Since the explosion of ChatGPT and its competitors, concerns around privacy, efficacy, accuracy, and innovation are mounting around the globe. According to Reuters, “Italy's move to temporarily ban ChatGPT has inspired other European countries to study if harsher measures are needed to rein in the wildly popular chatbots and whether to coordinate such actions.” Germany, France, Sweden, and Canada are among those struggling to strike a balance between innovation and privacy.
In the US, Jen Easterly, CISA Director, reportedly said these chat bot tools are, "the biggest issue that we're going to deal with this century.” Additionally, the Office of the Privacy Commissioner of Canada released a statement acknowledging it had launched an investigation into OpenAI in response to allegations of the company collecting data without consent. Despite the fears around chat bots and their applications, AI has the potential to significantly impact the field of cybersecurity.
Meanwhile, the Assistant Secretary of Defense for Space Policy and Principal Cyber Advisor to the Secretary of Defense, John. F. Plumb, alleged that TikTok is a “potential threat vector” to the United States. These and other ways that malicious actors can misuse technology are the driving forces behind the administration’s implementation of a national cybersecurity policy, which “will hinge on a multistakeholder approach, with federal experts emphasizing the shared cost burden of mandating cybersecurity standards upkeep and reporting, as well as international partnerships.”
The sentiment of Biden’s efforts are indeed Stronger Together. All of these topics and more will be debated at RSA Conference 2023, so be sure to check out the agenda, reserve a seat, or secure your On Demand Pass if you are unable to attend this year’s event.
Now let’s look at what else made industry headlines this week.
Apr. 7: The Hacker News reported, “In yet another sign that Telegram is increasingly becoming a thriving hub for cybercrime, researchers have found that threat actors are using the messaging platform to peddle phishing kits and help set up phishing campaigns.”
Apr. 7: Though North Korea refutes claims of conducting cyberattacks, the US, South Korea, and Japan share concerns about North Korea’s malicious cyber activities.
Apr. 6: According to Bleeping Computer, “The UK's Criminal Records Office (ACRO) has finally confirmed, after weeks of delaying issuing a statement, that online portal issues experienced since January 17 resulted from what it described as a "cyber security incident."”
Apr. 6: Lawmakers in North Dakota signed a bill making it mandatory for K-12 students to receive cybersecurity education as part of the regular school curriculum.
Apr. 6: “Microsoft’s Digital Crimes Unit, cybersecurity firm Fortra and the Health Information Sharing & Analysis Center announced legal action Thursday to seize domains related to criminal activity involving cracked copies of the security testing application Cobalt Strike, which has become a favorite tool for cybercriminals to carry out attacks around the world,” CyberScoop reported.
Apr. 5: Regarding the takedown of the Genesis Market, Attorney General Merrick Garland said, “Working across 45 of our FBI Field Offices and alongside our international partners, the Justice Department has launched an unprecedented takedown of a major criminal marketplace that enabled cybercriminals to victimize individuals, businesses, and governments around the world.”
Apr. 4: According to BetaNews, ransomware worries continue to mount given, “the risks posed to organizations that are refactoring their applications for Kubernetes.”
Apr. 4: On-going investigations into the 3CX supply chain attack revealed that cryptocurrency-focused firms in western Asia were likely the targeted victims of the attack.
Apr. 3: Krebs on Security reported, “John Clifton Davies, a 60-year-old con man from the United Kingdom who fled the country in 2015 before being sentenced to 12 years in prison for fraud, has enjoyed a successful life abroad swindling technology startups by pretending to be a billionaire investor. Davies’ newest invention appears to be “CodesToYou,” which purports to be a “full cycle software development company” based in the U.K.”