At a glance.
- Indian government establishing anti-cyber-terrorism unit.
- US fast-tracks AI executive order.
- NIST issues security guidelines for EV charging stations.
Indian government establishing anti-cyber-terrorism unit.
The Hindustan Times reports that New Delhi is finalizing a dedicated anti-cyber-terrorism unit (ACTU) tasked with investigating cyber incidents. Sanctioned by the home ministry last year as part of the National Investigation Agency (NIA), the unit will conduct probes that, among other things, will determine the role of terrorists or state-backed actors responsible for the attacks. An officer who chose to remain anonymous explained, “By handing over such sensitive cyberattacks to the NIA, involvement of multiple agencies, which generally causes duplicity of work, can be avoided. Besides, NIA has the mandate to probe such cyber-terror attacks on foreign soil and it can quickly get information by coordinating with the law enforcement agencies of other countries.”
Another office noted that hackers with links to China and Pakistan have targeted India’s infrastructure related to space, defense, power grids, banking, and communication networks. Indeed, last November, hackers with suspected ties to China attacked the All India Institute of Medical Science, and last year seven power grids hubs in northern India were attacked by threat actors allegedly backed by China. “There is a growing tendency to strategically target critical information and financial systems,” home minister Amit Shah said in July. “Such activities are a matter of national concern, as their activities have a direct impact on national security, law and order, and the economy.”
US fast-tracks AI executive order.
Governments around the world are working on how best to regulate the quickly-expanding powers of artificial intelligence, and the White House is reportedly expediting an executive order that will address the issue. Arati Prabhakar, director of the White House Office of Science Technology and Policy, told CyberScoop that the Biden administration is fast-tracking an EO that would not only address risks posed by AI tech but also provide guidelines to federal agencies on secure use of AI. Prabhakar stated, “It’s not just the normal process accelerated — it’s just a completely different process. They know it’s serious, they know what the potential is, and so their departments and agencies are really stepping up.”
Prabhakar issued this statement while at the DEF CON security conference, where a red-teaming exercise was conducted focused on detecting vulnerabilities in leading AI models. Lawmakers in Washington have been working to establish regulations for AI tech, with Senate Majority Leader Chuck Schumer, a Democrat of New York, conducting a series of listening sessions focused on educating lawmakers on AI’s inherent risks. The Biden administration also just released a set of voluntary safety commitments from leading AI companies, and last week the White House and the Defense Advanced Projects Research Agency announced a challenge focused on secure uses of the technology.
NIST issues security guidelines for EV charging stations.
The societal benefits of electric vehicles (EV) are obvious, but as these cars have become more popular, lawmakers have become more concerned that the charging stations used to power EVs could be targeted by hackers. To address this issue, the National Institute of Standards and Technology (NIST) is urging companies supplying ultrafast charging stations to secure their digital payment systems as well as the EV equipment that connects the wider power grid. The Wall Street Journal explains that NIST’s draft guidance highlights the risks associated with these stations, which have been manufactured without basic cybersecurity guidelines or standards. Megan Samford, chief product security officer for energy management at Schneider Electric, explained “It’s kind of like ‘Bring your own device to the grid.’”
As the White House has called for EVs to make up half of all new vehicle sales by 2030, manufacturers have rushed to keep up with demand, and security has not necessarily been a priority. When a US infrastructure law gave states $7.5 billion in funding to expand EV charging stations, security guidance simply asked states to adopt “appropriate” cybersecurity strategies. The lack of security standards could make charging stations an attractive target for hackers, and an attack could lead to the theft of personal data or even cause damaging effects to the electric grid to which the stations are connected.