Top of the Day
Cybercrime evolving into national security threat: Google
(Jonathan Greig – The Record – 12 February 2025) Cybercrime continues to expand and evolve and has become a national security-level threat that is enabling more attacks by state-backed groups, Google warned in a new report. Released ahead of the Munich Security Conference, the Google Threat Intelligence Group and Mandiant research covers their investigations throughout 2024 and observations from the last four years. – https://therecord.media/cybercrime-evolving-nation-state-threat
Applying International Human Rights Principles for AI Governance
(Sabhanaz Rashid Diya – Centre for International Governance Innovation – 12 February 2025) Despite gaining prominence, the fairness, accountability, transparency and ethics framework in artificial intelligence (AI) governance poses significant limitations. It is inadequately defined to meet the complexities of a pluralistic work, lacks consensus on normative values underpinning it, is prone to misuse and misrepresentation, and inadvertently promotes ethics washing. The International Bill of Human Rights, while not devoid of criticism and implementation challenges, provides a universal foundation for building consensus around value archetypes within and between societies. Canada can play a critical leadership role in international AI governance through the Global Digital Compact, as well as its membership in the Group of 20 and its presidency in the Group of Seven, by establishing human rights frameworks as a governance norm for AI systems. – https://www.cigionline.org/publications/applying-international-human-rights-principles-for-ai-governance/
India’s Cybercrime Problems Grow as Nation Digitizes
(Robert Lemos – Dark Reading – 12 February 2025) India continues to see a surge in cybercrime affecting both citizens and businesses, with cyber fraud against citizens jumping 51% over the past year and cyberattackers targeting businesses in volumes significantly higher than global averages. Overall, Indian citizens filed more than 1.7 million cybercrime complaints in 2024, up from 1.1 million complaints in 2023, according to the latest data from India’s National Cyber Reporting Platform (NCRP) released in early February. While many of those cyber scams came from domestic sources, about 45% of the cyberattacks came from cybercriminal havens in Cambodia, Myanmar, and Laos, according to the report. – https://www.darkreading.com/cyber-risk/indias-cybercrime-problems-nation-digitizes
GAO calls on Coast Guard to improve cyber for Maritime Transportation System
(Carley Welch – Breaking Defense – 12 February 2025) The Government Accountability Office released a report today calling for the US Coast Guard to improve the cybersecurity infrastructure of the Maritime Transportation System (MTS), the complex network of ports, waterways, ships and other vessels that are used to transport goods and passengers. The government watchdog found several gaps in the MTS’s cybersecurity practices in its study, which was conducted as a result of the 2023 National Defense Authorization Act. These include inconsistencies in cyber incident data, incompetencies in cyber professionals and a lack of a cohesive cybersecurity strategy to protect the MTS. – https://breakingdefense.com/2025/02/gao-calls-on-coast-guard-to-improve-cyber-for-maritime-transportation-system/
Predicting the Next ‘DeepSeek Event’: Early Indicators of Capability Within the PRC’s AI Ecosystem
(Matthew Johnson – The Jamestown Foundation – 11 February 2025) Predicting artificial intelligence (AI) firm DeepSeek’s recent successes within a highly competitive AI ecosystem may have been possible by observing factors such as government recognition, proximity to top-tier national research institutions, and a complex network of corporate affiliates with proven technology expertise. Indicators of ties to the Party-state include DeepSeek’s Beijing arm being named one of thirty “main drafting units” for a national data security standards plan in 2023 and the designation of DeepSeek affiliate High-Flyer Technology as a national “high-tech enterprise” in 2020 and 2023. DeepSeek has built a strategic presence in Beijing, a leading hub for AI research, despite being headquartered in Hangzhou. This has fueled online speculation that it benefits from state support. External validations of High-Flyer/DeepSeek’s growing capability marked DeepSeek as a sophisticated innovator well before the market-shifting release of its R1 open source model. – https://jamestown.org/program/predicting-the-next-deepseek-event-early-indicators-of-capability-within-the-prcs-ai-ecosystem/
Network architecture for global AI policy
(Cameron F. Kerry, Joshua P. Meltzer, Andrea Renda, Andrew W. Wyckoff – Brookings – 10 February 2025) Artificial intelligence caught the attention of a few governments a decade ago. It has become a preoccupation for many since the watershed 2022 release of ChatGPT. In turn, that development set off a tsunami of policy initiatives across many national governments, most multilateral organizations, and diverse evolving groups and ad-hoc coalitions. These efforts seek both to realize the opportunities for AI to expand the frontiers of science and human capabilities and contribute to productivity and creativity, and to identify and mitigate risks that AI presents to humans and society. – https://www.brookings.edu/articles/network-architecture-for-global-ai-policy/
Governance and Legislation
Japan Goes on Offense With New ‘Active Cyber Defense’ Bill
(Nate Nelson – Dark Reading – 12 February 2025) The Japanese government is on a mission to catch up to US national cybersecurity preparedness standards and has just passed bold legislation aimed at bolstering the country’s cyber-response capabilities. Together, the two articles of legislation constitute what’s referred to as the Active Cyber Defense Bill, which enables the Japanese government to take more aggressive measures to stop cyberattacks before they can cause widespread damage. – https://www.darkreading.com/cybersecurity-operations/japan-offense-new-cyber-defense-bill
A Parting CyberQuest
(Anthony M. Rutkowski – Lawfare – 12 February 2025) On Dec. 5, 2024, the Federal Communications Commission (FCC) Office of the Chairwoman issued a press release and accompanying fact sheet attempting to assert a broad new cybersecurity regulatory authority by creatively conjoining news coverage revelations of network hacking with an abstruse provision in a 1994 act on lawful interception. It was one day after the national security community collectively released extensive guidance on mitigating the related well-known hacking vulnerabilities—which was never mentioned by the FCC. Several weeks later, the FCC summarily declared cybersecurity authority over an array of U.S. telecommunications infrastructure to impose new regulations that include creation and notification of cybersecurity risk management and supply chain security plans. The designated incoming FCC chair published his strong objections. The next day, the White House published a related cybersecurity executive order (which was subsequently deleted). Although the FCC assertion attempt is certain to fail, the events underscored a continuing need in law and operational practices for instituting effective infrastructure cybersecurity. – https://www.lawfaremedia.org/article/a-parting-cyberquest
Geostrategies
Competition for Control of Rare Earths Triggering Great Power Conflict in Central Asia
(Paul Globe – The Jamestown Foundation – 11 February 2025) Control of access to rare earth minerals that are critical for the development of technologies is a driver in the strategic thinking of Western powers, as well as the People’s Republic of China and Russia. Recent developments in Central Asia highlight the growing importance of rare earth minerals in global geopolitics as these resources are now central to technological and strategic power. Central Asia as a region risks falling into conflict as governments prefer to involve multiple actors so that a single foreign power cannot hold sway over the country and undermine the central government. – https://jamestown.org/program/competition-for-control-of-rare-earths-triggering-great-power-conflict-in-central-asia/
Defense, Intelligence, and Warfare
SDA asks industry to propose 60-day studies of ‘novel’ capabilities for Iron Dome
(Theresa Hitchens – Breaking Defense – 12 February 2025) The Space Development Agency (SDA) is soliciting “executive summaries” from interested vendors for fast-track studies of how the agency’s Proliferated Warfighter Space Architecture (PWSA) satellite network in low Earth orbit can be best exploited to support President Donald Trump’s “Iron Dome For America” missile shield. “SDA is interested in industry’s perspective on implementing the Iron Dome for America architecture, and is particularly interested in building on and integrating PWSA’s current contributions to global kill chains and missile defense,” the agency wrote in a Feb. 11 solicitation. The agency is asking for “novel architecture concepts, systems, technologies, and capabilities that enable leap-ahead improvements for future [PWSA] tranches, capability layers, or, enable new capability layers to address other emerging or evolving warfighter needs,” it adds. – https://breakingdefense.com/2025/02/sda-asks-industry-to-propose-60-day-studies-of-novel-capabilities-for-iron-dome/
US cyber vulnerabilities fuel N. Korea’s nuclear arsenal, but solutions are near: DARPA official
(Carley Welch – Breaking Defense – 11 February 2025) The US’s vulnerable cybersecurity systems are indirectly allowing North Korea to bolster its nuclear arsenal, but thanks to existing technology this can be easily avoided, an official from the Defense Advanced Research Project Agency said Monday. North Korea is able to use the funds it acquires from ransomware attacks on US systems and those of other countries to pay for the development of nuclear weapons, Kathleen Fisher, director of DARPA’s Information Innovation Office, said – https://breakingdefense.com/2025/02/us-cyber-vulnerabilities-fuel-n-koreas-nuclear-arsenal-but-solutions-are-near-darpa-official/
Security
Ransomware attack disrupting Michigan’s Sault Tribe operations
(Jonathan Greig – The Record – 12 February 2025) A recent ransomware attack on the Sault Tribe in Michigan has knocked many of its most critical services offline. In a statement on Monday, Sault Tribe Chairman Austin Lowes said the incident began on Sunday morning and impacted “multiple computer and phone systems across tribal administration, including the casinos, health centers and various businesses.” – https://therecord.media/ransomware-disrupting-sault-michigan
Subgroup of Russia’s Sandworm compromising US and European organizations, Microsoft says
(Jonathan Greig – The Record – 12 February 2025) A subgroup of a notorious Russian state-backed hacking group has been running a multi-year campaign to gain initial access to dozens of strategically important organizations across the U.S. and Europe. Microsoft’s threat intelligence team published an examination on Wednesday of the “BadPilot campaign” — an effort by a Russian group known as Sandworm, or Seashell Blizzard, to breach sectors like energy, including oil and gas, telecommunications, shipping, arms manufacturing, and the government. – https://therecord.media/sandworm-subgroup-russia-europe
CHERI Security Hardware Program Essential to UK Security, Says Government
(James Coker – Infosecurity Magazine – 12 February 2025) The UK government-backed Digital Security by Design (DSbD) initiative must succeed to systematically address rising cyber risks to the nation, according to the National Cyber Security Centre’s (NCSC) CTO, Ollie Whitehouse. Whitehouse made the remarks during an event showcasing the technological advances from the ambitious program, which aims to secure the underlying computer hardware used in the UK. – https://www.infosecurity-magazine.com/news/cheri-security-hardware-uk-security/
Massive IoT Data Breach Exposes 2.7 Billion Records
(Alessandro Mascellino – Infosecurity Magazine – 12 February 2025) A massive IoT data breach has exposed 2.7 billion records, compromising sensitive information such as Wi-Fi network names, passwords, IP addresses and device IDs. Jeremiah Fowler, a cybersecurity researcher, reported the unprotected database linked to Mars Hydro, a China-based IoT grow light company, and LG-LED Solutions, a California-registered firm. Fowler disclosed the findings to vpnMentor, which shared them exclusively with Infosecurity. – https://www.infosecurity-magazine.com/news/iot-data-breach-exposes-27-billion/
US, UK and Australia Sanction Russian Bulletproof Hoster Zservers
(Phil Muncaster – Infosecurity Magazine – 12 Februry 2025) The UK, US and Australia have announced joint sanctions against a bulletproof hoster (BPH), its UK front company and six individuals for helping notorious ransomware-as-a-service outfit LockBit, and others. Allegedly headquartered in the Siberian city of Barnaul, Zservers forms a crucial part of the cybercrime supply chain. BPH firms offer takedown-proof, anonymous web hosting services to cybercrime groups for command-and-control (C2) servers, data leak sites, hosting dark web market pages, and much more. – https://www.infosecurity-magazine.com/news/us-uk-australia-sanction-russia/
Romance Scams Cost Americans $697.3M Last Year
(Alessandro Mascellino – Infosecurity Magazine – 12 February 2025) Nearly 59,000 Americans have fallen victim to romance scams in 2024, losing an estimated $697.3m. According to a new report from Comparitech, while reported cases dropped by 6% compared to 2023, the financial toll remains staggering. – https://www.infosecurity-magazine.com/news/romance-scams-cost-americans/