DPRK's Kimsuky spearphishes. A standards strategy for AI. Ransomware TF retrospective. KillNet's new menu.

Summary

By the CyberWire staff

At a glance.

ReconShark, a new reconnaissance tool deployed in DPRK spearphishing attacks.
White House releases National Standards Strategy for Critical and Emerging Technology.
US Ransomware Task Force releases a two-year retrospective.
KillNet's reorganization continues.

ReconShark, a new reconnaissance tool deployed in DPRK spearphishing attacks.

SentinelLabs reports that Kimsuky, a North Korean state-sponsored cyber espionage activity, has incorporated a new reconnaissance tool into its repertoire. ReconShark accompanies specially crafted emails in spearphishing attacks. The group crafts spearphishing emails tailored to the individual target by using real names and–especially–information directly pertinent to the target's work to lure the prospect into downloading a malicious file. Recently the group has been favoring password protected Microsoft OneDrive documents.

ReconShark, a new version of the similar malware BabyShark, then gathers system information to allow for precision crafted exploitation of the target’s computer. “The ability of ReconShark to exfiltrate valuable information, such as deployed detection mechanisms and hardware information, indicates that ReconShark is part of a Kimsuky-orchestrated reconnaissance operation that enables subsequent precision attacks, possibly involving malware specifically tailored to evade defenses and exploit platform weaknesses.” SentinelLabs concludes that this campaign is probably part of a larger campaign and underscores the need for industry collaboration and communication to thwart further malicious activity.

(Added 11:15 AM ET, May 7th, 2023. Dror Liwer, co-founder of Coro, sees the addition of universities to the DPRK's target list as particularly disturbing. “The expansion to universities is worrying, Liwer writes. "Unlike government institutions, our data shows that most universities do not have adequate cybersecurity defenses and awareness programs. We have seen a triple digit increase in attacks on educational institutions in the US in the last year, which is driven by a perfect storm from an attackers perspective: Extremely valuable data, and lacking defenses.”

We also heard from James McQuiggan, Security Awareness Advocate at KnowBe4, who notes that social engineering remains an important tool for threat actors. "The group’s adoption of advanced spear phishing tactics demonstrates that social engineering is still the standard tool for gaining access to organizations through users and relying on old fashioned human psychology, misdirection and manipulation to access sensitive information," McQuiggan says. "While technology helps protect networks, servers, endpoints and data, the human remains a fundamental vulnerability that cybercriminals will consistently exploit. Organizations should continue to educate their users as a priority. Monthly security awareness sessions and frequent simulated phishing exercises can help users identify and respond to potential spear phishing attacks more effectively. In the unfortunate event of a successful phishing attack, organizations should also establish robust incident response plans to ensure they can promptly detect, contain and remediate threats when they occur.")

The mWISE Call for Speakers is now open. Help security’s best get better.

Take lead in a global community of security pros. Be a speaker at mWISE.

White House releases National Standards Strategy for Critical and Emerging Technology.

The US Administration yesterday released a summary of measures it intends to take to regulate the development of artificial intelligence technology, fostering the benefits it brings while at the same time mitigating the technology's risks. A White House fact sheet stressed the evolutionary nature of the strategy, and took care to point out earlier policies and actions that prepared the way for the present approach to AI. Three aspects of the strategy were described at moderate length:

"New investments to power responsible American AI research and development (R&D). The National Science Foundation is announcing $140 million in funding to launch seven new National AI Research Institutes. This investment will bring the total number of Institutes to 25 across the country, and extend the network of organizations involved into nearly every state. These Institutes catalyze collaborative efforts across institutions of higher education, federal agencies, industry, and others to pursue transformative AI advances that are ethical, trustworthy, responsible, and serve the public good. In addition to promoting responsible innovation, these Institutes bolster America’s AI R&D infrastructure and support the development of a diverse AI workforce. The new Institutes announced today will advance AI R&D to drive breakthroughs in critical areas, including climate, agriculture, energy, public health, education, and cybersecurity."
"Public assessments of existing generative AI systems. The Administration is announcing an independent commitment from leading AI developers, including Anthropic, Google, Hugging Face, Microsoft, NVIDIA, OpenAI, and Stability AI, to participate in a public evaluation of AI systems, consistent with responsible disclosure principles—on an evaluation platform developed by Scale AI—at the AI Village at DEFCON 31. This will allow these models to be evaluated thoroughly by thousands of community partners and AI experts to explore how the models align with the principles and practices outlined in the Biden-Harris Administration’s Blueprint for an AI Bill of Rights and AI Risk Management Framework. This independent exercise will provide critical information to researchers and the public about the impacts of these models, and will enable AI companies and developers to take steps to fix issues found in those models. Testing of AI models independent of government or the companies that have developed them is an important component in their effective evaluation."
"Policies to ensure the U.S. government is leading by example on mitigating AI risks and harnessing AI opportunities. The Office of Management and Budget (OMB) is announcing that it will be releasing draft policy guidance on the use of AI systems by the U.S. government for public comment. This guidance will establish specific policies for federal departments and agencies to follow in order to ensure their development, procurement, and use of AI systems centers on safeguarding the American people’s rights and safety. It will also empower agencies to responsibly leverage AI to advance their missions and strengthen their ability to equitably serve Americans—and serve as a model for state and local governments, businesses and others to follow in their own procurement and use of AI. OMB will release this draft guidance for public comment this summer, so that it will benefit from input from advocates, civil society, industry, and other stakeholders before it is finalized."

The Record points out that the strategy is directed toward the evolution of international norms for AI.

Add value to your lead generation strategy.

Broaden the reach of your ads, fill your funnel, and build partnerships with valuable leads. Having the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, means companies trust us to get their messages out. Feature your brand with the source that top security leaders choose. Learn more.

US Ransomware Task Force releases a two-year retrospective.

Members of the Ransomware Task Force, created by the US Government Accountability Office (GAO) to track ransomware trends and establish protocols to fight the threat, released a progress report and spoke with reporters from the Washington Post about the distance covered since the office's creation two years ago. When asked what their view was on the progress made in two years, the answers took a familiar GAO form, as a Task Force member himself notes: “We are making progress, but there is always work to be done.” Some 92% of the Taks Force’s suggestions have been put in place, and they have, at the very least, led to a “lull in [ransomware’s] effectiveness in some ways.”

Russia’s invasion of Ukraine has had a major effect on the cybercrime ecosystem. ”While the conflict has not delivered the full-fledged cyber war that some commentators predicted,” the Post writes, “cyber attacks against Ukraine have been constant and substantial both leading up to and during the invasion, and have also been an active part of Ukraine’s own defensive operations… Additionally, while ransomware activities emanating from Russia and its near abroad have continued, these cybercrime groups also appear to be expanding their targets to include a greater emphasis on the Global South, including by shifting toward Asian and Latin American targets and away from critical infrastructure and other sensitive targets within NATO countries.”

The Task Force urges private industries to take the initiative in creating new “best practices” for cyber security. “Governments are not the only lever for improving baseline cybersecurity. While cyber insurers and reinsurers work to distribute the risk posed by threats like ransomware, they can play a larger role in incentivizing better security by their insureds.” The report also advocates “reexamining incentive structures”, specifically tax breaks for small and mid-sized businesses who follow established cybersecurity best practices.

KillNet's reorganization continues.

The Russian hacktivist auxiliary KillNet continues its ongoing visioning exercise. Flashpoint reports that the group has remained committed to turning a profit. Flashpoint also argues that this isn't really new. "Flashpoint has pointed out several times that, for all of its nationalistic antics, Killnet has remained a primarily financially-motivated group that has used the media exposure provided by an eager Russian pro-Kremlin media ecosystem to promote its DDoS-for-hire services. Killnet has partnered with several botnet providers as well as the Deanon Club, a partner threat group, to target narcotics-focused darknet markets." KillNet hasn't shown any particular growth in terms of sophistication or effectiveness, and this reliance on ho-hum, commodity tools has attracted the ridicule of other players in the cyber underworld. "Killnet remains widely ridiculed on top-tier Russian-speaking forums," Flashpoint writes. "On Exploit, for example, a thread in which the group’s leader, Killmilk, was advertising the sale of Infinity, drew widespread mockery, with users offering a couple hundred dollars for what many of them saw as a lost cause."

We looked at what KillNet is offering. It's a more varied menu than one might expect. They promise to respond to all requests for missions in eight business hours (or sooner, if the request is especially urgent). 51% of the payment for a mission is required up-front, with the balance due at some mutually agreeable time both parties deem acceptable. Here's a list of the commissions KillNet is offering to take:

Develop campaigns focused on "legal entities and individuals in the judicial systems" of the United states and Europe. Specifically they listed disinformation campaigns, disruption of network infrastructure, industrial sabotage, artificial conflicts between company employees, and “killing reputation in official sources;”
Create autonomous UAVs, those with Intel gathering or suicide capabilities will be made only for the MOD and the PMC Wagner;
Create electronic warfare and electronic reconnaissance drones only for the MOD and Wagner;
Create automated robotic systems for MOD and Wagner; and
Create custom software for any individual wishing to buy it.

In addition to their commercial mission, they of course remain patriots. The group has urged Russian citizens to refrain from launching any objects into the sky for Russia’s May 9th Victory Day. They explain that this could lead to an unintended "provocation," and that could paralyze Russia’s air defense system.

The CyberWire's continuing coverage of Russia's war against Ukraine, with special attention to the cyber phases of that war, may be found here.

Notes.

Today's issue includes events affecting Belarus, Canada, China, the Democratic Peoples Republic of Korea, Lithuania, Russia, Ukraine, the United Kingdom, and the United States.

Dateline Moscow and Kyiv

Ukraine at D+435: Drones, hacktivists, and Mr. Prigozhin's discontents. (CyberWire) The Kremlin drone incident this week looks more like a Russian provocation, but the jury's still out. The Wagner Group may withdraw from Bakhmut. KillNet publishes its (ambitious) hack-for-hire menu.

Russia-Ukraine war: List of key events, day 436 (Al Jazeera) As the war enters its 436th day, we take a look at the main developments.

Zelenskyy wants Putin trial; Russia accuses US on drones (AP NEWS) Ukraine and Russia have pressed their wartime rhetoric as both their countries reported new drone attacks. During a visit to the Netherlands, Ukrainian President Volodymyr Zelenskyy expressed confidence Thursday that Russian counterpart Vladimir Putin would be convicted at the international war crimes court based there. Putin's spokesman alleged the U.S. was behind what Russia claimed was a Ukrainian attack on the Kremlin a day earlier. A U.S. National Security spokesman called the allegation “ludicrous.” Ukraine’s military said that three Russian drones that hit the southern city of Odesa had “for Moscow” and “for the Kremlin” written on them, seemingly implying they were sent in retaliation. Russian media said drones hit oil facilities in southern Russia.

Pictured: Russia strikes Ukraine with ‘for Moscow’ attack drones (Telegraph) Kremlin retaliates a day after Vladimir Putin's residence was hit in what it called an 'assassination attempt' by Kyiv

Russia behind purported drone 'attack' on Kremlin, Lithuanian defense minister says (Breaking Defense) “I believe … that it's a Russian job,” Arvydas Anušauskas told Breaking Defense in an interview in Washington.

There are big problems with the way the Kremlin drone incident went down, and war experts say Russia 'likely staged' it (Business Insider) Moscow would have needed a serious hole in its tough air defenses for drones to get through. That's why a think tank says it's likely a false flag.

Ukraine-Russia war live: White House says Kremlin is lying about drone attack (The Telegraph) Washington has issued a swift denial in response to Russia’s accusations that the US masterminded the drone attack on the Kremlin, which Moscow has claimed was carried out by Ukraine.

Kremlin accuses US of drone strike as Russian TV blackout remains (The Telegraph) White House denies ‘ludicrous’ claims by Moscow while state-run channels refuse to show footage of attack

Verified Twitter Accounts Spread Misinfo About Imminent Nuclear Strike (Vice) YouTube and Twitter accounts spread rumors about nuclear war after two drones struck the Kremlin.

Yevgeny Prigozhin: Wagner Group boss says he will pull troops out of Bakhmut (BBC News) His statement came after he posted a video among dead fighters, asking Russia for more ammunition.

Wagner chief rages at Russia’s generals and threatens Bakhmut pullout (the Guardian) In extraordinary video tirade, Yevgeny Prigozhin attacks defence minister and chief of armed forces

Russia’s ‘divisive terrain’ in Bakhmut (The Hill) The Battle for Bakhmut and control of its 16 square miles is now 10 months old, and Putin has little to show for it except the town’s complete annihilation

In Ukraine’s forests, fighters race to prepare for next push (AP NEWS) The fighters depart at dawn, single-file, rifles slung, compasses in hand, and disappear like chameleons into the lush greenery of central Ukraine’s dense forests.

Russia may soon come under merciless attack (The Telegraph) Ukraine’s advantages are only growing, as it designs its own weapons and takes the war to Vladimir Putin

Belarus’s beleaguered opposition is flirting with violence (The Economist) Is a liberation army forming?

Ukraine seeks more German support on Russia’s invasion and EU accession (Atlantic Council) Many Ukrainians have been disappointed by Germany's cautious approach to countering Russian aggression against Ukraine and Berlin's preoccupation with avoiding anything that might provoke Putin, writes Alyona Getmanchuk.

Doubt cast on Zelensky Germany visit after trip details leaked (The Telegraph) Kyiv threatens to call off Berlin meetings after road closures and even the Ukrainian president's potential hotel are revealed

Russia’s ‘guardian of traditional values’ How the Kremlin plans to sell Putin to voters in his fifth presidential campaign (Meduza) In 2024, barring any unforeseen circumstances, Vladimir Putin will run for his fifth term as Russia’s president. According to Meduza’s sources, Kremlin political strategists have started briefing officials from around the country on the rhetoric they should use to convince voters that even after nearly two and a half decades, Putin’s still the best man for the job. Here’s what we know about the messages they’ve chosen.

Putin’s ‘Eurasian’ fixation reveals ambitions beyond Ukraine (Atlantic Council) To explain the reasons for the fall of the Soviet Union and chart a course for his country's redemption, the Russian president espouses an ideology offering a fundamental break with the past.

For Money and Attention: Killnet Apparently Reorganizes Again (Flashpoint) Killnet’s recent moves—which include a consolidation of power of its umbrella—signal a continued dedication to strategic gains through cyber attacks

Ukrainian CERT uncovers new cyber infiltration using WinRAR (Cybersecurity Connect) The Ukrainian Computer Emergency Response Team was alerted to a breach in the information and communications systems within a government agency, determining that computers had been “impaired” by t

Russians weaponise WinRAR to attack Ukraine (Computing) Computing is the leading information resource for UK technology decision makers, providing the latest market news and hard-hitting opinion.

Discord leaks ‘demoralizing’ for US intelligence agencies, DNI Haines says (Record) The leaks of classified documents online by a Massachusetts Air National Guard member have had an emotional impact on the government agencies that produce those products, the director of national intelligence told Congress on Thursday.

In The Hague, Zelensky Renews Call to Prosecute Russian War Crimes (New York Times) As international support for an independent tribunal appears to be growing, the Ukrainian leader called for “true justice” for crimes in the war.

Pushkin must fall: monuments to Russia’s national poet under threat in Ukraine (the Guardian) Since last February’s invasion more than 30 statues of the 19th-century poet seen as a symbol for tsarist imperialism have been dismantled

Attacks, Threats, and Vulnerabilities

Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign (SentinelOne) DPRK-linked threat actor deploys previously unseen reconnaissance tool 'ReconShark' in wave of ongoing attacks.

Kimsuky hackers use new recon tool to find security gaps (BleepingComputer) The North Korean Kimsuky hacking group has been observed employing a new version of its reconnaissance malware, now called 'ReconShark,' in a cyberespionage campaign with a global reach.

Ransomware cyberattack continues at Bluefield University (WVVA) There are new developments on the cybersecurity attack that has crippled internet services at Bluefield University.

OpenAI Allowed “Unlimited” Credit on New Accounts (Checkmarx.com) Checkmarx security researchers discover vulnerability in OpenAI's ChatGPT

Data Breach Concerns Arise Amid Montana State University Cyberattack (JD Supra) On April 28, 2023, Montana State University posted a notice informing students and employees of a system outage. While MSU’s notice was vague, since...

Hacked university warns of campus text alerts sent by ransomware group (Record) A university in Virginia is warning students to be wary of texts being sent through the school’s mass alert system after a ransomware group messaged the entire campus about an ongoing cyberattack.

Capita warns some pensions data likely taken in cyber attack -FT (Reuters) British outsourcing company Capita has confirmed to pension clients that some data it processed was likely to have been hacked during a recent cyber incident, the Financial Times reported on Thursday.

Cyberattack shuts down Raleigh Housing Authority computer systems (ABC11 Raleigh-Durham) The National Guard cyber security team is investigating after a cyberattack shut down computer systems and business operations at the Raleigh Housing Authority.

NSW cancer treatment centre targeted by Medusa hackers (Cybersecurity Connect) A major NSW cancer treatment centre is believed to have been targeted by a cyber-attack, with a malicious hacking group claiming responsibility. NSW Health has announced that it has begun an investi

Ransomware group behind Oakland attack targets city in Massachusetts (Record) Lowell, home to more than 111,000 people and about a half hour drive from Boston, announced a “cyber-related incident” April 24. The Play cybercrime group took credit this week.

Security Patches, Mitigations, and Software Updates

Apple Releases First-Ever Security Updates for Beats, AirPods Headphones (SecurityWeek) Apple releases firmware updates for Beats and AirPods to patch a vulnerability that can be exploited to gain access to headphones

Trends

79% of Cyber Pros Make Decisions Without Threat Intelligence (Security Intelligence) Heads up, C-Suite! Most cyber pros admit to making decisions without using threat intelligence. Why are experts disregarding useful intelligence?

Think your data has no value? Scammers disagree (Help Net Security) The share of global phishing attempts among all threats blocked in Q1 2023 was up 40% compared to the same quarter in 2022.

J&J’s latest vision campaign offers clear-eyed advice for Gen Z: Take a social media break (Endpoints News) Johnson & Johnson wants Gen Z to take a break from social media. Its new campaign from J&J Vision for contact lens brand Acuvue, “Where Vision Meets Sight,” asks young people to put down their phones and take a break. The goal is not only to give their eyes a

Marketplace

Databricks Ventures Invests in Data Security Leader Immuta (Immuta) “Immuta is a trusted data security partner,” said Ali Ghodsi, CEO and Co-founder of Databricks.

BioCatch, the Leading Online Fraud Detection Platform, welcomes Permira Growth Opportunities as a significant shareholder (Permira) Secondary investment positions Permira Growth Opportunities (PGO) as 3rd largest BioCatch shareholder; creates opportunities for accelerated geographical expansion, product innovation, and M&A

CACI acquires Bitweave to upweight national security intelligence services (Yahoo Life) CACI Limited, a leading data and technology solutions company, has acquired Bitweave Limited.

Spielworks Co-launches Its Wombat X Accelerator With Cronos, Newcoin, and More, Fostering Robust Web3 Game Development (AiThority) Spielworks, a leading blockchain startup specializing in gaming and decentralized finance (DeFi) solutions, launches its Web3 gaming .

First ‘secret’ task orders received for Pentagon’s $9B cloud contract (C4ISRNet) Pentagon CIO John Sherman likened the $9 billion Joint Warfighting Cloud Capability to a U.S. Navy carrier strike group — powerful and versatile.

Sophos Appoints Pat Sheridan as Senior Vice President of Americas Sales (GlobeNewswire News Room) Sophos, a global leader in innovating and delivering cybersecurity as a service, today announced...

Check Point Software Technologies Reinforces Leadership with Sherif Seddik as New President of EMEA Sales (MarketScreener) IT Industry Expert to Accelerate Regional Business Growth and Market Expansion. Check Point Software Technologies Ltd. , a leading provider of cyber security solutions globally, today announced the... | May 5, 2023

Products, Services, and Solutions

Pindrop Delivers Voice Authentication Solutions Through Google Cloud Marketplace (Business Wire) Partnership expands deployment options for advanced voice authentication solutions

Cybrary for Teams Now Available on Google Cloud Marketplace (Business Wire) Google Cloud Marketplace users now have access to critical cybersecurity skill development and training resources.

Google Cybersecurity Certificate - Grow with Google (Google) Explore Google's online cybersecurity certificate program. Learn the foundations of cybersecurity and prepare for a career as a cybersecurity analyst.

Digital Element Partners with Pangea to Bring Robust Security Intelligence and IP Geolocation to Developers (GlobeNewswire News Room) New Partnership Empowers Developers to Leverage Global IP Geolocation and Intelligence Services for Optimal Security...

Orca Security is First CNAPP to Integrate with Microsoft Azure OpenAI GPT-4 (Business Wire) Integration Builds on Orca’s Use of ChatGPT to Greatly Accelerate Mean-Time-to-Remediation Through Instantly Generated Instructions

AvePoint Advances SaaS Management Capabilities to Help Organizations Thrive in the Digital Workplace (Yahoo Finance) As multi-SaaS operations expand, the AvePoint Confidence Platform empowers organizations to improve operational efficiency, increase visibility, and enable security and compliance

Enveil and Exovera Announce New Collaboration Enabling Secure Data Usage to Unlock Global Intelligence (Business Wire) Integration delivers value by expanding secure and private data usage across extensive data holdings

UberEther Announces IAM Advantage, a First-to-Market DoD IL5 ICAM Package Offering (GlobeNewswire News Room) Best-in-class identity providers UberEther, Ping Identity, SailPoint, Nok Nok, Radiant Logic, Appgate and Carahsoft join forces to modernize identity...

HYAS, RSM Partner to Preemptively Protect Clients Via Protective DNS (Business Wire) HYAS Advanced Threat Intelligence, Detection and Response Lets RSM Identify and Neutralize Adversary Infrastructures Before Attacks Can Strike

Prove Identity to Offer Seamless and Secure Gaming Experiences to FanDuel Customers (Business Wire) Prove’s Pre-Fill solution to streamline and increase FanDuel user signups

ThrottleNet Reveals The Importance of Cyber Liability Insurance (openPR.com) ThrottleNet named the 1 Cybersecurity Firm in St Louis by Small Business Monthly says with the recent rise in ransomware attacks cyber liability insurance is a must for nearly every size business yet it ...

Thales teams with Nozomi Networks to expand cyber incident detection capabilities on industrial infrastructure (Thales Group) Thales, in partnership with Nozomi Networks, is already helping a number of global players to enhance their industrial cybersecurity and improve their incident detection and response capabilities by installing network sensors at their sites around the world and providing day-to-day network supervision via Security Operation Centres (SOCs). These solutions enable Thales to analyse suspicious behaviour and unexpected traffic to and from the external network and to detect malicious activity targeting industrial information systems.

News | Radware Protects Native Android and iOS Mobile Applications from Bad Bots (Pipeline Publishing) Radware Bot Manager’s market-leading advancements offer first-to-market integrated authentication for both iOS and Android devices and new identity algorithms so organizations can defend themselves against distributed and targeted bot attacks with the highest accuracy and performance.

Trustwave’s behaviour-based threat hunting (iTWire) Trustwave is promoting behaviour-based threat hunting as it is a more human-centric approach to cybersecurity. According to the 2022 Data Breach Investigations Report, 82 per cent of breaches start with phishing or other social engineering schemes that do not raise alarms from traditional automated...

Menlo Security has developed a platform that isolates all users’ web browsing on a remote server (Express Computer) Menlo Security has taken a ‘Zero-Trust’ approach to web security and has built a platform that aims to eliminate 100 percent of web and email threats.

Technologies, Techniques, and Standards

Taking the Fight to the Enemy With Offensive Cybersecurity (Gov Info Security) Offensive security is transitioning from traditional penetration testing to a more continuous, technology-led approach, says Aaron Shilts, president and CEO at

Embedding Cybersecurity Into Your Culture (CompTIA) Is your culture inadvertently undermining your security? Or does it encourage a “security first” mindset?

Target Senior Director of Cyber Security provides tips to promote cyber security culture. (CyberWire) Cybersecurity training: one company's perspective.

Design and Innovation

An Inflection Point in the Journey to Passwordless (FIDO Alliance) Andrew Shikiar, FIDO Alliance Executive Director & CMO Yesterday, Google announced support for simple and secure sign-ins with passkeys for all Google Account users. This is a huge milestone in […]

Consumers are ready to embrace new authentication methods (FIDO Alliance) It’s been a year since Apple, Google and Microsoft announced their commitment to passkeys with plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. Early adopters have enabled passkeys for user sign-ins – where do consumers stand on passkeys today?

These researchers are terrified of A.I. They’re counting on cryptography to keep our future robot overlords in check (Fortune Crypto) The more A.I. becomes enmeshed in our day-to-day, the more we need to know that we’re interacting with the right A.I., say researchers and entrepreneurs.

Research and Development

NSF Announces $140 Million Investment In Seven Artificial Intelligence Research Institutes (Forbes) The U.S. National Science Foundation (NSF), along with several other federal agencies and higher education institutions, has announced a $140 million investment to establish seven new National Artificial Intelligence Research Institutes (AI Institutes).

Academia

More Canadian universities now say they’ll steer clear of Chinese telecom Huawei (Toronto Star) Their statements follow the University of Waterloo’s ending of all existing partnerships with the company.

Premier Ford supports UW cutting ties with Huawei: ‘It concerns me sometimes, some of the things we’re dealing with the communist Chinese government’ (Waterloo Region Record) Severing ties with Chinese tech firm affects research deals worth millions at the University of Waterloo

NSF funds institute to research AI-powered cybersecurity (Purdue University) Malware. Ransomware. Zero-day exploits. There’s no rest when it comes to protection from cyberattacks. And in an increasingly connected world, with expanding cyber and cyber-physical spaces and access to tools like artificial intelligence, attacks are likely going to become more diverse and sophisticated.

Legislation, Policy, and Regulation

FACT SHEET: Biden-Harris Administration Announces New Actions to Promote Responsible AI Innovation that Protects Americans’ Rights and Safety (The White House) Today, the Biden-Harris Administration is announcing new actions that will further promote responsible American innovation in artificial intelligence (AI) and protect people’s rights and safety. These steps build on the Administration’s strong record of leadership to ensure technology improves the lives of the American people, and break new ground in the federal government’s ongoing effort…

National Standards Strategy for Critical and Emerging Technology (Record) The Biden administration's National Standards Strategy for Critical and Emerging Technology is intended to help set global rules to ensure tech is "universally safe and interoperable."

White House Pushes Tech C.E.O.s to Limit Risks of A.I. (New York Times) In the White House’s first gathering of A.I. companies, Vice President Kamala Harris told the leaders of major tech companies they had a “moral” obligation to keep products safe.

Biden Administration Warns of AI’s Dangers. There’s a Limit to What White House Can Do. (Wall Street Journal) The Biden administration is confronting the rapidly expanding use of artificial intelligence, warning of the dangers the technology poses to public safety, privacy and democracy while having limited authority to regulate it.

Joe Biden Wants Hackers’ Help to Keep AI Chatbots in Check (WIRED) The White House will support an event at the Defcon security conference this summer that challenges experts to uncover flaws in generative AI systems.

For Democracies, Banning TikTok Would Do More Harm Than Good (World Politics Review) Liberal democracies like the US and UK are considering bans on TikTok over national security and data collection concerns.

New EARN IT Act Has Old Issues (Decipher) The newest version of the EARNT IT Act still has language that would force platform providers to weaken or abandon encrypted services.

Current Cyberspace Demands Compete With Old Processes (AFCEA International) U.S. Cyber Command will build the world’s prime digital military acquisition force from the ground up.

Federal Information Security Management Act of 2014: Annual Report, Fiscal Year 2022 (Office of Management and Budget (OMB)) The Office of Management and Budget (OMB) is publishing this report in accordance with the Federal Information Security Modernization Act of 2014 (FISMA), Pub. L. No. 113-283, sec. 2(a), § 3553(c) (codified at 44 U.S.C. § 3553(c)). This report also incorporates OMB’s analysis of agency application of intrusion detection and prevention capabilities, as required by the Cybersecurity Act of 2015, Pub. L. No. 114-113, § 226(c)(1)(B), and agency reporting on compliance with privacy requirements and management of privacy risks.

Principal Associate Deputy Attorney General Marshall Miller Delivers Remarks at the Ethics and Compliance Initiative IMPACT Conference (US Department of Justice) Good morning. Thank you for that warm welcome and kind introduction. It’s great to be with you today to discuss the Justice Department’s corporate criminal enforcement priorities. I bring with me

Influential task force takes stock of progress against ransomware (Washington Post) The Ransomware Task Force looks back on the two-year anniversary of its report

Biden is expected to tap Air Force chief to be nation’s next top military officer (POLITICO) If confirmed, Gen. C.Q. Brown would succeed Gen. Mark Milley as Joint Chiefs chair

Litigation, Investigation, and Law Enforcement

Who’s your fed buddy? | Don’t delay in reporting cybersecurity incidents and attacks to law enforcement (Contrast Security) Get valuable advice from Contrast’s RSA 2023 Modern Bank Heists panel about reporting financial cyberattacks to law enforcement.

Former Uber CSO Joe Sullivan Avoids Prison Time Over Data Breach Cover-Up (SecurityWeek) Former Uber CSO Joe Sullivan was sentenced to three years probation for covering up a data breach suffered by the ride-sharing giant in 2016.

Former Uber security chief Sullivan avoids prison in data breach case (Washington Post) The first corporate executive convicted of a crime related to a data breach by outsiders is sentenced to probation and fined

Industry Events

For a complete running list of events, please visit the Event Tracker.

Events

Summit on Modern Conflict and Emerging Threats (Nashville, and virtual, Tennessee, USA, May 4 - 5, 2023) Modern conflict has created a global problem that is moving at the speed of innovation and technology. The Vanderbilt Summit on Modern Conflict and Emerging Threats on May 4-5, 2022 brought together internationally recognized leaders and experts in the military and intelligence community to examine the subjects of cyber conflict, artificial intelligence, peer competition and emerging threats.

Third-Party and Supply Chain Cyber Security Summit (Barcelona, Spain, May 4 - 5, 2023) Learn the latest case studies on the end to end cyber security implementation practices when working with third parties to ensure a truly resilient and secure supply chain network at the Third Party & Supply Chain Cyber Security Summit. How much of your data security is really under your control? What is your risk management approach towards your suppliers? How to secure your network and protect your sensitive data? Led by the TOP Information Security professionals from leading companies the discussion will give you an opportunity to see the issue from the perspective of different industries & angles and identify the complex solution to be implemented.

CyberLEO (Los Angeles, California, USA, May 10 - 12, 2023) Our mission is to bring you discussions, updates, briefings, and lessons learned stemming from real-world experiences that will make a positive impact on your cybersecurity strategy. That’s why we work closely with our Advisory Board to build a program that you can feel confident in. With multiple constellations being launched, we could see tens of thousands of satellites entering LEO. CyberLEO will become the epicenter of discussion surrounding security issues in a LEO world.

RuhrSec (Bochum, Nord Rhein-Westphalen, Germany, May 11 - 12, 2023) RuhrSec is the annual English speaking non-profit IT security conference with cutting-edge security talks by renowned experts. RuhrSec provides academic and industry talks, the typical University feeling, and a highly recommended social event.

Insider Threat Program Development / Management - Insider Threat Detection & Data Analysis Training Course (Washington, DC, USA, May 11 - 12, 2023) The training course will be taught at the National Academy of Sciences – Keck Building in Washington D.C. This highly sought after and very comprehensive 2 day training course will ensure that the Insider Threat Program (ITP) Manager and others who support the ITP (Insider Threat Analyst, FSO, CSO, CIO, CISO, Human Resources, IT, Network Security, Legal Etc.), have the Core Knowledge, Blueprint, Resources needed for developing, managing, enhancing an ITP / ITP Working Group. This training will also provide students with an in depth view of how to obtain visibility of potential or malicious employee actions on computer systems and networks, using Insider Threat Detection software. Our student satisfaction levels are in the exceptional range. Over 900+ individuals have attended this training course and received ITP Manager Certificates.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust the CyberWire to get the message out. Learn more.