TOP OF THE DAY
Central and Eastern Europe’s bid for AI dominance
(Sona Muzikarova – ASPI The Strategist – 25 November 2024) While the world’s attention remains focused on Ukraine’s heroic stand against Russian aggression, a quieter revolution is reshaping Central and Eastern European (CEE) economies. CEE countries have emerged as vibrant innovation hubs in recent years, generating a wave of new tech unicorns. Romania’s UiPath, for example, has become an automation leader, enhancing workplace efficiency by freeing workers from repetitive tasks. Poland’s Docplanner is revolutionising health care access by leveraging artificial intelligence to connect millions of patients with doctors. And while Croatia’s Infobip, with its AI-enhanced communication platform, facilitates seamless interactions between businesses, governments and citizens, Bulgaria’s Payhawk is transforming corporate finance by streamlining expense management. – https://www.aspistrategist.org.au/central-and-eastern-europes-bid-for-ai-dominance/
Memorandum Outlines U.S. Government’s Role in AI Development
(Janneke Parrish, Megan Thomas, Omid Ghaffari-Tabrizi – Lawfare – 22 November 2024) On Oct. 24, President Biden released a National Security Memorandum on artificial intelligence (NSM on AI), in addition to an accompanying framework offering high-level recommendations. The NSM fulfills a requirement outlined in Section 4.8 of Executive Order 14110, which requires large AI developers and providers to share safety tests with the government, directs agencies to establish safety and testing standards, and calls for action to address the technology’s impact. The NSM applies to agencies within the intelligence community and those using National Security Systems (NSS); the framework serves as guidance for agencies in managing their “respective components/sub-agencies.” Both documents are intended to serve as the Department of Defense/intelligence community counterpart to the civilian-focused memorandum on AI (M-24-10) issued by the Office of Management and Budget—representing a comprehensive government approach to AI. Accordingly, the NSM is the “first-ever” such document, with an overarching goal of responsibly, safely, and securely ensuring an “edge over rivals seeking to leverage AI to the detriment of [U.S.] national security.” The administration outlined “three core principles”: securing American leadership in AI, harnessing AI for national security, and accelerating responsible adoption via “clear rules of the road.” – https://www.lawfaremedia.org/article/memorandum-outlines-u.s.-government-s-role-in-ai-development
Social dialogue and AI: Global Deal focus group on social dialogue and the use of AI systems in the workplace
(OECD.AI – 22 November 2024) The rise of generative AI technologies and other advanced AI systems has significantly transformed workplaces. While the introduction of AI offers substantial benefits in terms of productivity and its potential for automation and augmentation of tasks, it also raises concerns about job displacement, work intensification, privacy, respect for labour rights, equality, and accountability. This is where social dialogue becomes crucial as a tool to generate consensus between representatives from workers’ and employers’ organisations and governments to address labour market challenges. Effective social dialogue requires effective access to the rights to freedom of association and collective bargaining, as well as mutual respect and trust to create favourable conditions for collaboration. As a joint ILO-OECD initiative, the Global Deal is a multi-stakeholder partnership for the promotion of social dialogue to promote decent work and sound industrial relations. The Global Deal recently conducted a focus group to explore the impact of AI on employment and working conditions and the role of social dialogue when introducing AI systems in the workplace. – https://oecd.ai/en/wonk/global-deal
Beyond ChatGPT: US leads in AI by ‘wide margin’
(Justinas Vainilavičius – Cybernews – 22 November 2024) ChatGPT is likely the first thing that comes to mind when people hear the words “artificial intelligence.” The AI boom began in the US with the launch of OpenAI’s chatbot two years ago and continues to give the country a significant edge over other nations. Data collected by the Stanford Institute for Human-Centered AI shows the US leading all other nations by a ‘wide margin’ in key areas of the global AI ecosystem. According to its Global Vibrancy Tool 2024, the US has released more AI models, invested more, and produced more quality AI research than any other country. China ranks second but lags significantly from the US, followed by the UK, India, UAE, France, and South Korea. Germany, Japan, and Singapore round up the top 10. In total, 36 countries were analyzed across 42 indicators to assess the strength of their AI ecosystems. – https://cybernews.com/ai-news/chatgpt-us-leads-artificial-intelligence/
Transforming the financial services sector in Africa with 4IR technologies
(Landry Signé – Brookings – 22 November 2024) Despite the prevailing narrative that Africa is falling behind in the Fourth Industrial Revolution (4IR), the continent is actually home to half of the world’s mobile money accounts, making it a pioneer in integrating 4IR technology into the financial services industry, according to 4C Group and GSMA. As numerous African-led innovations prove, and as I argue in my book Africa’s Fourth Industrial Revolution, advanced technologies have already provided and continue to offer unprecedented opportunities for the continent to improve business performance and connect millions of unbanked people to financial services. – https://www.brookings.edu/articles/transforming-the-financial-services-sector-in-africa-with-4ir-technologies/
Mapping minds: brain activity data can be used for smart city planning
(Paulina Okunytė – Cybernews – 22 November 2024) Analyzing the mental construction of urban spaces even further, a new interdisciplinary approach emerged – neuro-urbanism. This brings neuroscientists, urban researchers, and architects together to create city designs based on the needs of inhabitants. A current study by researchers from Michigan State University, with collaborators from the University of Lisbon, is opening the doors to using neuroimaging in city planning to ensure the well-being of residents and visitors. “Neuro-urbanism has the potential to contribute significantly to the design of cities that prioritize cognitive, emotional, and physical well-being,” said Dar Meshi, the lead author of the study. “By prioritizing the well-being of individuals, cities can create environments that are conducive to the overall health and happiness of their inhabitants.” – https://cybernews.com/science/brain-activity-data-smart-city-planning/
Five Ransomware Groups Responsible for 40% of Cyber-Attacks in 2024
(Beth Maundrill – Infosecurity Magazine – 22 November 2024) Five ransomware groups, including RansomHub and LockBit 3.0, accounted for 40% of all cyber-attacks in Q3 2024, highlighting the increasing complexity and competition within the ransomware ecosystem, according to research by Corvus Insurance. Overall, the Corvus’ Q3 2024 Cyber Threat Report, The Ransomware Ecosystem is Increasingly Distributed, noted that the ransomware threat level remained elevated. – https://www.infosecurity-magazine.com/news/five-ransomware-groups-40-of/
Exploring AI Governance: Short Reports on Key Issues
(RAND Corporation – 20 November 2024) Artificial intelligence (AI) is at the heart of current social, legal and ethical issues that governments, legislators, regulators, and the wider civil society are grappling with. At present, there are several notable efforts globally to determine the most effective ways to govern AI, although the structure and purpose of this oversight shows considerable variation across different jurisdictions. The European Union (EU) and the U.S. are two such prominent jurisdictions. The EU’s AI Act is a landmark piece of legislation that lays out, for the first time, a detailed and wide-ranging framework for the comprehensive regulation of AI deployment in the EU covering the development, testing and usage of AI. Although the U.S. has not yet instituted any comprehensive federal legislation on AI, the White House took a significant step towards establishing a governance regime for AI development and use in the U.S. by issuing an Executive Order in October 2023. Given the substantial economic and geopolitical influence of the EU and the U.S., any regulatory progress in these regions will significantly impact the global trajectory of AI. This, in turn, will have far-reaching effects on the broader societal, legal and ethical consequences linked with the technology’s adoption. – https://www.rand.org/well-being/justice-policy/projects/artificial-intelligence-governance.html
SECURITY
PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
(Ravie Lakshmanan – The Hacker News – 22 November 2024) Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI ChatGPT and Anthropic Claude to deliver an information stealer called JarkaStealer. – https://thehackernews.com/2024/11/pypi-attack-chatgpt-claude.html
Experts warn of Palo Alto firewall exploitation after 2,000 compromises spotted
(Jonathan Greig – The Record – 22 November 2024) Thousands of Palo Alto Networks firewalls have been compromised after two new vulnerabilities were disclosed earlier this month. Researchers at the U.K.-based Shadowserver Foundation said Thursday they found about 2,000 Palo Alto Networks firewalls breached worldwide, with hundreds in the U.S. and India affected. – https://therecord.media/palo-alto-networks-firewall-vulnerabilities-exploited-patched
UK drinking water supplies disrupted by record number of undisclosed cyber incidents
(Alexander Martin – The Record – 22 November 2024) A record number of cyber incidents impacted Britain’s critical drinking water supplies this year without being publicly disclosed, according to information obtained by Recorded Future News. The exact nature of these incidents is unclear, and they may include operational failures as well as attacks. Under British cybersecurity laws — known as the NIS Regulations — critical infrastructure companies are required to report “significant incidents” to the government within three days or face a fine of up to £17 million ($21 million). – https://therecord.media/uk-drinking-water-infrastructure-cyber-incident-reports
Microsoft Seizes 240 Websites to Disrupt Global Distribution of Phish Kits
(James Coker – Infosecurity Magazine – 22 November 2024) Microsoft has seized 240 fraudulent websites associated with “do-it-yourself” phishing kits used by cybercriminals globally to break into customer accounts. The action was enabled by a civil court order in the Eastern District of Virginia which allowed the malicious technical infrastructure to be directed to Microsoft. This permanently stops the use of these domains in phishing attacks in the future. – https://www.infosecurity-magazine.com/news/microsoft-seizes-websites-phish/
MITRE Unveils Top 25 Most Critical Software Flaws
(Kevin Poireault – Infosecurity Magazine – 22 November 2024) Cross-site scripting has been identified as the most critical software flaw of the past year, according to a recent report from MITRE. The nonprofit’s latest Top 25 Most Dangerous Software Weaknesses ranking was published on November 20. It covers the most critical flaws listed in the Common Weakness Enumeration (CWEs) catalog between June 2023 and June 2024. – https://www.infosecurity-magazine.com/news/mitre-unveils-top-25-software-flaws/
Manufacturing Sector in the Crosshairs of Advanced Email Attacks
(James Coker – Infosecurity Magazine – 22 November 2024) Advanced email attacks, including phishing and business email compromise (BEC), are surging in the manufacturing sector as cybercriminals target an industry with a low tolerance for downtime. Phishing attacks in the sector have surged 83% in the past 12 months, with Generative AI technologies enabling threat actors create greater volumes of sophisticated email attacks. – https://www.infosecurity-magazine.com/news/manufacturing-advanced-email/
GOVERNANCE AND LEGISLATION
Senators call for audit of TSA’s facial recognition tech as use expands in airports
(Suzanne Smalley – The Record – 22 November 2024) A bipartisan group of 12 senators on Wednesday sent the Department of Homeland Security’s (DHS) inspector general a letter expressing alarm over the widespread use of facial recognition technology at American airports without an audit of privacy protections or any third-party assessment of the technology’s accuracy. The Transportation Security Administration (TSA), which is housed within DHS, will soon roll the technology out in small and mid-size airports, taking the total number of airports where it is deployed to 430 nationwide, the letter to Inspector General Joseph Cuffari said. – https://therecord.media/tsa-facial-recognition-tech-senators-call-for-audits