The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.
Both cybercriminals and digital spies sponsored by nation states are using artificial intelligence to add “volume and impact” to their attacks, according to a British government minister.
On Tuesday, in an annual review issued by the National Cyber Security Centre (NCSC), an arm of U.K. signals intelligence agency GCHQ, minister for intergovernmental relations Pat McFadden warned that AI was “transforming the cyber threat” facing the western world.
The NCSC went on to warn that generative AI like OpenAI’s ChatGPT models or Meta’s Llama “will make it harder for defenders to identify social engineering attacks without the development of new mitigations.” Already, cybercriminals have been using generative AI to write phishing emails. The same technology can be used as a reconnaissance tool to quickly identify vulnerable computers and help hackers exploit them, the agency added.
There is another side to AI technology, however, in defense. In recent months, Google has shown how its AI can now find software vulnerabilities, helping defenders patch apps and protect users. In one recent example, Google said AI helped find 26 vulnerabilities in the widely-used website encryption code library known as OpenSSL. It represented “a milestone for automated vulnerability finding,” Google’s open source security team wrote.
The future looks set to be an AI vs. AI world, with humans pushing the buttons of their digital helpers.
Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964.
FBI Is Investigating Exxon Lobbyist Over Hack Of Environmentalist Emails, Sources Say
Reuters reports on an FBI investigation into whether or not a lobbyist firm working for Exxon Mobil was involved in a hack-and-leak operation targeting hundreds of the oil company’s critics.
Per the report, citing one of three sources familiar with the matter, U.S. authorities believe the DCI Group, a public affairs and lobbying company working for Exxon back in 2015, had compiled a list of targets and provided them to an Israeli private detective, who then outsourced the hacking. DCI later leaked some of the hacked materials to the media, according to Reuters.
Stories You Have To Read Today
As first reported by Wired, the Biden administration has imposed new controls designed to prevent China getting ahead in the AI race. The new rules prohibit sales of certain kinds of chips to China, while adding more than 100 Chinese companies to a restricted trade list.
The Federal Trade Commission has taken action against Evolv Technologies, saying the company made false claims about how effective its AI screening tech was at detecting weapons on a person. The company has sold to thousands of schools, some of whom may now be able to cancel their contracts because of Evolv’s settlement with the FTC. Per the FTC, among various overstatements about its ability to uncover weapons being brought onto customer premises, “Evolv’s Express scanners reportedly failed to detect a seven-inch knife brought into a school in October 2022 that was used to stab a student. Afterwards, school officials increased the system’s sensitivity settings, prompting a 50% false alarm rate.”
Winner of the Week
Sixgen, a government contractor for offensive and defensive cyber services, has announced its fourth acquisition in a year, confirming plans to merge with competing company Kyrus Tech. The deal follows hot on the footsteps of its previous acquisition of Boldend, a Founders Fund-backed startup which had made headlines for developing hacks to spy on WhatsApp. “Kyrus brings highly specialized capabilities that align with Sixgen’s vision of building a formidable ecosystem of solutions for the modern digital warrior,” said Jack Wilmer, CEO of Sixgen. Financial terms of the deal were not disclosed.
Loser of the Week
A suspected ransomware coder Mikhail Matveev, who also goes by the online moniker Wazawaka, has been arrested in Russia. Wazawaka had previously been linked to some of the most notorious ransomware crews including LockBit and Conti. It’s claimed he also once published his FBI Most Wanted poster on a t-shirt.
More On Forbes
Read the full article here
