed in Hong Kong by the end of 2024 for improving public safety may be equipped with face recognition functions, the city’s police chief has said. Hong Kong will see 615 new CCTV cameras set up at “black spots” next month as part of police efforts to enhance surveillance for crime detection and prevention, Commissioner of Police Raymond Siu said in an interview with TVB last Sunday.

US military notifies 20,000 of data breach after cloud email leak

Chips are a national security issue: is the CHIPS act enough?

EE Times

Nicholas Brathwaite

The macroeconomic and geopolitical challenges surfacing over the past few years have made it clear to global leaders that semiconductor chips are an indispensable aspect of national sovereignty. Chips impact every aspect of our lives – from smartphones and medical devices all the way to military drones. Having experienced the huge impact caused by chip shortages, government leaders now recognize that supply chain reliability and control are critical not only to economic stability and growth but also to national security and technological supremacy.

White House tech policy unit deems DLT, digital assets vital for national security

Ledger Insights

Ledger Insights

Yesterday the White House Office of Science and Technology Policy published a paper outlining critical and emerging technologies. These are considered important for national security. DLT, digital assets and digital identity made it onto the list. While artificial intelligence unsurprisingly made it into the top 18 categories, digital assets and DLT were buried under “Data Privacy, Data Security, and Cybersecurity Technologies”. That category also includes digital payment technologies and digital identity.

New Jersey law enforcement officers sue 118 data brokers for not removing personal info

The Record

Suzanne Smalley

Over the course of the last week, 118 class action lawsuits were filed against data brokers who allegedly failed to respond to requests from about 20,000 New Jersey law enforcement personnel asking to remove their personal information from the internet. New Jersey law prohibits the disclosure of home addresses and unpublished telephone numbers for current and retired police officers, prosecutors, and judges, along with their family members. If that information is disclosed, the law requires it be removed within 10 days of a takedown request.

CATL big battery to be removed from US Marine base over China security fears

Renew Economy

Joshua S Hill

American energy company Duke Energy has agreed under pressure from the United States Congress to decommission energy storage batteries produced by Chinese battery giant CATL at Marine Corps Base Camp Lejeune in North Carolina over concerns that the batteries pose a security risk. Reuters reported late last week that Duke Energy had made plans to decommission the CATL-made batteries that were commissioned less than a year ago in March 2023.

North Korean hackers breached personal emails of presidential staffer, South alleges

ABC News (US)

The Associated Press

South Korean President Yoon Suk Yeol’s office said Wednesday that presumed North Korean hackers breached the personal emails of one of his staff members ahead of Yoon's trip to Europe in November.Yoon’s office said the breach only affected the personal account of the unidentified employee, who violated security protocols by partially using commercial email services to handle official duties. Officials did not specify what type of information was stolen from the staff member’s personal emails but stressed that the office’s overall security system was not affected.

Cyber attacks spike suddenly prior to Taiwan’s election

Voice of America

Jeff Seldin

Chinese-linked cyber actors appear to have made a massive, last-minute push to try to derail Taiwan’s recent elections, though the precise goals of the sudden campaign — and the extent to which the attacks succeeded — remain unclear. A new report Tuesday by the U.S.-based cybersecurity firm Trellix found what researchers described as a significant spike in activity, with attacks on Taiwanese organizations more than doubling in the 24-hour period before Taiwan’s January 13 election.

European telcos prepare for quantum hackers

Light Reading

Tereza Krasova

Quantum computing holds many promises like faster drug discovery, improved battery chemistries and better traffic planning, to name a few. But the world of quantum is not just about opportunity. In what might be its most discussed consequence, it will make one of the most common encryption methods obsolete. As a result, the technology has forced companies worldwide to implement a step change in cryptography practices – and telcos are already on the task.

Albanian authorities accuse Iranian-backed hackers of cyberattack on Institute of Statistics

ABC News (US)

The Associated Press

Albania’s cybersecurity authorities have accused a hacker group “sponsored” by the Iranian government of attacking the country’s Institute of Statistics earlier this month. On Feb. 1, the institute reported becoming a target of a “sophisticated cyberattack” and that some systems were affected. The National Authority for Electronic Certification and Cyber Security on Tuesday accused the Homeland Justice, “an attacking group sponsored by the Iranian government,” of the attack affecting 40 computers.

Hospitals offline across Romania following ransomware attack on IT platform

The Record

James Reddick

Four more Romanian hospitals were confirmed on Tuesday to have been affected by a ransomware attack against an IT platform, bringing the total to 25 facilities whose data has been encrypted. Another 75 hospitals in the country using the platform have been disconnected from the internet as investigators determine if they too are impacted. According to the Romanian National Cyber Security Directorate, the unidentified hackers behind the attack are demanding 3.5 bitcoin, or about $170,000, to decrypt the data.

The ‘Munich Spirit’: What to expect from this year's security conferences

The Record

Alexander Martin

Munich, one of Germany’s largest cities buried deep in Bavaria in the country’s south, will this week host the largest working gathering on the planet of presidents, senior ministers, diplomats, and defense and intelligence officials. The Munich Security Conference is now in its 60th year and will run from Friday until Sunday. Most of the officials who will give speeches, talk on panels, attend bilats (and occasional interviews with journalists) will do so within and around the Hotel Bayerischer Hof, a neo-renaissance building cordoned-off for the occasion.

Estonian intelligence warns about Chinese state-linked Tik Tok big data collection

ERR

ERR News

The Estonian Foreign Intelligence Service has warned that China is creating an integrated political-technological ecosystem, by exploiting Chinese digital companies, especially Tik Tok, and the big data they collect for developing comprehensive artificial intelligence. The Estonian Foreign Intelligence Service reminds that China has set the course to "export" its digital standards and create dependency on them and that the global proliferation of Chinese technology is not solely the result of talent and entrepreneurship, but of the strategic planning.

ASML says geopolitics, new export restrictions remain risks

CNA

ASML, the largest supplier of equipment to computer chip makers, said on Wednesday that geopolitical tensions and any expansion of a US-led campaign to restrict its exports to China remain business risks. In its annual report published on Wednesday, the Dutch company flagged the growing list of restrictions imposed by the United States, mostly with the assent of the Dutch government.

Nigeria cracks down on cyber bullying and fake news

ITWeb Africa

Emeka Ekonkwo

Nigerian authorities are cracking down on cyberbullying and the spread of fake news across the West African country. The Nigeria Police Force is leading the effort, claiming that the crimes were committed to tarnish its personnel, while specific individuals and groups spread falsehoods across many online platforms. This comes as disinformation has become a major worry in many countries. According to analysts who study misleading or fake news, plans are routinely developed to manipulate public opinion and threaten the stability of states and their institutions.

TikTok prepares to combat misinfo, AI fakes and influence ops ahead of European Union election

Meta details actions against eight spyware firms

CyberScoop

AJ Vicens

Meta took a series of actions in the last quarter of 2023 against a half-dozen networks of accounts tied to eight spyware firms, which had used the social media’s platform to perform reconnaissance against targets and also test exploit capabilities, the company said Wednesday. The spyware firms — based in Italy, Spain and the United Arab Emirates — employ a series of complicated corporate structures, likely to obfuscate attribution as well as rebranding after exposures, according to Meta, the parent company of Facebook, Instagram and WhatsApp.

OpenAI shuts down accounts linked to 5 nation-state hacking groups

The Record

Adam Janofsky

OpenAI, the artificial intelligence company behind ChatGPT, said on Wednesday that it terminated accounts on its services being used by threat actors linked to China, Russia, Iran and North Korea. The announcement was made in collaboration with Microsoft — one of the company’s major investors — which released a report on Wednesday that detailed how various state-affiliated hacking groups are experimenting with large language models to potentially carry out cyberattacks.

Microsoft and OpenAI say hackers are using ChatGPT to improve cyberattacks

The Verge

Tom Warren

Microsoft and OpenAI are revealing today that hackers are already using large language models like ChatGPT to refine and improve their existing cyberattacks. In newly published research, Microsoft and OpenAI have detected attempts by Russian, North Korean, Iranian, and Chinese-backed groups using tools like ChatGPT for research into targets, to improve scripts, and to help build social engineering techniques.

North Korea and Iran using AI for hacking, Microsoft says

The Guardian

Guardian staff and agencies

US adversaries – chiefly Iran and North Korea, and to a lesser extent Russia and China – are beginning to use generative artificial intelligence to mount or organize offensive cyber operations, Microsoft said on Wednesday. Microsoft said it detected and disrupted, in collaboration with business partner OpenAI, many threats that used or attempted to exploit AI technology they had developed.

Staying ahead of threat actors in the age of AI

Microsoft

Microsoft Threat Intelligence

Over the last year, the speed, scale, and sophistication of attacks has increased alongside the rapid development and adoption of AI. Defenders are only beginning to recognize and apply the power of generative AI to shift the cybersecurity balance in their favor and keep ahead of adversaries. At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors, including prompt-injections, attempted misuse of large language models, and fraud.

‘AI girlfriends’ are a privacy nightmare

WIRED

Matt Burgess

An analysis into 11 so-called romance and companion chatbots, published on Wednesday by the Mozilla Foundation, has found a litany of security and privacy concerns with the bots. Collectively, the apps, which have been downloaded more than 100 million times on Android devices, gather huge amounts of people’s data; use trackers that send information to Google, Facebook, and companies in Russia and China; allow users to use weak passwords; and lack transparency about their ownership and the AI models that power them.

OpenAI gives ChatGPT a better ‘memory’

The New York Times

Cade Metz

OpenAI is giving ChatGPT a better memory The San Francisco artificial intelligence start-up said on Tuesday that it was releasing a new version of its chatbot that would remember what users said so it could use that information in future chats. With this new technology, OpenAI continues to transform ChatGPT into an automated digital assistant that can compete with existing services like Apple’s Siri or Amazon’s Alexa. Last year, the company allowed users to add instructions and personal preferences, such as details about their jobs or the size of their families, that the chatbot should consider during each conversation. Now, ChatGPT can draw on a much wider and more detailed array of information.

Menlo Security reports that 55% of generative AI inputs contained sensitive and personally identifiable information

The Associated Press

Menlo Security, a leader in browser security, today released its latest report “ The Continued Impact of Generative AI on Security Posture ”. This report marks the second installment of generative AI reports which analyzes the changing behavior of employee usage of generative AI and the subsequent security risks these behaviors pose to organizations. In the last thirty days, over half (55%) of Data Loss Prevention events detected by Menlo Security included attempts to input personally identifiable information. The next most common type of data that triggered DLP detections included confidential documents, which represented 40% of input attempts.

Generative AI financial scammers are getting very good at duping work email

CNBC

Ellen Sheng

More than one in four companies now ban their employees from using generative AI. But that does little to protect against criminals who use it to trick employees into sharing sensitive information or pay fraudulent invoices. Armed with ChatGPT or its dark web equivalent, FraudGPT, criminals can easily create realistic videos of profit and loss statements, fake IDs, false identities or even convincing deepfakes of a company executive using their voice and image.

MITRE Caldera™ releases new user interface for adversarial emulation of cyberattacks

The Associated Press

With new cyber threats appearing across the cyber landscape, cyber defenders need to actively access their networks to find and fix problems. With MITRE ATT&CK ® —an open-source knowledge base of adversary techniques—as its backbone, MITRE Caldera™ allows cyber defenders to attack and test their own computer networks and systems at the same level as real-world hackers and cyberattacks. Today, Caldera launched its latest version, which delivers a new user interface to enhance current live operation views of its adversarial emulations. The new version also lays the groundwork for future capabilities simulating threats using artificial intelligence and autonomy.

The friar who became the Vatican’s go-to guy on A.I.

The New York Times

Jason Horowitz

In recent weeks, the ethics professor, ordained priest and self-proclaimed geek has joined Bill Gates at a meeting with Prime Minister Giorgia Meloni, presided over a commission seeking to save Italian media from ChatGPT bylines and general A.I. oblivion, and met with Vatican officials to further Pope Francis’s aim of protecting the vulnerable from the coming technological storm. At a conference organized by the ancient Knights of Malta order, he told a crowd of ambassadors that “global governance is needed, otherwise the risk is social collapse.” He also talked up the Rome Call, a Vatican, Italian government, Silicon Valley and U.N. effort he helped organize.

Ransom hackers are hitting climate data

Semafor

Caroline Anders

Hackers are opening a new front in the corporate cybersecurity wars by hijacking the torrent of sensitive climate and energy-related data streaming out of companies. In January, the consulting firm Schneider Electric was hit by a ransomware attack on its Sustainability Business division, which helps client companies track their emissions, improve their energy efficiency, and source renewable power, among other services. The attack took some of the division’s essential software offline for two weeks, during which an undisclosed volume of client data was compromised.

New report on IoT security underscores the current risk of unsecured devices and equipment

The Associated Press

Asimiliy

Enterprises continue to embrace IoT strategies to streamline operations, boost efficiency, and improve customer experiences. From hospitals to manufacturers to public sector agencies, IoT device fleets are critical for meeting these modernization goals. However, the acceleration in connected device deployment opens new windows for cybercriminals and exposes networks to potential breaches. This report addresses the growing challenge of securing IoT devices and explores the consequences for businesses neglecting sufficient cyber resilience.

