Daily Drop (569): GRU: Starlink, Veilid: A secure P2P client, A New Turing Test, Zoom ZTP & AudioCodes, Russia's cyber 'war crimes', Generative AI: Supply Chains, Weapon Systems: Vulnerable
08-13-23
Sunday, Aug 13, 2023 // (IG): BB // Financial Enabler PODCAST // Coffee for Bob
Russian spy agencies targeting Starlink with custom malware, Ukraine warns
Analyst Comments: Starlink's ambition to become a global internet service provider places it squarely in the crosshairs of state-sponsored hacking entities. The strategic implications of hacking satellite communication systems are profound, especially when such systems are integral to military operations. The situation highlights two imperatives: the need for robust security protocols in satellite communication systems and the geopolitical considerations when adopting these technologies for critical applications.
FROM THE MEDIA: The GRU, has targeted Elon Musk's Starlink system with custom malware, according to a report from Ukraine's State Security Service (SBU). The primary goal of this cyber intrusion is to monitor troop movements via the Starlink satellites. The SBU identified malware on tablet devices that were once captured by the Russians and subsequently recovered. This malware bore the characteristics of the notorious Sandworm hacker group, which the British intelligence service, GCHQ, has linked to Russia's GRU. Starlink, a global network of satellites offering internet service, is crucial for Ukrainian commanders for communication. There's heightened apprehension about Ukraine's reliance on Starlink for its military operations, especially given Musk's ambivalence about its use for such purposes. Additionally, earlier in the year, a Russian tool named Tobol was revealed, designed to target and disrupt Starlink's communication.
READ THE STORY: Telegraph
Multinationals turn to generative AI to manage supply chains
Analyst Comments: The increasing integration of AI into supply chain management appears to be a logical and inevitable progression, given the challenges in today's globalized and politically complex world. Generative AI, with its ability to create content and automate processes, offers a promising avenue for corporations to maintain efficiency in their operations. Furthermore, the emphasis on ethical and environmental concerns in supply chains has added another layer of complexity that AI can address more efficiently than humans. However, there is a valid concern about the potential job losses, which underscores a broader debate about the societal implications of AI-driven automation.
FROM THE MEDIA: Multinational corporations are increasingly turning to generative AI for supply chain management due to the complexities induced by geopolitical tensions and the necessity to disentangle from environmental and human rights abuses. Companies like Unilever, Siemens, and Maersk use AI for tasks ranging from contract negotiation to identifying new suppliers. With new laws, especially in Germany, compelling companies to monitor human rights and environmental issues in their supply chains, the interest in AI solutions has surged. Maersk, for instance, invested in Pactum, a firm whose ChatGPT-like bot negotiates contracts for major firms. Meanwhile, Siemens has been working to diversify its suppliers away from China using services from the Berlin start-up, Scoutbee. A New York start-up, Altana, has been mapping global suppliers, leveraging AI to sift through vast amounts of data. A Freightos survey indicated that 96% of supply chain professionals intend to use AI, but concerns about potential job losses persist.
READ THE STORY: FT
Ukraine's Victor Zhora: Russia's cyber 'war crimes' will continue after ground invasion ends
Analyst Comments: Zhora's insights, drawn from his position at the forefront of Ukraine's cyber defense, underscore the pervasive nature of state-backed cyberattacks and their potential long-term consequences. His call for international legislation and a collective approach to tackle cyber aggression is timely, given the escalating scale and sophistication of these attacks. However, achieving consensus on international norms for cyber warfare and ensuring their enforcement could be challenging in the current geopolitical climate.
FROM THE MEDIA: Ukraine's cybersecurity leader, Victor Zhora, anticipates that Russia's cyberattacks on Ukraine, including cyber "war crimes", will persist long after the end of physical hostilities unless there's significant international intervention. Zhora remarked that Russia would remain a cyber threat until its political system undergoes a complete transformation. He discussed the five phases of cyber warfare initiated by Russia against Ukraine, starting in January 2022 with malware attacks and culminating in a shift from destructive attacks to espionage activities. Despite the continuous cyber onslaught, Ukrainian agencies are collecting evidence to press for war crime charges against Russia for its cyber campaigns.
READ THE STORY: The Register
Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping
Analyst Comments: The unearthing of these vulnerabilities underscores the urgent need for comprehensive security audits, particularly for tools heavily integrated into enterprise settings. Organizations should swiftly consider a multifaceted response: a timely review and potential pause in using the impacted services until patches are rolled out, vigilant updating of all relevant software and hardware once fixes are released, heightened surveillance for any irregularities on potentially compromised devices, and renewed efforts in employee training concerning the vulnerabilities and immediate remedial steps
FROM THE MEDIA: The Hacker News has reported multiple security vulnerabilities in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP). These vulnerabilities, once exploited, can provide attackers with full remote control over devices. Zoom's ZTP was found to lack client-side authentication during the retrieval of configuration files. This loophole can allow the download of malicious firmware from an unauthorized server. Additionally, authentication issues were identified in the cryptographic routines of AudioCodes VoIP desk phones, which can potentially expose sensitive information. When combined, these vulnerabilities enable attackers to remotely control devices, posing a significant security threat.
READ THE STORY: THN
Veilid: A secure peer-to-peer network for apps that flips off the surveillance economy
Analyst Comments: Veilid's launch highlights the ever-increasing emphasis on data privacy in the current digital age. By integrating the best features from both Tor and IPFS, the platform could offer robust security solutions to application developers and, by extension, their users. The absence of centralized, corporate-owned systems in Veilid's framework can be seen as a pushback against the dominance of major tech companies in the internet landscape, offering a more decentralized and private internet experience. However, the real challenge lies in widespread adoption. Many platforms with similar goals have emerged in the past, but few have achieved broad acceptance.
FROM THE MEDIA: At the DEF CON Infosec convention, the Cult of the Dead Cow introduced "Veilid," an open-source project that enables applications to connect and exchange data in a decentralized, peer-to-peer manner. This means apps, regardless of platform (mobile, desktop, web, or headless), can communicate privately and securely without needing centralized, often corporate-owned systems. Veilid incorporates elements from the Tor anonymizing service and the InterPlanetary File System (IPFS), and its primary objective is to ensure privacy by making it nearly impossible to trace a user's IP address or location. Unlike Tor, which uses exit nodes, every node in Veilid's network is equal, making potential surveillance across the entire network unfeasible. Veilid uses advanced cryptographic tools, and the data written by it is fully encrypted. The team demonstrated its potential with a secure instant-messaging app named VeilidChat. If widely adopted, Veilid could significantly disrupt the surveillance capitalism economy.
READ THE STORY: The Register
To Navigate the Age of AI, the World Needs a New Turing Test
Analyst Comments: Providing a nuanced exploration of a pressing topic, the narrative intertwines historical context with modern technological advancements. It prompts readers to reconsider their preconceived notions about AI and challenges binary concepts of personhood. The proposed "Actual Alan Turing Test" is a compelling thought experiment deepening our understanding of AI's capabilities. The writing is eloquent, making complex ideas accessible and relatable. However, while enlightening, it might benefit from a deeper exploration of potential solutions or guidelines on how society can navigate the gray areas of AI personhood.
FROM THE MEDIA: Delving into the evolving relationship between humans and artificial intelligence, the narrative underscores how our perception of AI has shifted over time. Using the Turing test as a backdrop, it highlights technological advancements in AI, emphasizing the increasing ability of systems like GPT-4 to evoke human-like interactions. The complexity of our brains' perception of AI is emphasized, suggesting that we might be attributing certain human attributes to these systems. The concept of a spectrum of personhood is introduced, proposing that, akin to animals, different AI systems might occupy various points on this gradient, influencing our moral and ethical dealings with them. The historical significance of Alan Turing, both in his contributions and personal experiences, serves as a poignant backdrop for these discussions.
READ THE STORY: Wired
Weapon Systems Vulnerable to Cyberattacks: Lessons from Ukraine
Analyst Comments: The article sheds light on the contemporary challenges of weapon systems in the digital age, especially given the circumstances in Ukraine. The DoD's tripartite approach reflects a comprehensive understanding of the issue at hand, spanning security aspects, maintenance concerns, and data utility. The article's emphasis on the integration of AI and ML aligns with the future trajectory of warfare, making it a timely and relevant piece. However, there's an implied concern regarding bureaucratic delays, given the five-year gap between initial concerns and consequential action. The introduction of China as a competitive force in tech-driven warfare adds a layer of geopolitical nuance to the piece, emphasizing the larger stakes at play.
FROM THE MEDIA: The Ukrainian armed forces confront what some have labeled the first hybrid war following Putin's unexpected invasion. As this conflict symbolizes the foremost military confrontation in the cyber era, it underscores weapon systems' vulnerability to cyber threats. Even though the Government Accountability Office (GAO) had previously pinpointed potential threats to American weapon systems in 2018 and again in 2023, minimal action was taken. But recent attitudes within the Department of Defense (DoD) and Congress suggest a renewed commitment to address these concerns. The DoD has unveiled a three-tiered plan emphasizing network security, the modernization of maintenance procedures, and an enhanced focus on data management. Acknowledging the significant role of data in warfare today, the DoD emphasizes harnessing it responsibly while integrating AI and ML.
READ THE STORY: TSWBM
Items of interest
Young Afghans Flee Abroad for Better Future
Analyst Comments: The mass exodus of young Afghans paints a grim picture of the current state of affairs in Afghanistan post the Taliban takeover. The sheer volume of departures, as evidenced by the bus numbers, signals a deepening crisis and a loss of hope among the younger generation. The willingness to embark on perilous journeys underscores the dire conditions at home. The international community and neighboring nations will likely face challenges in managing this migration surge, ensuring safety for refugees, and addressing root causes in Afghanistan itself.
FROM THE MEDIA: In Kabul, Afghanistan's capital, many young men are heading to the Nimroz province, which borders Iran and Pakistan, in hopes of eventually reaching Europe for better opportunities. These journeys are treacherous and are fueled by the lack of job opportunities and deteriorating living conditions in Afghanistan since the Taliban's takeover in 2021. This economic downturn has caused numerous people to lose their jobs and businesses. Many young individuals from Northern Province are among those attempting this migration. Travel agencies report that 80 to 90 buses depart for Nimroz daily, with a significant majority aiming to reach Iran and Pakistan before heading to Europe. The UN states that since the Taliban's return to power two years ago, over 1.6 million Afghans have sought refuge in neighboring countries, with a million entering Iran alone.
READ THE STORY: VOA
Down the road: The brain drain (Video)
FROM THE MEDIA: Following the swift Taliban takeover of Afghanistan in August, the country experienced a notable brain drain as many intellectuals and professionals were evacuated from Kabul. While many left due to fears stemming from the Taliban's previous regime, especially their treatment of intellectuals, journalists, and women before 2001, some, like 19-year-old English teacher Peresta Farooq, are currently living in despair and hopelessness. However, there are those like professor Isa Amid who remain hopeful and have chosen to stay, feeling a duty to rebuild their nation. The Taliban leadership is encouraging educated Afghans to stay and assist in reconstructing the country. This brain drain is causing major concerns about Afghanistan's return to normalcy after the US's withdrawal.
China Invests In Taliban's Afghanistan: A Friend In Need (Video)
FROM THE MEDIA: It has been a year since the Taliban returned to power in Afghanistan. In that time, they have enacted repressive Sharia laws, even as millions flee their harsh rule. The economy is in tatters as natural disasters devastate much of the country.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.