Top of the Day

 

Pentagon to build AI for war planning in Europe and Asia

 

(Patrick Tucker, Jennifer Hlad – Defense One – 5 March 2025) In a bid to accelerate military decision-making—particularly in the European and Indo-Pacific regions—the Pentagon has hired Scale AI to prototype an artificial-intelligence program to help plan military campaigns, test battle scenarios, anticipate threats, and more. Dubbed Thunderforge, the system is intended to enable commanders “to navigate evolving operational environments” using “advanced large language models (LLMs), AI-driven simulations, and interactive agent-based wargaming,” the Defense Innovation Unit said Wednesday in a statement. – https://www.defenseone.com/technology/2025/03/pentagon-build-ai-war-planning-europe-and-asia/403506/

 

DeepSeek Points Toward U.S.-China Cooperation, Not a Race

 

(Simon Goldstein, Peter N. Salib – Lawfare – 5 March 2025) On Jan. 1, the Chinese company DeepSeek released r1, a new artificial intelligence (AI) model that matches the performance of recent American reasoning models such as OpenAI’s o1. R1 has caused something of a panic in the United States, with many calling for the U.S. government to ensure that the United States prevails in the “AI race” with China. President Trump has described DeepSeek as a “wake-up call.” And in a recent post, Anthropic CEO Dario Amodei cited DeepSeek as a reason why the U.S. government should further reduce Chinese access to advanced computer chips. – https://www.lawfaremedia.org/article/deepseek-points-toward-u.s.-china-cooperation–not-a-race

 

Risk thresholds for frontier AI: Insights from the AI Action Summit

 

(Eunseo Dana Choi, Dylan Rogers – OECD.AI – 5 March 2025) How many hot days make a heatwave? When do rising water levels become a flood? How many people constitute a crowd? We live in a world defined by thresholds. Thresholds impose order on the messy continuum of reality and help us make decisions. They can be seen as pre-defined points above which additional mitigations are deemed necessary. There is increasing interest in thresholds as a tool for governing advanced AI systems, or frontier AI. AI developers such as Google DeepMind, Meta, and Anthropic have published safety frameworks, including thresholds at which risks from their systems would be unacceptable. The OECD recently conducted an expert survey and public consultation on the topic of thresholds. To deepen this conversation, the UK AI Security Institute (AISI) and the OECD AI Unit convened leading experts at the AI Action Summit to discuss the role of thresholds in AI governance. Representatives from the nuclear and aviation industries joined experts from the Frontier Model Forum, Google DeepMind, Meta, Humane Intelligence, SaferAI, and the EU AI Office. This blog captures some key insights from the discussions. – https://oecd.ai/en/wonk/risk-thresholds-for-frontier-ai-insights-from-the-ai-action-summit

What Ukraine can teach Europe and the world about innovation in modern warfare

(Joyce Hakmeh – Chatham House – 5 March 2025) Ukraine’s war effort has become a case study in how necessity fuels innovation. In the face of a far larger and better-equipped adversary, Ukraine has built a defence-tech ecosystem that is reshaping the rules of modern combat. Ukraine’s success in this is not just about resilience or patriotism but about the ability to adapt, decentralize and leverage new technologies faster than its opponent. Nowhere is this more evident than in the country’s approach to drone warfare, where rapid development and deployment have allowed Ukraine to strike deep behind enemy lines and disrupt conventional military calculations. – https://www.chathamhouse.org/2025/03/what-ukraine-can-teach-europe-and-world-about-innovation-modern-warfare

China sets world record, ‘traps’ light for 4,035 seconds to boost quantum information

(Aman Tripathi – Interesting Engineering – 5 March 2025) Scientists at the Beijing Academy of Quantum Information Sciences (BAQIS) have shattered the world record for light storage. Recently, they successfully held light-based information for an unprecedented 4,035 seconds – over an hour. “Storing light has always been a challenge across the world,” said Liu Yulong, an associate researcher at BAQIS and the study’s first author, as reported by China’s Xinhua news agency. This remarkable feat represents a major step forward in the quest to harness the power of quantum mechanics. – https://interestingengineering.com/science/china-world-record-traps-light

Defense, Intelligence, and Warfare

Don’t cut this key driver of technological advantage

(Abigail Robbins – Defense One – 5 March 2025) As Pentagon leaders look to shift money to new priorities—$50 billion in each of the next five years—they should take care to preserve a longstanding area of investment that pays off: defense-related research and development at America’s universities. Although it’s important to crack down on waste and curb inefficiencies, significant cuts would endanger national security. Since World War II, such funding has produced technological breakthroughs that have made our military the strongest, most technologically dominant fighting force in the world. It also plays a crucial role in cultivating a robust workforce for the broader defense sector and spurring the greater U.S. economy that arms and equips the U.S. military. – https://www.defenseone.com/ideas/2025/03/dont-cut-key-driver-technological-advantage/403489/

 

Security

Espionage Actor ‘Lotus Blossom’ Targets South East Asia

(Alexander Culafi – Dark Reading – 6 March 2025) An espionage-focused threat actor dubbed “Lotus Blossom” is targeting areas around the South China Sea with a proprietary backdoor malware known as “Sagerunex.”. The threat actor, which targets governments, manufacturing, media, and telecommunications organizations across the region, gains access to a target and then unfolds a multistage attack chain, according to recent research from Cisco Talos threat intelligence researcher Joey Chen. Lotus Blossom, which has been in active operation since 2012, first issues a series of commands into Windows Management Instrumentation (WMI) to gain information related to user accounts, network configurations, process activities, and directory structures, he noted. The origin of Lotus Blossom — also known as Spring Dragon, Billbug, and Thrip — is unclear. While some researchers such as those at Symantec have referred to the actor as being China-based, Cisco Talos’ recent post stops short of attribution, only noting that the threat actor targets “areas including the Philippines, Vietnam, Hong Kong and Taiwan.” – https://www.darkreading.com/threat-intelligence/espionage-lotus-blossom-south-east-asia

China’s Silk Typhoon APT Shifts to IT Supply Chain Attacks

(Jai Vijayan – Dark Reading – 5 March 2025) The China-backed cyber-espionage group known as “Silk Typhoon” has begun targeting organizations in the IT supply chain to gain access to their downstream customers. The activity signals a troubling shift in the threat group’s tactics, making detection and mitigation more challenging for victims because the attacks exploit trusted relationships and bypass traditional security defenses. – https://www.darkreading.com/remote-workforce/china-silk-typhoon-it-supply-chain-attacks

Black Basta Pivots to Cactus Ransomware Group

(Elizabeth Montalbano – Dark Reading – 5 March 2025) After an attack hiatus and signs of infighting within the ranks of the Black Basta ransomware group, some of its key members appear to have shifted to new malware in a fresh attack wave, under the guise of another threat group called Cactus. Since the start of the year, Trend Micro researchers observed separate Black Basta and Cactus ransomware attacks that shared similar tactics, techniques, and procedures (TTPs) and also leveraged a new malware called BackConnect for achieving persistence in victim environments, according to a blog post published on March 3. – https://www.darkreading.com/threat-intelligence/black-basta-pivots-cactus-ransomware-group

Bogus ‘BianLian’ Gang Sends Snail-Mail Extortion Letters

(Elizabeth Montalbano – Dark Reading – 5 March 2025) Someone claiming to represent the BianLian ransomware group is sending top executives from various organizations snail-mail extortion letters informing them that their IT network has been compromised and threatening to delete or leak sensitive company data. Sending physical letters through the mail system is an unusual move for a cybercriminal group, which typically sends ransom notes in digital form following a cyberattack. The letters mimic those conventional ransom notes, demanding a payment within 10 days in exchange for not leaking the data, researchers from both Arctic Wolf and Guidepoint Security revealed in separate blog posts. – https://www.darkreading.com/threat-intelligence/bogus-bianlian-snail-mail-extortion-letters

‘Crafty Camel’ APT Targets Aviation, OT With Polygot Files

(Nate Nelson – Dark Reading – 5 March 2025) A sophisticated advanced persistent threat (APT) that’s likely aligned with Iran has been deploying a convincing business email compromise (BEC) attack to deliver two-faced polyglot files, which quietly dropped a simple but diligently concealed backdoor. The goal? Cyber espionage against a handful of significant operational technology (OT) companies in the United Arab Emirates (UAE). The activity, laser-focused on certain aviation and critical infrastructure targets, is characterized by its emphasis on stealth, according to Proofpoint, which discovered fewer than five organizations on the butt end of this attack chain within its own telemetry. However, Proofpoint APT staff researcher Joshua Miller qualifies that there are likely more targets and victims. “I would assume there are some organizations that were targeted which were not protected [and therefore not visible] by Proofpoint,” he says. – https://www.darkreading.com/ics-ot-security/crafty-camel-apt-aviation-ot-polygot-files

Rural hospitals in US need to invest at least $70 million in cybersecurity, Microsoft finds

(Jonathan Greig – The Record – 5 March 2025) The average rural hospital would need to spend tens of thousands of dollars to address their cybersecurity vulnerabilities, Microsoft estimates. In a white paper published on Wednesday, the tech giant said the cost to mitigate basic cyber risks across all of the approximately 2,100 rural hospitals in the U.S. would be $70 million to $75 million. Each hospital would on average need to spend between $30,000 and $40,000. – https://therecord.media/rural-hospitals-need-millions-cyber