At a glance.
- An open letter asks for a pause in advanced AI development.
- 3CXDesktopApp vulnerability and supply chain risk.
- The Vulkan papers.
- Other developments in the cyber phases of Russia's hybrid war against Ukraine.
- Threat actor movements observed and reported over the week.
- Latest trends and reports.
- Patch news.
- Crime and punishment.
- Courts and torts.
- Policies, procurements, and agency equities.
- Cybersecurity's latest business developments.
- Research developments this week.
An open letter asks for a pause in advanced AI development.
Elon Musk, Steve Wozniak, and Andrew Yang are all among those who’ve signed an open letter urging for a slowdown in the development of AI technology. The letter warns of the danger that they believe advanced AI poses to humanity. (But some critics disagree.)
The letter begins by asserting that “powerful AI systems should be developed only once we are confident that their effects will be positive and their risks will be manageable.“ The letter calls for a pause of at least six months on the training of AI systems more powerful than GPT-4. The letter emphasizes that this pause should be used for development of existing AI interfaces, to make them “more accurate, safe, interpretable, transparent, robust, aligned, trustworthy, and loyal.” Also considered is a need for AI developers to work with policymakers to implement regulations on AI. Dark Reading reports that even proponents of AI development, like the chief executive of OpenAI, shared concerns about “AI's ability to both spread disinformation and launch cyberattacks.” For more on the letter (and its critics), see CyberWire Pro.
3CXDesktopApp vulnerability and supply chain risk.
A supply chain attack on enterprise phone company 3CX may have compromised thousands of business networks, the Record reported Thursday. SentinelOne, Sophos, and CrowdStrike have all made public reports about the intrusion, with 3CX itself issuing its own warning Thursday morning. The company, which Bleeping Computer says provides services to companies like Coca-Cola, Honda, and the UK's National Health Service, confirmed Thursday that its desktop app had contained malware. The desktop app, TechCrunch reports, is used for voice and video calls. Security Week reports that 3CX chief information security officer, Pierre Jourdan, said that the intrusion could be the work of a state-sponsored advanced persistent threat (APT). CrowdStrike confirmed activity on both Windows and macOS, and found the malware to be notarized by Apple, which the outlet says “indicates that the tech giant checked it for malicious elements and failed to find any.” However, that seems to no longer be the case, as users are now seeing a warning before the installation of the app. The approximately 400MB Mac application was confirmed by Wardle to contain suspicious activity, the outlet reports. TechCrunch notes that Linux, iOS, and Android versions of the app still appear unaffected at this time. For more on the 3CX incident, including industry comment, see CyberWire Pro.
The Vulkan papers.
NTC Vulkan, a Moscow-based IT consultancy, has been exposed as a major contractor to all three of the principal Russian intelligence services, the GRU, the SVR, and the FSB. Vulkan's specialty is the development of tools for cyberattack. Der Spiegel, one of a group of media outlets that broke the story, sources it to a major leak. The Vulkan papers reveal that the company is engaged in supporting a full range of offensive cyber operations. Its services and products extend to espionage, disinformation, and disruptive attacks intended to sabotage infrastructure, and the company also provides training to its customers in the security and intelligence organs. The Washington Post, another recipient of the leaks, ascribes them to a disaffected insider who's motivated by opposition to Mr. Putin's war against Ukraine. The Post reports that "an anonymous person provided the documents from the contractor, NTC Vulkan, to a German reporter after expressing outrage about Russia’s attack on Ukraine.” The anonymous leaker cited their anger over the invasion of Ukraine as motivation. Taken as a whole, the documents show that Russia is devoting considerable attention to cyber battlespace preparation.