Welcome to the CAVEAT Weekly Newsletter, where we break down some of the major developments and happenings occurring worldwide when discussing cybersecurity, privacy, digital surveillance, and technology policy.
At 1,600 words, this briefing is about a 6-minute read.
At a Glance.
- US announces it will be lending support to stop cyber and disinformation attacks on the Olympics.
- Microsoft drops its own OpenAI board seat.
US lends support to prevent cyber and disinformation attacks at Paris Olympics.
The News.
The Biden administration has announced that the United States (US) will be aiding French authorities to defend against any potential cyber-attacks or disinformation threats that could adversely impact the upcoming Paris Summer Olympic Games. More specifically, this assistance will include intelligence sharing as well as direct cyber support between the US and French officials.
With this announcement, Scott McConnell, a representative of the US Cybersecurity and Infrastructure Security Agency (CISA), stated that CISA will be “sharing threat information and working with critical infrastructure both in the US and in France'' as well as adding that CISA will be a member of the US government’s joint operations center in Paris to provide expertise. Aside from CISA, other agencies, such as the State Department’s Diplomatic Security Service, and other nations, like Estonia, will be aiding French officials in helping secure the international games. These agencies and nations will work closely with the French cybersecurity agency ANSSI, which has been preparing itself and French infrastructure over the last two years to face any cyber threats that may emerge during the games.
The Knowledge.
As the international games draw closer later this month, tensions continue to rise over concerns surrounding potential Russian interference with the major event. These concerns have grown after several reports were recently published detailing Russia’s alleged efforts to target various nations through cyber attacks and disinformation campaigns. Two notable reports, published last month by Microsoft and Mandiant respectively, discussed and warned people about their concerns regarding potential Russian efforts to disrupt the upcoming games and spread fear.
Microsoft’s report detailed how Russia had launched a disinformation campaign aimed at undermining sporting events last year by using various artificially created posts, visuals, and audio bits to tarnish the Olympic Committee as well as sow fear among attendees about potential violence occurring. Mandiant’s report echoed many of Microsoft’s findings as they also expressed their concerns about potential threats to the Summer Olympics stating that they had “high confidence” that cyber espionage, hacktivism, and disinformation campaigns tied to Russia will likely be used to target Paris. John Hultquist, a chief analyst at Mandiant Intelligence, commented that “these games are tied to French prestige, and Russia is uniquely aware of that.” Hultquist continued stating that Mandiant will have “multiple teams focused on the events” and that the “entire security community is taking it pretty seriously given the history.”
The Impact.
Given the tensions between Russia and the US and other European nations, concerns regarding potential incidents occurring at the international event are notably high. These concerns are reflective of the current state of affairs between Russia and many other nations given the ongoing war in Ukraine. Since the start of the conflict, tensions between Russia and other nations have only continued to grow as nations have repeatedly voiced their concerns regarding Russian efforts to sow disinformation, undermine elections, and launch various cyberattacks on critical infrastructure. As of now, these tensions are unlikely to abate for some time, and security companies and governments are taking steps to ensure that they remain secure both throughout the upcoming games as well as for key events, such as elections.
With the Olympics starting later this month, anyone attending the events should remain vigilant for potential misinformation or cyber attacks as malicious actors are likely to try to sow fear and confusion throughout the event even as various agencies work to disrupt these efforts. Despite the substantial international support being put behind securing the games, attendees should verify any information with trusted sources or official channels before reacting to any warnings or other concerning news.
Microsoft drops OpenAI board observer seat amid growing antitrust scrutiny.
The News.
On Wednesday, Microsoft announced its intention to remove itself from its board observer seat at OpenAI. This move comes as Microsoft seeks to lessen the US and United Kingdom (UK) antiregulatory concerns surrounding the tech giant’s ability to exert control over OpenAI given its significant ten billion dollar investment and board seat. Before leaving the seat, Microsoft was able to attend board meetings and access confidential information; however, the seat was strictly a non-voting seat, meaning Microsoft could not vote on company decisions, such as electing a director. With this announcement, Microsoft released a letter that stated that given OpenAI’s progress they “no longer [believed their] limited role as an observer is necessary.” An OpenAI spokesperson commented on this announcement stating that the company would work to establish a new approach to engage with its key stakeholders and business partners to listen to their inputs and concerns.
However, despite Microsoft’s attempts to calm antitrust concerns, a source at the Federal Trade Commission (FTC) stated that this move would likely not resolve the agency’s concerns. Currently, the FTC is investigating the relationship between Microsoft and OpenAI as part of a larger effort to conduct an antitrust review of deals made between big technology firms and AI companies.
The Knowledge.
The federal government’s antitrust interest between Microsoft and OpenAI is not unique or new. Microsoft’s announcement comes a month after both the Department of Justice (DoJ) and Federal Trade Commission (FTC) announced that they would each be opening various antitrust investigations into Microsoft, Nvidia, and OpenAI. With the DoJ investigating Nvidia and the FTC investigating both Microsoft and OpenAI, these federal agencies are following through on the Biden administration’s agenda to more closely scrutinize large technology firms and attempt to curb any monopolistic practices. Given the rapid proliferation of AI and the emerging technology’s potential impacts, it is not surprising that these agencies have turned their attention to some of the largest companies involved in developing these technologies.
While it is unlikely that Microsoft’s move to recuse itself from OpenAI’s board will curb the FTC’s antitrust interest, this move was likely made to remove some potential concerns that antitrust regulators could object to when discussing the Microsoft and OpenAI relationship. Given the substantial impacts that these antitrust investigations could have on the AI landscape, it is understandable why Microsoft would seek to lessen these concerns as much as possible before any lawsuit is announced to reduce the likelihood of more severe antitrust punishment being levied against the company.
The Impact.
While this board change will likely have little to no impact on Microsoft’s relationship with OpenAI or the ChatGPT service, this development demonstrates the mounting pressures that companies involved with AI are beginning to face. For businesses involved in developing and distributing AI services, business leaders should be aware of these growing governmental concerns. While currently these government agencies are primarily concerned with investigating large corporations, like Microsoft and OpenAI, eventually policies and regulations will be passed that look to better address and manage the entire AI industry. While it is unclear what these policies and regulations will exactly look like, businesses should continue to monitor these active investigations and any potential legislation moving through the government to ensure that they are both compliant with potential regulations as well as avoid any unwanted governmental scrutiny.
Other noteworthy stories.
FTC bans anonymous messaging app from hosting underage users.
What: The FTC banned children under the age of eighteen from being able to use the anonymous messaging application, NGL: ask me anything.
Why: On Tuesday, the FTC announced this ban after allegations emerged that the anonymous messaging application was unfairly marketing to minors and exposing them to both harassment and cyberbullying. Aside from banning minors on the platform, two of the company’s founders and NGL Labs will be required to pay a sum of $5 million.
The FTC’s Chairwoman, Lina Khan, stated with this ban that “we will keep cracking down on businesses that unlawfully exploit kids for profit.” This ban marks the first time that the agency has ordered a messaging application to stop hosting teens and kids. While the FTC has not signaled its intent to target other anonymous messaging applications at this time, these efforts come after growing pressure on the government to better protect minors from harmful content online.
DOJ disrupts Russian “bot farm” spreading disinformation
What: The DoJ announced that federal law enforcement had successfully shut down a Russian disinformation campaign that was supported by the Kremlin.
Why: On Tuesday, the DoJ announced that the Federal Bureau of Investigation (FBI) took down a bot network on the social media platform, X, that was using AI to spread disinformation for the Russian government. With this announcement, the FBI Director, Christopher Wray, announced that “today’s actions represent a first in disrupting a Russian-sponsored Generative AI-enhanced social media bot farm.” Director Wray highlighted how this bot farm was being used to spread AI-created disinformation to undermine US allies, such as Ukraine, as well as influence geopolitical narratives to favor Russia.
In addition to shutting down this bot network, the DoJ stated that the network was run by a Russian individual who once acted as the editor-in-chief for the Russian state-operated media outlet, RT. While the bot network was only operating on X when it was shut down, a joint cybersecurity advisory released by US, Dutch, and Canadian intelligence agencies revealed that Russia intended to expand the network’s operations to other social media platforms as well.
US and allies raise concerns over Chinese hackers.
What: Eight countries have raised concerns over Chinese hacking groups and their potential threats.
Why: The US, the UK, Australia, Canada, Germany, South Korea, Japan, and New Zealand have voiced their concerns collectively about China’s hacking teams. Led by Australia, these nations have voiced their concerns surrounding the Chinese-affiliated hacking group, APT40, which has been linked to efforts to steal valuable data and exploit loopholes in software. In Australia’s advisory, the nation highlighted how the hacking group often exploited “vulnerable, public-facing infrastructure” using techniques like phishing campaigns.
This joint adversary is representative of the growing tensions between China and various nations as concerns surrounding China’s alleged hacking efforts have only continued to grow in recent years in terms of both proliferation and severity.