TOP OF THE DAY
- (Associated Press/SecurityWeek – 9 October 2024) The European Union on Tuesday set up a system for imposing sanctions against people accused of cyberattacks, information manipulation or acts of sabotage on behalf of Russia to undermine EU support for Ukraine. NATO warned earlier this year of Russian “hostile state activity” against the Czech Republic, Estonia, Germany, Latvia, Lithuania, Poland and the U.K., and said that the Kremlin’s actions “constitute a threat to allied security.” – A New System Will Allow EU to Sanction People Waging Sabotage on Behalf of Russia – SecurityWeek
- (Ionut Arghire – SecurityWeek – 9 October 2024) The US cybersecurity agency CISA and the FBI have issued a warning about Iranian threat actors targeting and breaking into the email accounts of individuals associated with national political entities. Aiming to stir up conflict and undermine confidence in the US democracy, threat actors linked to the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC) have been targeting government officials, activists, journalists, think tank personnel, and lobbyists, the agencies say in a joint advisory. – US Agencies Warn Political Campaigns of Iranian Phishing Attacks – SecurityWeek
Governance
(Katie Szilagyi – Just Security – 9 October 2024) In light of the escalating public debate surrounding AI’s role in society, the U.S. Department of Justice (DOJ) has intensified its focus on how artificial intelligence is reshaping the justice system. In February, U.S. Deputy Attorney General Lisa Monaco announced that the DOJ would convene a “Justice AI Initiative” tasked with reporting to President Joe Biden on uses of AI within the justice system. Flowing from Biden’s 2023 Executive Order on AI safety, security, and trustworthiness, the Justice AI Initiative has convened six times so far, meeting with key stakeholders to discuss important issues, including how automated decision-making impacts rights and opportunities; fairness, equity, and democracy; information sharing with private industry; and malicious uses of AI by criminal actors. The diversity of issues canvassed to date offers a snapshot into the extent of ongoing research in the space: right now, AI is everywhere. For the public and legal sectors, AI appears poised to transform business as usual, meaning regulators have started to pay careful attention. – Maintaining the Rule of Law in the Age of AI (justsecurity.org)
(Kevin Poireault – Infosecurity Magazine – 9 October 2024) Social media users in the EU will soon be able to send complaints against Facebook, TikTok and YouTube over content moderation to a new independent body, the Appeals Centre Europe (ACE). This new organization was launched on October 8, 2024, after its founders announced a one-time grant from Meta Platforms’ Oversight Board Trust, an independent body tasked to scrutinize Meta’s services, especially regarding content moderation. It is certified by Ireland’s media regulator (Coimisiún na Meán) and will be based in Dublin. – New EU Body to Centralize Complaints Against Facebook, TikTok, YouTube – Infosecurity Magazine (infosecurity-magazine.com)
(Diana Roy – Council on Foreign Relations – 8 October 2024) In 2022, President Joe Biden signed into law the Creating Helpful Incentives to Produce Semiconductors (CHIPS) and Science Act. The legislation directs hundreds of billions of dollars toward supercharging domestic production of advanced technologies such as semiconductors—also known as microchips or chips. Since its passage, private firms have announced nearly $400 billion dollars in additional investments in chips and other electronics. Arizona and several other states are poised to become semiconductor powerhouses, but the law’s implementation is facing delays, worker shortages, and other challenges. – The CHIPS Act: How U.S. Microchip Factories Could Reshape the Economy | Council on Foreign Relations (cfr.org)
(Faouzi Achbar – The Parliament – 8 October 2024) In recent years, the European Union has made significant progress in the digital space, with important legislative measures such as the Digital Services Act, the Digital Markets Act, the AI Act and the Interoperable Europe Act. These initiatives shape a future in which digital transformation is both inevitable and beneficial. However, the promise of that future could fall short if we fail to address a fundamental issue: digital inclusion. – Op-ed: how can cities play an important role in digital inclusion? (theparliamentmagazine.eu)
(Matt Lynes – The Parliament – 7 October 2024) As AI advances, digital twins of everything from cities to aircraft to the human body are helping to predict real-world problems and optimise solutions. Now, the EU is working on cloning something even bigger: the Earth itself. The European Commission’s Destination Earth project (DestinE) went live on 10 June this year, creating two digital twins – one focused on weather-induced extremes and the other on climate change adaptation. – How the EU’s AI-powered digital twin of the Earth supports climate policy (theparliamentmagazine.eu)
(William Noah Glucroft – The Parliament – 4 October 2024) Ask ChatGPT how much energy it takes to answer a user’s query, and it will tell you it’s as much as one kilowatt-hour (kWh) of electricity. That’s roughly equivalent to ten hours of light from a single, 100-watt light bulb. With more than 200 million active weekly users, that’s a lot of lightbulbs. In less than two years, the generative AI chatbot has turned the world of large language models (LLMs), which most artificial intelligence is currently built on, from a niche tool for techies into an everyday service for the wider public. – EU’s AI dreams challenge its climate reality (theparliamentmagazine.eu)
Geostrategies
(Axel Thévenet – The Parliament – 3 October 2024) In an era where digital prowess equals global influence, the EU finds itself at a critical juncture. The nomination of Henna Virkkunen as the European Commission’s Executive Vice-President for Tech Sovereignty, Security and Democracy signals a recognition of the urgent need to bolster Europe’s technological independence. However, this laudable step merely scratches the surface of a profound challenge that demands far more ambitious action. – Op-ed: How can the EU achieve greater digital sovereignty? (theparliamentmagazine.eu)
Security
(Eduard Kovacs – SecurityWeek — 9 October 2024) Japanese electronics giant Casio revealed on Tuesday that a recent cyberattack caused some disruptions. The company said it detected unauthorized access to its network on October 5. The intrusion resulted in a system failure and led to the disruption of some services. – Casio Hit by Cyberattack – SecurityWeek
(Eduard Kovacs – SecurityWeek – 9 October 2024) CreditRiskMonitor, a provider of intelligence and analytics for credit and supply chain professionals, has disclosed a data breach impacting employees and contractors. The company told the SEC on Tuesday that it detected unauthorized access to its network on July 19. An investigation showed that the attacker could have viewed or copied personally identifiable information belonging to employees and independent contractors. – CreditRiskMonitor Data Breach Impacts Employee Information – SecurityWeek
(Ionut Arghire – SecurityWeek – 9 October 2024) The cyberespionage advanced persistent threat (APT) actor tracked as GoldenJackal has been observed targeting government organizations in Europe with tools designed to compromise air-gapped systems, ESET reports. Showing small overlaps with Russia-linked cyberespionage group Turla, GoldenJackal has been active for at least five years, focusing on government and diplomatic entities in Europe, the Middle East, and South Asia. – Cyberspies Target Air-Gapped Systems at European Government Organization – SecurityWeek
Defense, Intelligence, and War
(Theresa Hitchens – Breaking Defense – 8 October 2024) The Air Force Research Laboratory (AFRL) is planning flight tests in late 2025 and early 2026 of prototype antennas and radio receivers capable switching between multiple commercial satellite internet constellations — a capability that would both make them more difficult to jam and serve as an enabler of the Pentagon’s planned Joint All Domain Command and Control (JADC2) network. Under the program nicknamed Global Lightning, AFRL researchers hope to see this kit eventually make its way not only into airborne systems used by the Air Force, but also to platforms used by the other services, said Brian Beal, principal aerospace engineer at AFRL’s Strategic Development Planning and Experimentation Office. – AFRL moves toward flight testing satellite internet radios under Global Lightning – Breaking Defense
(Carley Welch – Breaking Defense – 8 October 2024) The Defense Intelligence Agency is on the verge of completing a much-needed update to the Joint Worldwide Intelligence Communication System (JWICS) to make the system more resilient to outages, DIA Chief Information Officer Doug Cossa said this morning. Over the past two years, the DIA set the goal of performing a “tech refresh” on the JWICS, the Pentagon’s secure network that hosts top secret and sensitive compartmented information. The JWICS was created during the Gulf War as the DIA had to figure out how to transmit secure voice and video to the Pentagon. – DIA ‘almost done’ with JWICS tech refresh goal to enhance network resiliency – Breaking Defense
(Sam Skove – Defense One – 8 October 2024) It takes just a moment to add a new app to your phone, but adding a sensor to a military radar display takes years. That’s why air-defense troops must bounce between multiple systems, wasting precious seconds as they scramble to identify incoming drones. But it doesn’t have to be that way, according to a recent experiment led by U.S. Central Command. In just two weeks, private companies managed to integrate multiple sensors onto a single display that Army troops tested in upstate New York—thanks in part to CENTCOM officers who paved the way by negotiating past bureaucratic blocks and assuaging company execs worried about intellectual property rights. While the tech won’t be sent to the Middle East just yet, officials hope it will serve as a building block for future efforts. – How to build a multi-sensor anti-drone dashboard in just two weeks – Defense One
Legislation
(James Coker – Infosecurity Magazine – 9 October 2024) The Australian government has introduced the country’s first standalone cybersecurity law to Parliament. The new legislation aims to better protect citizens and organizations against a heightened geopolitical and cyber threat environment. The Cyber Security Bill 2024 covers a range of areas, including mandating minimum cybersecurity standards for IoT devices and mandatory ransomware reporting for critical infrastructure organizations. – Australia Introduces First Standalone Cybersecurity Law – Infosecurity Magazine (infosecurity-magazine.com)
(Jennifer Baker – Euractiv – 8 October 2024) The previous European Parliament mandate introduced a raft of tech regulations aimed at reigning in Big Tech, including the Digital Services Act, the Digital Markets Act, the Data Act and the highly anticipated AI Act – the first legal framework on artificial intelligence to address the risks associated with AI and position Europe to play a leading role globally. The AI Act takes a risk-based approach to artificial intelligence to protect citizens from dangers such as intrusive surveillance while at the same time promoting innovations that could help solve global challenges such as climate change. The Act also establishes a new European AI Office, which will centralise AI expertise across the EU and play a key role in implementation. It seems as though the European Union has done its work, and it’s game over, right? Wrong. Although a lot of regulation was introduced under the last mandate, and a shift to the right following the European Parliament elections may result in fewer regulatory initiatives in tech, there is still a lot of implementation to do. – Tech and the new mandate, Europe’s AI opportunities and challenges – Euractiv