We have updated our Privacy Policy and Terms of Use for Eurasia Group and its affiliates, including GZERO Media, to clarify the types of data we collect, how we collect it, how we use data and with whom we share data. By using our website you consent to our Terms and Conditions and Privacy Policy, including the transfer of your personal data to the United States from your country of residence, and our use of cookies described in our Cookie Policy.
{{ subpage.title }}
Hacked displayed on a mobile with binary code with in the background Anonymous mask. On 9 August 2023 in Brussels, Belgium.
Old MacDonald had a Russian bot farm
On July 9, the US Department of Justice announced it disrupted a Russian bot farm that was actively using generative AI to spread disinformation worldwide. The department seized two domain names and probed 1,000 social media accounts on X (formerly known as Twitter) in collaboration with the FBI as well as Canadian and Dutch authorities. X voluntarily suspended the accounts, the government said.
The Kremlin-approved effort, which has been active since at least 2022, was spearheaded by an unnamed editor at RT, the Russia state-run media outlet, who created fake social media personas and posted pro-Putin and anti-Ukraine sentiments on X. It’s unclear which AI tools were used to generate the social media posts.
“Today’s actions represent a first in disrupting a Russian-sponsored Generative AI-enhanced social media bot farm,” FBI Director Christopher Wray wrote in a statement. Wray said that Russia intended to use this bot farm to undermine allies of Ukraine and “influence geopolitical narratives favorable to the Russian government.”
Russia has long tried to sow chaos online in the United States, but the Justice Department’s latest action signals that it’s ready to intercept inorganic social media activity — especially when it’s supercharged with AI.
Sam Altman, President of Y Combinator, speaks at the Wall Street Journal Digital Conference in Laguna Beach, California, U.S., October 18, 2017.
Oh BTW, OpenAI got hacked and didn’t tell us
A hacker breached an OpenAI employee forum in 2023 and gained access to internal secrets, according to a New York Times report published Thursday. The company, which makes ChatGPT, told employees but never went public with the disclosure. Employees voiced concerns that OpenAI wasn’t taking enough precautions to safeguard sensitive data — and if this hacker, a private individual, could breach their systems, then so could foreign adversaries like China.
Artificial intelligence companies have treasure troves of data — some more sensitive than others. They collect training data (the inputs on which models learn) and user data (how individuals interact with applications), but also have trade secrets that they want to keep away from hackers, rival companies, and foreign governments seeking their own competitive advantage.
The US is trying hard to limit access to this valuable data, as well as the chip technology that powers training, to friendly countries, and has enacted export controls against China. If lax security at private companies means Beijing can just pilfer the data it needs, Washington will need to modify its approach.
Are US elections Safe? Chris Krebs is optimistic
The debate around the US banning TikTok is a proxy for a larger question: How safe are democracies from high-tech threats, especially from places like China and Russia?
There are genuine concerns about the integrity of elections. What are the threats out there and what can be done about it? No one understands this issue better than Chris Krebs. Krebs is best known as the former director of the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
In a high-profile showdown, Donald Trump fired Krebs in November 2020, after CISA publicly affirmed that the election was among the “most secure in history” and that the allegations of election corruption were flat-out wrong. Since then, Krebs has become the chief public policy officer at SentinelOne and cochairs the Aspen Institute’s U.S. Cybersecurity Working Group, and he remains at the forefront of the cyber threat world.
GZERO Publisher Evan Solomon spoke to him this week about what we should expect in this volatile election year.
Solomon: How would you compare the cyber threat landscape now to the election four years ago? Have the rapid advances in AI made a material difference?
Chris Krebs: The general threat environment related to elections tracks against the broader cyber threat environment. The difference here is that beyond just pure technical attacks on election systems, election infrastructure, and on campaigns themselves, we have a parallel threat of information operations, and influence operations —what we more broadly call disinformation.
This has picked up almost exponentially since 2016, when the Russians, as detailed in the Intelligence Community Assessment of January 2017, showed that you can get into the middle of domestic elections and pour kerosene on that conversation. That means it jumps into the real world, potentially even culminating in political violence like we saw on Jan. 6.
We saw the Iranians follow the lead in 2020. The intelligence community released another report in December that talked about how the Chinese attempted to influence the 2022 elections. We've seen the Russians are active too through a group we track called Doppelganger, specifically targeting the debate around the border and immigration in the US.
Solomon: When you say Doppelganger is “active,” what exactly does that mean in real terms?
Krebs: They use synthetic personas or take over existing personas that have some element of credibility and jump into the online discourse. They also use Pink Slime websites, which is basically fake media, and then get picked up through social media and move over to traditional media. They are taking existing divides and amplifying the discontent.
Solomon: Does it have a material impact on, say, election results?
Krebs: I was at an event back in 2019, and a former governor came up to me as we were talking about prepping for the 2020 election and said: “Hey, everything you just talked about sounds like opposition research, typical electioneering, and hijinks.”
And you know what? That's not totally wrong. But there is a difference.
Rather than just being normal domestic politics, now we have a foreign security service that's inserting itself in driving discourse domestically. And that's where there are tools that the intelligence services here in the US as well as our allies in the West have the ability to go in and disrupt.
They can get onto foreign networks and say, “Hey, I know that account right there. I am able to determine that the account which is pushing this narrative is controlled by the Russian security services, and we can do something with that.”
But here is the key: Once you have a social media influencer here in the US that picks up that narrative and runs with it, well, now, it's effectively fair game. It's part of the conversation, First Amendment protected.
Solomon: Let's move to the other side. What do you do about it without violating the privacy and free speech civil liberties of citizens?
Krebs: This is really the political question of the day. In fact, just last week there was a Supreme Court hearing on Murthy v. Missouri that gets to this question of government and platforms working together. (Editor’s note: The case hinges on whether the government’s efforts to combat misinformation online around elections and COVID constitute a form of censorship). Based on my read, the Supreme Court was largely being dismissive of Missouri and Louisiana's arguments in that case. But we'll see what happens.
I think the bigger issue is that there is this broader conflict, particularly with China, and it is a hot cyber war. Cyber war from their military doctrine has a technical leg and there's a psychological leg. And as we see it, there are a number of different approaches.
For example, India has outlawed and banned hundreds of Chinese origin apps, including WeChat and TikTok and a few others. The US has been much more discreet in combating Chinese technology. The recent actions by the US Congress and the House of Representatives are much more focused on getting the foreign control piece out of the conversation and requiring divestitures.
Solomon: Chris, what’s the biggest cyber threat to the elections?
Krebs: Based on my conversations with law enforcement and the national security community, the number one request that they're getting from election officials isn't on the cyber side. It isn't on the disinformation side. It's on physical threats to election workers. We're talking about doxing, we're talking about swatting, we're talking about people physically intimidating at the polls and at offices. And this is resulting in election officials resigning and quitting and not showing up.
How do we protect those real American heroes who are making sure that we get to follow through on our civic duty of voting and elections? If those election workers aren't there, it's going to be a lot harder for you and me to get out there and vote.
Solomon: What is your biggest concern about AI technology galloping ahead of regulations?
Krebs: Here in the United States, I'm not too worried about regulation getting in front of AI. When you look at the recent AI executive order out of the Biden administration, it's about transparency and even the threshold they set for compute power and operations is about four times higher than the most advanced publicly available generative AI. And even if you cross that threshold, the most you have to do is tell the government that you're building or training that model and show safety and red teaming results, which hardly seems onerous to me.
The Europeans are taking a different approach, more of a regulate first, ask questions later, which I think is going to limit some of their ability to truly be at the bleeding edge of AI.
But I'll tell you this: We are using AI and cybersecurity to a much greater effect and impact than the bad guys right now. The best they can do right now is use it for social engineering, for writing better phishing emails, for some research, and for functionality. We are not seeing credible reports of AI being used to write new innovative malware. But in the meantime, we are giving tools that are AI powered to the threat hunters that have really advanced capabilities to go find bad stuff, to improve configurations, and ultimately take the security operations piece and supercharge it.
FILE PHOTO: German flag patches on Bundeswehr uniforms
Germany investigates hack of Ukraine weapons aid discussion
German Chancellor Olaf Scholz ordered an inquiry Saturday after a hacked conversation about German military aid to Ukraine was published on Russian state-run media. In a 38-minute exchange on the WebEx platform, German Air Force officers discussed using Taurus missiles against targets in Crimea, including the Kerch Bridge to Russia – despite a recent Bundestag vote against supplying the weapons to Kiev.
Moscow is using the leak to portray Berlin as an aggressor. In a Telegram post, former Russian President Dmitry Medvedev, now deputy head of the Security Council, wrote, “Our age-old rivals – the Germans – have again turned into our sworn enemies.”
The military implications
The incident has been labeled a “catastrophe” for German intelligence due to its use of an insecure communications platform, and it has reignited debate about arming Ukraine with long-range weapons. Kiev has received SCALP and Storm Shadow missiles with a range of 250 kilometers, but the Taurus’ 500-kilometer range would allow deep strikes into Russian territory, prompting fears of escalation and retaliation.
Ukraine has been requesting the Taurus since May 2023, and President Volodymyr Zelensky recently told the Munich Security Conference that long-range weapons were urgently needed for his country to win the war. While Scholz had already indicated that Taurus was off the table, German officials say this latest incident was likely intended to cement that decision, to Kiev’s dismay.Russian flag displayed on a laptop screen and Guy Fawkes mask.
Hard Numbers: Anti-Russia hacktivism, Taliban schoolgirls, Polish diplomatic evictions, Egyptian currency drop
2,500: Hackers affiliated with Anonymous claim to have infiltrated 2,500 Russian and Belarusian sites, including government and media services. Trouble is, Putin likely views these hacktivists as agents of the West and critics warn that IT hits on critical infrastructure could, in turn, lead to Russian escalation.
13: Girls aged 13 and over had been planning to return to school on Wednesday for the first time since the Taliban took control of Afghanistan last summer. But right when the new academic year was about to start, officials announced that girls’ secondary schools would remain closed until further notice.
45: Poland is sending 45 “spies pretending to be diplomats” back home to Russia, according to the Polish interior minister. The move involves about half of Russia’s embassy staff in Warsaw and reflects just how tense things have become between the two countries since the invasion of Ukraine.
14: The value of Egypt’s currency fell 14% on Wednesday after its central bank raised the main interest rate. The bank pointed to instability caused by Russia’s invasion of Ukraine and the need to curb inflation. Prices are soaring — this week Cairo fixed the price of unsubsidized bread — but the rate hike may also signal Egypt’s desire to secure more funding soon from the IMF.
Join us live from the 2022 Munich Security Conference
Friday, February 18 at 11 am ET / 5 pm CET: Watch GZERO Media and Microsoft's live conversation from the 2022 Munich Security Conference.
As crises converge, our speakers will discuss emerging risks at the intersection of technology, policy and security: NATO's role and tools to defend democracy, the US role in global alliances, the rise of cyber threats and the need for cyber norms and stronger defenses.
Participants:
- David E. Sanger, White House and national security correspondent, The New York Times (moderator)
- Ian Bremmer, President and Founder, Eurasia Group and GZERO Media
- Benedikt Franke, Chief Executive Officer, Munich Security Conference
- Mircea Geoană, Deputy Secretary General, NATO
- Kersti Kaljulaid, former President of Estonia
- Anne-Marie Slaughter, CEO, New America
- Brad Smith, President and Vice Chair, Microsoft
Event link: gzeromedia.com/globalstage
This event is being held in collaboration with the Munich Security Conference.
Live from MSC 2022: Securing Cyberspace | Friday, February 18, 2022, 11 am ET / 5 pm CET
Sign up to get email alerts about this and other GZERO events.
Is a Huawei ban possible in Brazil? Poly Network cryptocurrency heist
Marietje Schaake, International Policy Director at Stanford's Cyber Policy Center, Eurasia Group senior advisor and former MEP, discusses trends in big tech, privacy protection and cyberspace:
The US warned Brazil about China's Huawei equipment in its 5G telecoms network. Would it be possible to ban Huawei in Brazil?
Now in theory, yes, but in practice, that will be very difficult. If not Huawei, the Brazilian mobile network infrastructure is largely sourced from China, and China is the country's most important trade partner overall. But as always, much depends on political leadership. President Bolsonaro, after all, did go along with President Trump in opposing Huawei while he was facing pushback for that decision at home. So the lesson to learn is that it is easier to prevent risky 5G telecoms equipment to come into the country than to cure when it's already there.
$600 million was stolen in what is being called the largest hack in decentralized finance history. What does this reveal about the security of digital assets?
Now, the answer is kind of in the question. The security is not hacker proof, at least not when it comes to the token swapping platform, Poly Network. But even if around half of the stolen assets have now been returned, the theft is still the largest robbery of its kind, and the hacker stole funds in 12 different cryptocurrencies.
Will there be a decisive US response to Russian cyber attacks?
Marietje Schaake, International Policy Director at Stanford's Cyber Policy Center, Eurasia Group senior advisor and former MEP, discusses trends in big tech, privacy protection and cyberspace:
After an attempted hack of a Republican National Committee contractor, is cybersecurity at a breaking point between the US and Russia?
Well, that breaking point has been a long time coming. There was the attempt to manipulate the 2016 elections and now we see a series of ransomware attacks that are escalating. So the question is, what the US can do to decisively change the calculation on the Russian side? Making clear that there will be sanctions and other consequences that hurt should be a start. But it will only be credible if these promises are followed through and enforced.
Why is China launching cybersecurity probes into US listed Chinese tech companies?
Well, there has been an intensification of regulatory measures vis-a-vis tech companies in China itself. So, steps against Didi fit the arm-wrestling pattern between companies and state agencies. Only now, US and international investors have also been caught up. And of course, it brings back memories of the Trump administration, which launched its own probes into Chinese tech firms. So the question is, who stands to lose most from a tit for tat type back and forth?
- Beyond SolarWinds: Securing Cyberspace | Global Stage ›
- SolarWinds hack a wake-up call to the tech sector - GZERO Media ›
- Russia's cyber attack: an act of espionage or war? - GZERO Media ›
- Hackers shut down US pipeline - GZERO Media ›
- Panel: Working together to protect cyberspace - GZERO Media ›
- US & allies unite against China's cyberattacks - GZERO Media ›
- Panel: Working together to protect cyberspace - GZERO Media ›
- Russian hackers target US tech companies with little accountability - GZERO Media ›
- Russian hackers target US tech companies with little accountability - GZERO Media ›
- Watching Russia: cyber threats & disinformation - GZERO Media ›