Daily Drop (563): EU Trade: China, Chinese electric-car battery makers: South Korea, FBI Alert: Crypto Scammers, Google to alert netizens, Web 3.0, Generative AI: Hardware, Illegal Engineer: IBM
08-07-23
Monday, Aug 07, 2023 // (IG): BB // Financial Enabler PODCAST // Coffee for Bob
EU trade chief to push China on barriers to exports
Analyst Comments: The rising trade deficit between the EU and China underscores the pressing need to recalibrate their trade relations. While the EU is keen on addressing the trade imbalances, its approach is more focused on negotiation and dialogue rather than drastic measures. The potential use of new trade tools by the EU suggests a proactive strategy to protect its interests. However, any action must strike a delicate balance, ensuring that economic ties remain intact while addressing concerns. The emphasis on dialogue, coupled with potential trade measures, indicates the EU's determination to protect its economic interests while maintaining a collaborative stance. The upcoming meeting in September is pivotal, as it can shape the future trajectory of trade relations between these two major global players.
FROM THE MEDIA: The European Union (EU) is set to address trade imbalances with China in an upcoming high-level meeting scheduled for September. EU's trade deficit with China has reached nearly €400bn, which has doubled within two years. The EU's concern mirrors the US administration's stance on trade imbalances with China. Valdis Dombrovskis, EU Trade Commissioner, expressed the desire to maintain good relations but is expecting China to open its markets more to European exports. If the trade issues remain unresolved, the EU might consider deploying a range of trade tools they've introduced recently. Dombrovskis also criticized China's export restrictions on metals like gallium and germanium, which are crucial for tech applications, and emphasized the importance of China's cooperation in the international trading system.
READ THE STORY: FT
Chinese electric-car battery makers opening South Korean factories to bypass US laws
Analyst Comments: The US's push to boost domestic production and sourcing is consistent with efforts to bolster domestic industries and reduce reliance on foreign entities. China's workaround by leveraging countries with US trade agreements exemplifies global supply chain adaptability and the complexities of international trade. The intended US legislation to limit foreign entities' supply can have unintended consequences. As experts argue, restricting collaborations with Chinese companies can hinder the US's electric vehicle market growth. The partnership with Australia seems promising, given its dominance in lithium supply and reputable business practices. However, the intertwined global supply chains require balanced and strategic policies to ensure growth while securing national interests.
FROM THE MEDIA: Due to a US law passed recently, electric vehicles must be built in North America or a US trading partner to qualify for government incentives. This legislation, effective January 2023, requires at least 40% of electric car battery materials to originate from North America or a US trading partner. The percentage will rise by 10% annually, reaching 100% in 2030. As China, a major battery manufacturer, lacks a free trade agreement with the US, Chinese companies are looking to set up factories in US trade partner countries. One such company, NRNETC, plans to establish a factory in South Korea because of its US free trade agreement. While China already provides battery components to South Korean firms, having its own factories would be more cost-effective.
READ THE STORY: Drive
FBI Alert: Crypto Scammers are Masquerading as NFT Developers
Analyst Comments: The surge in popularity and value of NFTs and cryptocurrencies has inevitably attracted the attention of cybercriminals. These scams demonstrate the increasing sophistication and adaptability of cyber fraud methods. The blending of social engineering with the allure of digital assets showcases a dangerous convergence that capitalizes on both technological vulnerabilities and human psychology.
FROM THE MEDIA: The FBI has issued a warning about cybercriminals posing as genuine NFT developers to defraud individuals of their cryptocurrency and other digital assets. In these schemes, the perpetrators either hijack NFT developers' social media accounts or establish fake ones to advertise bogus NFT launches. The links in these fake promotions lead victims to counterfeit websites, tricking them into connecting their cryptocurrency wallets and purchasing NFTs. The fraudsters then transfer the funds and NFTs to their own wallets. The stolen assets are usually laundered through cryptocurrency mixers and exchanges to hide their tracks. To avoid these scams, the FBI advises users to thoroughly verify the authenticity of social media accounts and websites before engaging. This alert follows another from the FBI five months prior about the rise of deceptive cryptocurrency investment schemes, including the "CryptoRom" scam, where criminals feign romantic interests to swindle victims.
READ THE STORY: THN
Google offers to alert netizens when their personal info shows up in Search
Analyst Comments: Google's update to its "Results About You" tool and the enhancement of its imagery protection policies indicate a more proactive approach towards user privacy and online safety. By allowing users to remove personal contact information from search results and blurring explicit content, Google is taking steps to address growing concerns about digital privacy and the spread of harmful content online. While this doesn't equate to the removal of the original content from the web, making it harder to find through the world's leading search engine is a significant move.
FROM THE MEDIA: Google has upgraded its "Results About You" tool, designed to help individuals remove their personal contact information from Google Search results. Users will be notified if search results display their contact information, and they can promptly request its removal. However, the tool only stops the display of such information on Google Search and doesn't remove the data from the original websites. Furthermore, Google has revised its explicit imagery protection: adult content or graphic violence will be blurred by default in search results.
READ THE STORY: The Register
A look at the surprising history of the earliest rocket pioneers
Analyst Comments: Manber's "From the Earth to Mars" offers a unique and comprehensive look into the history of spaceflight, focusing on the lesser-known figures and events that contributed to the rise of the space industry. By blending graphic illustrations with an in-depth narrative, the book provides an engaging and educational experience for readers. The exploration of early space endeavors' commercial and entertainment purposes, contrasted with later governmental interventions, is particularly thought-provoking. Manber's book serves as a testament to the rich history of spaceflight and its multifaceted origins.
FROM THE MEDIA: In his new book titled "From the Earth to Mars," space entrepreneur Jeffrey Manber delves deep into the history of spaceflight, tracing its origins not just to the iconic 1957 launch of the Soviet Sputnik satellite or SpaceX's Falcon 9 in 2015 but going back a century and a half. The book highlights figures from this era, both well-known ones like Konstantin Tsiolkovsky and lesser-known ones like Thea von Harbou. Manber's work is a mix of graphic novels, with contributions from Shraya Rajbhandary and Jay Mazhar, and an essay detailing the pioneers of modern rocketry and their early commercialization efforts. The narrative paints early space endeavors as primarily European and Russian, with the US playing a minimal role. A notable mention in the book is the 1929 film "Woman in the Moon," which showed cinematic details that became prophetic for space voyages.
READ THE STORY: arsTECHNICA
Web 3.0: The Future of the Internet and its Cybersecurity Features and Challenges
Analyst Comments: The description of Web 3.0 and its cybersecurity features and risks is well-articulated and informative. It highlights the potential benefits of Web 3.0 in empowering users and improving data control while acknowledging the challenges associated with decentralized systems. The explanation of the best practices for mitigating Web 3.0 risks provides valuable guidance for organizations and developers seeking to adopt this new paradigm securely. By emphasizing security by design, selecting appropriate blockchain types, and staying informed about threats, the assessment underscores the importance of proactive security measures.
FROM THE MEDIA: Web 3.0, the next generation of the Internet aims to decentralize data control and empower users with Artificial Intelligence and blockchain technology. It promises enhanced cybersecurity through features like identity native, zero trust, and decentralized applications. However, it also introduces novel attack types, data reliability, and privacy concerns that require careful attention.
READ THE STORY: Tripwire
Why Purpose-Built Hardware is Critical to Advancing Generative AI
Analyst Comments: The emphasis on purpose-built hardware underscores the importance of specialized tools in the evolving AI landscape. Amazon's commitment to democratizing AI is commendable, as it aims to make cutting-edge technology accessible to a wider audience. The real-world applications and benefits cited in the article lend credibility to the advantages of Amazon's hardware innovations.
FROM THE MEDIA: This piece delves into Amazon's journey in the AI and ML domain, emphasizing the growing importance of generative AI and the subsequent demand for specialized hardware. Amazon has been at the forefront of AI applications for over 25 years, with innovations ranging from e-commerce recommendations to Alexa. Recognizing the limitations of available hardware for the burgeoning AI demands, Amazon developed its own specialized chips, leading to the creation of AWS Inferentia and AWS Trainium. These accelerators, optimized for deep learning tasks, offer significant advantages in terms of cost, energy efficiency, and performance. The AWS Neuron SDK ensures that developers can seamlessly utilize these accelerators. Companies like InfoJobs have already reaped benefits from using Inferentia.
READ THE STORY: arsTECHNICA
How to get a computer get stuck in a lift? Ask an 'illegal engineer'
Analyst Comments: Tyler's experiences with the IBM 402, a behemoth of a machine, emphasize the critical importance of meticulous planning, infrastructure evaluation, and risk assessment in hardware relocation projects. The elevator incident, in particular, highlights a lapse in considering weight constraints and load-bearing capacities, which are fundamental in infrastructure engineering. Such oversights can lead to not only operational disruptions but also significant safety hazards and financial implications.
FROM THE MEDIA: In a recent edition of "On Call" by The Register, a reader named "Tyler" recounts his days as a "Customer Engineer" at IBM in Texas. The title was later changed to "Service Rep" around 1985 due to legal issues in Texas regarding the use of the term "Engineer". Tyler often worked with the IBM 402, a massive accounting machine known as "pig iron" because of its size and weight. He shared tales of the challenges faced when relocating such a massive machine, including one incident where the decision was made to move the 402 using an elevator. Despite successfully placing the machine in the elevator, the lift got stuck between floors due to the weight of the 402, leading to a significant rescue operation involving fire departments, rescue squads, and news reporters. The manager responsible for the move was never seen again after the incident.
READ THE STORY: The Register
Kaspersky discovers emerging APT threat actor in APAC
Analyst Comments: The cybersecurity landscape is continuously evolving, with new threat actors emerging and existing ones refining their techniques. The discovery of Mysterious Elephant underscores the need for constant vigilance and updated threat intelligence. The evolution of established groups like Lazarus and ScarCruft APT indicates that even known threats can present new challenges. The geopolitical motivations behind many of these cyber-espionage campaigns highlight the intertwining of international relations and cybersecurity.
FROM THE MEDIA: Cybersecurity firm Kaspersky has identified a new threat actor named Mysterious Elephant as part of the Operation Triangulation campaign. This actor, part of the Elephants family, uses new backdoor families to execute files and commands on victims' computers and receive commands from malicious servers. While there are similarities with other groups like Confucius and SideWinder, Mysterious Elephant has its unique TTPs. Kaspersky also noted that existing APT groups like Lazarus are evolving their methods, with Lazarus introducing a new malware variant, MATAv5. BlueNoroff, a subgroup of Lazarus, is employing new delivery methods and programming languages. Another group, ScarCruft APT, is developing new infection methods. Geopolitical influences continue to drive APT activities, with attacks focused on various global regions.
READ THE STORY: Backendnews
The US must come from behind in the global race for AI regulation
Analyst Comments: The international race to define AI norms is evident, with countries like China setting potentially problematic precedents. The U.S. has an opportunity to lead by example, offering a model that balances innovation with human rights and privacy. The article suggests that while comprehensive regulation is complex, there are immediate, bipartisan steps that can be taken to address some of AI's challenges. The emphasis on international coordination and the potential geopolitical implications of AI regulation make this a pressing issue for policymakers.
FROM THE MEDIA: The rapid advancement of generative artificial intelligence, exemplified by the launch of ChatGPT-3, has sparked both enthusiasm and concern. While AI holds potential to improve lives, it also poses risks to labor markets, data privacy, media, and elections, and may perpetuate biases. Policymakers and technologists are advocating for urgent regulation. A delay in this regulation could hinder the U.S.'s influence in global cyber diplomacy and its ability to shape international AI norms. Many international partners, including the EU, UK, and China, are already progressing with AI legislation. To lead in cyber diplomacy, the U.S. must establish its own robust domestic regulations that prioritize human rights and privacy. Drawing from previous federal efforts on AI and existing laws, the U.S. can create a regulatory framework that addresses the challenges posed by AI.
READ THE STORY: The Hill
New 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% Accuracy
Analyst Comments: The high accuracy achieved by the researchers underscores the potential risk of such attacks. The proposed countermeasures indicate that both technological and behavioral changes may be necessary to mitigate these risks. This research serves as a reminder of the multifaceted challenges in ensuring cybersecurity in an increasingly interconnected world.
FROM THE MEDIA: A team of researchers has developed a "deep learning-based acoustic side-channel attack" that can classify laptop keystrokes with an accuracy of 95% when recorded using a nearby phone. The accuracy reached 93% when trained on keystrokes recorded via Zoom. Side-channel attacks exploit the physical effects of a system processing sensitive data, such as acoustics or power consumption, to extract information. Such attacks can have significant implications for user privacy and security, potentially allowing malicious actors to capture passwords and other confidential data. The researchers used a deep learning model called CoAtNet to classify the keystroke images. They suggest countermeasures like altering typing styles, using randomized passwords, and adding fake keystrokes during voice calls.
READ THE STORY: THN
US military responded to Chinese and Russian vessels near Alaska
Analyst Comments: The joint naval patrol by Russian and Chinese vessels near Alaska underscores the increasing military collaboration between the two nations. While the operation was within international laws, the US's swift response indicates its vigilance in monitoring and responding to such activities. The contrasting reactions between the US and China to naval operations in international waters highlight the geopolitical tensions and differing perspectives on maritime rights and territorial claims.
FROM THE MEDIA: Russian and Chinese naval vessels conducted a patrol off the coast of Alaska, prompting a response from the US military. While the patrol remained in international waters and was not seen as a threat to the US or Canada, the US Northern Command and the North American Aerospace Defense Command deployed planes and ships to monitor the situation. Alaska's Republican Senators, Dan Sullivan and Lisa Murkowski, stated that 11 Russian and Chinese vessels operated near the Aleutian Islands and were met by four US Navy destroyers. The Chinese Embassy clarified that the joint maritime patrols were part of an annual cooperation plan between China and Russia and were not targeted at any third party. Sullivan noted a similar close approach by Chinese and Russian vessels to Alaska last summer, which was met with a US Coast Guard ship. He praised the stronger response this time, stating it sends a clear message to China and Russia.
READ THE STORY: CNN
Items of interest
Russian Hacktivists Overwhelm Spanish Sites With DDoS
Analyst Comments: Google's update to its "Results About You" tool and the enhancement of its imagery protection policies indicate a more proactive approach towards user privacy and online safety. By allowing users to remove personal contact information from search results and blurring explicit content, Google is taking steps to address growing concerns about digital privacy and the spread of harmful content online. While this doesn't equate to the removal of the original content from the web, making it harder to find through the world's leading search engine is a significant move.
FROM THE MEDIA: Google has upgraded its "Results About You" tool, designed to help individuals remove their personal contact information from Google Search results. Users will be notified if search results display their contact information, and they can promptly request its removal. However, the tool only stops the display of such information on Google Search and doesn't remove the data from the original websites. Furthermore, Google has revised its explicit imagery protection: adult content or graphic violence will be blurred by default in search results.
READ THE STORY: InfoSecMag
Real 'Cyber War': Espionage, DDoS, Leaks, and Wipers in the Russian Invasion of Ukraine (Video)
FROM THE MEDIA: The Russian invasion of Ukraine has included a wealth of cyber operations that have tested our collective assumptions about the role that cyber plays in modern warfare. The concept of 'Cyber War' has been subject to all kinds of fantastic aberrations fueled by commentators unfamiliar with the realities and constraints of real world cyber.
Introducing ChatGPT’s Evil Twin (Video)
FROM THE MEDIA: Introducing ChatGPT’s Evil Twin.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.