TOP OF THE DAY
Cyber meets warfare in real time
(Andrew Borene – NextGov – 21 October 2024) Last month, a wave of simultaneous explosions, reportedly triggered by modified pager devices, tore through Hezbollah-controlled regions in Lebanon and Syria.While these events have been attributed to a covert operation likely linked to Israel, their ramifications extend well beyond the immediate conflict. The pager explosions mark a significant convergence of geopolitical, cyber and physical security threats. They raise urgent questions about how outdated technologies can be weaponized in new ways, and they highlight vulnerabilities in supply chains that have implications for both governments and private sector enterprises. – Cyber meets warfare in real time – Nextgov/FCW
Microsoft and Pacific Northwest National Laboratory bring AI to quantum chemistry research
(Alexandra Kelley – NextGov – 21 October 2024) Microsoft and the Pacific Northwest National Laboratory are banking on artificial intelligence and high-performance computing’s potential to advance research breakthroughs in chemistry and materials science, unveiling an updated software suite for widespread access across scientific communities. The new offering, a series of software tools moved onto Microsoft’s Azure Quantum Elements cloud computing platform, is specifically engineered to provide high-performance AI tools for chemistry and materials sciences researchers. – Microsoft and Pacific Northwest National Laboratory bring AI to quantum chemistry research – Nextgov/FCW
AI and Hardware Hacking on the Rise
(Kevin Townsend – SecurityWeek – 21 September 2024) AI hacking (both of and with AI), hardware hacking, and AI-assisted hardware hacking are all increasing. Bugcrowd’s eighth annual Inside the Mind of a Hacker report surveys the thoughts of one of the world’s largest hacker communities. Almost 1,300 hackers took part. The report covers four primary subject areas: defining a hacker; the motivations for hacking; the rise of hardware hacking; and the effect of AI on hacking. The first two subjects are already covered extensively in the SecurityWeek Hacker Conversations series, which discusses the history, mind and motivations of some of the industry’s most famous individual hackers (including HD Moore, Joe Grand, Weld Pond, Space Rogue, and Bugcrowd’s own Casey Ellis). For this reason, we’ll concentrate on the last two subjects: hardware hacking and the increasing effect of AI on hacking. By understanding how hackers think and work, we are better able to defend ourselves from truly malicious threat actors. – AI and Hardware Hacking on the Rise – SecurityWeek
Toward a Model Code for Digital Safety
(Michel Girard – Centre for International Governance Innovation – 18 October 2024) Although standards are being published to address privacy, cybersecurity and high-risk artificial intelligence, more needs to be done to address digital harms. Stakeholders are playing catch-up with a tsunami of new, unproven digital technologies, and standards are developed after the fact. One approach gaining traction is the development of a model code for digital safety. This code would define a set of core values that should be embedded in new digital technologies in order to prevent harms from occurring in the first place. This would replicate what stakeholders have been doing for close to 100 years to ensure the safety of the built environment. – Toward a Model Code for Digital Safety – Centre for International Governance Innovation (cigionline.org)
Principles for state approaches to commercial cyber intrusion capabilities
(James Shires – Chatham House – 18 October 2024) The rapid growth of markets in which cyber intrusion capabilities can be bought and sold as products and services by states, companies and criminals raises thorny policy challenges that are not adequately addressed by existing concepts of legitimate and illegitimate use. This paper explores these challenges, and puts forward a set of principles to help governments and wider society navigate commercial markets for cyber intrusion. Important policy interventions have been made over the past decade to counter the misuse of commercial cyber intrusion capabilities. These focus variously on governments, companies and individuals, but have been initiated by a relatively narrow group of like-minded actors. The principles recommended in this paper, underpinned by a fresh distinction between ‘permissioned’ and ‘unpermissioned’ intrusion, are intended to promote greater coherence and consistency of approaches, and to widen the scope for consensus. – Principles for state approaches to commercial cyber intrusion capabilities | Chatham House – International Affairs Think Tank
NATO steps up Alliance-wide secure data sharing
On Thursday (17 October, 2024), NATO launched a new initiative to foster secure data sharing at speed and scale to further enhance situational awareness and data-driven decision-making. – NATO – News: NATO steps up Alliance-wide secure data sharing, 17-Oct.-2024
Fueling China’s Innovation: The Chinese Academy of Sciences and Its Role in the PRC’s S&T Ecosystem
(Center for Security and Emerging Technology – October 2024) The Chinese Academy of Sciences is one of the most important scientific research organizations not only in China but also globally. Through its network of research institutes, universities, companies, and think tanks, CAS is a core component of China’s science and technology innovation ecosystem. This brief first traces the organization’s historical significance in China’s S&T development, outlining key reforms that continue to shape the institution today. It then details CAS’s core functions in advancing S&T research, fostering commercialization of critical and emerging technologies, and contributing to S&T policymaking. Using scholarly literature, we provide insights into CAS’s research output in the science, technology, engineering, and mathematics (STEM) fields as well as in certain critical and emerging technologies, including artificial intelligence (AI). – Fueling China’s Innovation: The Chinese Academy of Sciences and Its Role in the PRC’s S&T Ecosystem | Center for Security and Emerging Technology (georgetown.edu)
SECURITY
(Eduard Kovacs – SecurityWeek – 21 October 2024) Cisco on Friday confirmed that some of its files have been stolen after a hacker offered to sell information allegedly belonging to the company. The hacker known as IntelBroker on October 14 announced a “Cisco breach” on a popular cybercrime forum. The threat actor claimed to have obtained GitHub and SonarQube projects, source code, hardcoded credentials, certificates, confidential documents, Jira tickets, API tokens, AWS private buckets, encryption keys, and other types of information. – Cisco Confirms Security Incident After Hacker Offers to Sell Data – SecurityWeek
(Ionut Arghire – SecurityWeek – 21 October 2024) Japanese electric motor manufacturer Nidec has confirmed that various types of business and internal documents were stolen in an August 2024 ransomware attack. The incident, the company says, impacted its Vietnam-based subsidiary Nidek Precision (NPCV), and was discovered after the attackers contacted Nidec to demand a ransom payment. – Electric Motor Giant Nidec Confirms Data Stolen in Ransomware Attack – SecurityWeek
(Eduard Kovacs – SecurityWeek – 21 October 2024) The Internet Archive has suffered an email hack while working to restore services impacted by recent cyberattacks. The non-profit digital library recently suffered a data breach that resulted in the exposure of usernames, email addresses, and password hashes belonging to as many as 31 million users. – Internet Archive Hacked Again During Service Restoration Efforts – SecurityWeek
(Alessandro Mascellino – Infosecurity Magazine – 21 October 2024) Severe cryptographic vulnerabilities have been uncovered in several popular end-to-end encrypted (E2EE) cloud storage platforms used by millions of people. ETH Zurich researchers Jonas Hofmann and Kien Tuong Truong analyzed five major providers—Sync, pCloud, Icedrive, Seafile and Tresorit— and revealed significant flaws in four of them. The study, published earlier this month, raises serious concerns about the security claims of these services, particularly in scenarios where a malicious server could compromise user data. – Severe Flaws Discovered in Major E2EE Cloud Storage Services – Infosecurity Magazine (infosecurity-magazine.com)
(Kevin Poireault – Infosecurity Magazine – 21 October 2024) The Bumblebee malware loader could have re-emerged months after Europol-led Operation Endgame disrupted it in May 2024. A new infection chain which deploys Bumblebee malware has been uncovered in a new report from Netskope Threat Labs. This is the first occurrence of a Bumblebee campaign since Operation Endgame, a law enforcement operation performed by Europol and partners in May 2024 which disrupted major malware botnets. The Netskope report also points to other research corroborating a possible Bumblebee return. – Netskope Reports Possible Bumblebee Loader Resurgence – Infosecurity Magazine (infosecurity-magazine.com)
(Kevin Poireault – Infosecurity Magazine – 21 October 2024) Shifting from a reactive to proactive cybersecurity means many groups and organizations leverage campaigns like Cybersecurity Awareness Month to foster awareness and education about the growing landscape of cyber risks. One such group is the new Jersey Cyber Security Centre (JCSC) which aims to bolster the cybersecurity posture of the Channel Island under the leadership of Matt Palmer, director at the JCSC. Formerly known as Jersey’s CERT, the center has undergone significant transformations to meet the ever-changing needs of the digital age and expand its mission beyond incident response. – Behind Jersey Cyber Security Centre’s Proactive Cyber Defense Mission – Infosecurity Magazine (infosecurity-magazine.com)
(James Coker – Infosecurity Magazine – 21 October 2024) Nearly half (46%) of organizations have unmanaged users with long-lived credentials in cloud services, putting them at high risk of data breaches, according to Datadog’s State of Cloud Security 2024 report. Long-lived credentials are authentication tokens or keys in the cloud that remain valid for a long time or do not. They are a major cause of cloud breaches, with attackers having a long window to successfully compromise these credentials. – Half of Organizations Have Unmanaged Long-Lived Cloud Credentials – Infosecurity Magazine (infosecurity-magazine.com)
DEFENSE, INTELLIGENCE, AND WAR
(Edward Graham – NextGov – 21 October 2024) Software company Salesforce announced on Monday that it has rolled out a new version of its government cloud that has Top Secret authorization and is geared toward U.S. national security agencies and intelligence organizations. The new offering, called Government Cloud Premium, is hosted on Amazon Web Services’ Top Secret cloud. – Salesforce launches new top secret cloud environment – Nextgov/FCW
(Ashley Roque – Breaking Defense – 21 October 2024) Attendees at last week’s AUSA conference in Washington couldn’t escape the phrase “transformation in contact,” Army Chief of Staff Gen. Randy George’s push to quickly test new equipment with units both inside the US and abroad to understand how that technology will operate in real world environments. One of the units George has tasked with testing the new kit out is the 2nd Light Brigade Combat Brigade of the 25th Infantry Division, which recently wrapped up putting new gear through its paces in Pacific conditions to see how they did. The results, divisional leaders told reporters today, should give Army leadership plenty to think about. – Ground robots challenged, battery issues: Transformation in contact hits the Pacific – Breaking Defense
(Kyle Miller – Center for Security and Emerging Technology – 16 October 2024) This blog describes key takeaways from the NATO-Ukraine Defense Innovators Forum, held in Krakow, Poland in June 2024. It overviews changing concepts of operation, battlefield realities, and technological aspirations and innovations in Ukraine, with a focus on uncrewed aerial vehicles (UAVs) and counter-UAV systems. It builds upon CSET’s previous blog from the Future of Drones in Ukraine conference held in Warsaw in November 2023. – The Future of Drones in Ukraine II: A Report from the NATO-Ukraine Defense Innovators Forum | Center for Security and Emerging Technology (georgetown.edu)
GOVERNANCE
(Edouard von Herberstein – Lawfare – 21 October 2024) The scale of the July 19 CrowdStrike outage was a stark reminder of the global connectivity and systemic nature of the digital economy. The outage affected most industries and continues to cause concern, especially among insurers who worry about systemic risk and the ability of the market to absorb the potential quantum of loss in a significant cyber incident. Several prominent insurers have expressed skepticism about the insurability of cyber risk and have argued that only a government backstop will bring confidence to more broadly insure cyber risk. Recently, a leading insurance broker and a global insurer, Marsh McLennan and Zurich, released a joint report stressing the urgent need for such public-private partnership solutions. – A Government Cybersecurity Backstop Isn’t a Silver Bullet | Lawfare (lawfaremedia.org)
(Kevin Poireault – Infosecurity Magazine – 21 October 2024) Australian businesses now have a list of best practices to refer to when using commercial AI products. The Office of the Australian Information Commissioner (OAIC) published on October 21 guidance on the use of commercially available AI products. The document explains in detail organizations’ obligations when using personal information in the context of off-the-shelf AI products, from chatbots to productivity tools and image generators. – Australia’s Privacy Watchdog Publishes Guidance on AI Products – Infosecurity Magazine (infosecurity-magazine.com)