At a glance.
- US Federal Trade Commission issues guidance on the use of artificial intelligence.
- China urges international condemnation of attacks on organizations responding to the pandemic.
- Czechs continue to suspect a Russian hand behind a current campaign against healthcare facilities.
- British government urged by security services to avoid Zoom.
US Federal Trade Commission's guidance on the use of AI.
Earlier this month the FTC issued guidance on the appropriate use of artificial intelligence "and algorithms." Any such use should be “transparent, explainable, fair, and empirically sound, while fostering accountability.” None of this is particularly surprising, but Cooley has a blog post in which they consider the implications of the FTC's guidance. Transparency, for example, means that companies should not use AI to give consumers the impression that they're in contact with a natural person. Fairness implies that AI should not be used in a way that discriminates invidiously against a protected class of individuals. AI models used to determine such things as credit worthiness should be empirically sound. A commitment to empirical soundness also suggests that it should be possible for “outside, objective observers” to “independently test the algorithm.” And companies should clearly communicate the results of applying AI or algorithms to their particular cases and circumstances.
Much of the FTC's guidance clearly has the credit industry in mind, but it extends to other areas as well. Cooley thinks companies would do well to consider the antitrust implications of using artificial intelligence.
Taking hospitals off the cyber target lists?
The Wuhan Institute of Virology is among organizations receiving the attentions of hackers. Employees' email accounts have been compromised, the South China Morning Post reports. The level-4 research facility has been the subject of repeated speculation that COVID-19 accidentally escaped from the labs there, and did not originate in the city's wet markets. But it’s FireEye's midweek report describing their recent look at APT32 has prompted a call from Beijing (as Reuters says) urging all nations to condemn any attack on an organization involved in working against the pandemic.
There's surely substantial international sentiment for placing biomedical facilities in a protected category, off-limits to cyberattack the way the laws of armed conflict prohibit most deliberate attacks against hospitals. It's not clear, however, that APT32, a threat actor associated with the Vietnamese government, is engaged in destructive or disruptive attacks. FireEye concluded the APT has been conducting "intrusion campaigns" against Chinese targets involved with responding to the pandemic, especially China's Ministry of Emergency Management and the local government of Wuhan. These seem to be more in the nature of espionage. Vietnam has denied any involvement, telling Reuters that the accusations are "baseless."
An ongoing campaign against hospitals.
An arguably more menacing threat to hospitals is playing out in the Czech Republic, which continues to look toward Russia as the source of recent cyber incidents in the nation’s medical facilities.
Tension between Prague and Moscow continues, Radio Free Europe | Radio Liberty reports. Removal of a Prague statue of Soviet Marshall Konev, who led the army group that drove through Czechoslovakia in 1945, but who also crushed the Hungarian revolution of 1956 and was instrumental in erecting the Berlin Wall, has given offense to Moscow. So has renaming the street on which Russia's embassy is located in Prague to honor former Russian Deputy Prime Minister Boris Nemtsov. The inveterate critic of President Putin was murdered outside the Kremlin in 2015. Moscow regards both acts as deliberate Czech provocations, and Moscow isn't disposed to take such provocations lightly: the precipitating cause of the 2007 cyberwar (or cyber riot) Russia organized against Estonia was the Baltic country's removal of a Soviet-era monument to the Great Patriotic War. In 2017 Foreign Policy published a 10-year retrospective on that conflict.
On the Czech side, there's widespread outrage over cyber operations—reconnaissance and battlespace preparation for the most part—that affected healthcare facilities during the current pandemic. These activities increasingly look like the work of Russian operators.
British government organizations asked to avoid Zoom.
British security services have urged the government to avoid using Zoom. The Guardian writes that their specific concern is that traffic over the platform is vulnerable to interception, and specifically to interception by Chinese operators.