TOP OF THE DAY
Artificial Intelligence Priorities for the Next (US) Administration
(Sebastian Elbaum, Adam Segal – Council on Foreign Relations – 26 November 2024) By many measures, the United States dominates the AI landscape: it is home to more top AI models and more leading companies and invests more in AI development than China and Europe. The U.S. market is dominated by a handful of private companies producing foundational models—large models trained on vast data sets that can perform many tasks—but there is a rapidly growing ecosystem of smaller companies building specialized systems, often on top of foundational ones. – https://www.cfr.org/expert-brief/artificial-intelligence-priorities-next-administration
The True Impact of Allied Export Controls on the U.S. and Chinese Semiconductor Manufacturing Equipment Industries
(Gregory C. Allen – Center for Strategic & International Studies – 26 November 2024) There is a fierce debate in the United States and among its allies about the impacts of export controls, and nowhere is that debate more heated than in the semiconductor equipment manufacturing industry. Too often, however, this debate occurs without any grounding in real-world data or relevant historical Chinese policy context. This paper seeks to provide some of that grounding through a combination of Chinese policy document analysis and new financial and market share data for leading semiconductor equipment firms in China, the United States, Japan, and the Netherlands. – https://www.csis.org/analysis/true-impact-allied-export-controls-us-and-chinese-semiconductor-manufacturing-equipment
Is Europe About to Slow the Pace on Digital Regulations?
(Itsiq Benizri, Ekaterina Fakirova – Lawfare – 26 November 2024) “How have you managed to tame Big Tech?” asked Sen. Elizabeth Warren (D-Mass.) on a visit to the European Parliament in October 2023. In recent years, most businesses, including U.S. companies, have been confronted with a growing number of demanding European digital regulations with extensive extraterritorial effects. Now, influential European voices are asking: Has this gone too far? Could these rules and regulations be undermining Europe’s competitiveness? Mario Draghi, former European Central Bank chief, raised these concerns in a report in September. He asserted that the European Commission’s “legislative activity has been growing excessively” in recent years and that “innovative companies that want to scale up in Europe are hindered at every stage by inconsistent and restrictive regulations.” Whether and to what extent Draghi’s report will influence the new European Commission following the upcoming European elections remains unknown. Our take? It might not have the impact some are hoping for. Draghi’s report is somewhat late—it was published three months after the EU elections, which bolstered far-right parties that would oppose implementing his recommendations. In any case, the new European Commission is expected to continue the previous commission’s legislative agenda and has announced plans to further regulate the tech industry, focusing on interface designs. – https://www.lawfaremedia.org/article/is-europe-about-to-slow-the-pace-on-digital-regulations
What Neuralink’s testing could mean for prosthetics
(Marcus Walsh – Cybernews – 26 November 2024) As Wired recently reported, Neuralink has announced that it will run trials on a wireless prosthetic limb controlled by a brain implant. As it stands, the BCI (brain-computer interface) allows a person to control external stimuli, such as moving a mouse cursor or turning on an audio book or TV. With the ability to connect the chip to other devices, you can imagine just how smart and convenient life could become for those with mobility issues. Calibrating an arm to sync with an individual’s motor skills or reflexive actions can take a long time, and some individuals are reluctant to sit and fine-tune this process every morning. – https://cybernews.com/tech/what-neuralinks-testing-could-mean-for-prosthetics/
Over a Third of Firms Struggling With Shadow AI
(Phil Muncaster – Infosecurity Magazine) 26 November 2024) Over a third of organizations have admitted that they face major challenges monitoring the use of unsanctioned AI tools in the enterprise, according to Strategy Insights. The London-headquartered consulting firm polled 3320 directors from companies across the US, UK, Germany, the Nordics and Benelux regions in order to better understand how they’re managing AI. – https://www.infosecurity-magazine.com/news/over-third-firms-struggling-shadow/
Leveraging Generative AI for Job Augmentation and Workforce Productivity: Scenarios, Case Studies, and a Framework for Action
(World Economic Forum – 25 November 2024) Generative artificial intelligence (GenAI) could significantly boost productivity while reshaping many jobs. By aligning strategic goals with the needs of their people, organizations can create an environment where GenAI improves job quality, productivity, and helps employees take on more meaningful and impactful work. This report considers four alternative scenarios for the way GenAI could shape the workplace in the coming years and outlines the key steps organizations need to take to maximize its benefits. Drawing on interviews with early adopters of GenAI, it provides practical insights and an actionable framework for using GenAI effectively. Importantly, the most promising applications are often those embraced and championed by workers themselves. – https://www.weforum.org/publications/leveraging-generative-ai-for-job-augmentation-and-workforce-productivity/
A new ‘turning point’ for Germany’s cyber posture?
(Matthias Schulze – Binding Hook – 22 November 2024) Germany is likely to hold early elections for a new government in February 2025, after the German governing coalition collapsed on November 7. The issue of active cyber defence is likely to emerge in the short period before the elections. The conservative Christian Democratic Union, which has a high chance of leading the next government, has been a supporter of active cyber defence. As a result, active cyber defence in peacetime may make a comeback. The 2022 Russian invasion of Ukraine led to the ‘Zeitenwende’ (‘historic turning point’), a paradigm shift in Germany’s relationship towards Russia and towards its own military and security policy. The German government created a one-time €100 billion special fund, to boost defence spending and fill gaps in the underfunded and overstretched armed forces, the Bundeswehr, in pursuit of NATO’s 2% target. A large chunk of the special fund was allocated to the cyber and information domain, resulting in many useful initiatives. However, there is still work to be done: Germany must find a way to counter cyber operations in peacetime, come up with more effective strategies to counter influence operations, and update strategic thinking about cyber operations below the threshold of armed attacks. – https://bindinghook.com/articles-binding-edge/a-new-turning-point-for-germanys-cyber-posture/
What will be the impact of AI on the bioweapons treaty?
(James Revill, Clarissa Rios, Louison Mazeaud – Bulletin of the Atomic Scientists – 16 November 2024) The development of biological weapons with reliable, predictable effects has proven difficult in the past. Generating militarily efficient and accurate weapons requires considerable skills and knowledge, and large-scale offensive biological weapons programs involved intensive investments in infrastructure and equipment, along with legions of scientists. Any contemporary program would face similar challenges. Yet with frequent headlines documenting the rapid evolution of artificial intelligence technologies, the community of scholars, diplomats, scientists, and others involved in biological arms control has been engaged in an intense debate over how AI will affect their efforts. https://thebulletin.org/2024/11/what-will-be-the-impact-of-ai-on-the-bioweapons-treaty/#post-heading
GOVERNANCE AND LEGISLATION
Harmonizing Cybersecurity Incident Disclosure After Loper Bright
(Francesca Lockhart, Karl Lockhart – Lawfare – 26 November 2024) On Nov. 6, the Transportation Security Administration (TSA) proposed a new cyber rule, with the goal of preventing attacks like the 2021 Colonial Pipeline ransomware incident that caused gas station shortages up and down the East Coast. Among other requirements, the proposed rule would mandate reporting cyberattacks to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours. TSA’s new rule may represent a marked improvement over the patchwork of unharmonized federal cybersecurity regulations that have proliferated over the past half-decade. For example, the Securities and Exchange Commission (SEC) finalized a rule last summer requiring public companies to disclose major cybersecurity breaches or incidents to the public via filing of a Form 8-K. While the rule is supposed to inform investors of cybersecurity breaches that may impact the financial status of publicly traded companies, the disclosures have not had the intended effect. Instead, misapplication of the disclosure requirement may be undercutting the higher order goal of incentivizing better cybersecurity practices within companies—which smart, harmonized government regulation could accomplish. – https://www.lawfaremedia.org/article/harmonizing-cybersecurity-incident-disclosure-after-loper-bright
Lawmaker wants FCC to create AI tool for identifying scams
(Edward Graham – NextGov – 26 November 2024) A new legislative proposal would require that the Federal Communications Commission create an artificial intelligence-powered platform to help Americans better identify likely scams. The measure — introduced by Rep. John Curtis, R-Utah., on Thursday — calls for the agency to develop an online tool that is capable of assessing submitted “emails, text messages, website addresses and scans or photographs of physical material.”. The platform would then provide a rating “on a scale to be determined by the commission” that reflects the likelihood that the solicitations are scam attempts. – https://www.nextgov.com/artificial-intelligence/2024/11/lawmaker-wants-fcc-create-ai-tool-identifying-scams/401296/
SECURITY
RansomHub gang says it broke into networks of Texas city, Minneapolis agency
(Jonathan Greig – The Record – 26 November 2024) Ransomware attacks on two municipal governments have been claimed by a notorious cybercriminal operation responsible for dozens of high-profile incidents in 2024. On Monday, the RansomHub operation took credit for damaging attacks on the city of Coppell, Texas, and the Minneapolis Park and Recreation Board. Both organizations have reported widespread technology issues in recent weeks that caused significant problems for local residents. – https://therecord.media/ransomhub-cybercrime-coppell-texas-minneapolis-parks-agency
Darknet Services Fuel Holiday Scams and E-Commerce Exploits
(Alessandro Mascellino – Infosecurity Magazine – 26 November 2024) Cybercriminals have been observed ramping up operations ahead of the holiday shopping season, driven by darknet marketplaces offering tools and services to exploit e-commerce platforms and consumers. A report from FortiGuard Labs, Understanding Threat Actor Readiness for the Upcoming Holiday Season, has revealed how these underground networks are equipping attackers with increasingly sophisticated means to launch scams during the busiest retail period of the year. – https://www.infosecurity-magazine.com/news/darknet-services-fuel-holiday-scams/
African cybercrime crackdown culminates in 1,006 captured and cuffed
(Alexander Martin – The Record – 26 November 2024) More than a thousand suspected cybercriminals were arrested across 19 African countries in recent months thanks to an operation helmed by Interpol and Afripol. Operation Serengeti ran over September and October, targeting criminal capers from ransomware through to business email compromise (BEC) and other online offenses linked to more than $190 million in global losses. – https://therecord.media/interpol-afripol-cybercrime-arrests
NHS Trust Declares Major Incident for “Cybersecurity Reasons”
(James Coker – Infosecurity Magazine – 26 November 2024) A UK NHS Trust has declared a major incident and has cancelled all outpatient appointments, citing “cybersecurity reasons.”. Wirral University Teaching Hospital (WUTH) has also urged the public to only attend its Emergency Department for “genuine emergencies” while it responds. A spokesperson for the NHS Trust said on November 25: “A major incident has been declared at the Trust for cybersecurity reasons. Our business continuity processes are in place, and our priority remains ensuring patient safety.” – https://www.infosecurity-magazine.com/news/nhs-trust-major-incident/
Starbucks and Grocery Stores Face Disruption after Ransomware Attack on Blue Yonder
(Kevin Poireault – Infosecurity Magazine – 26 November 2024) Software vendor Blue Yonder, which supplies supply chain management tools to major retailers worldwide, has been hit by a ransomware attack which has affected Starbucks and some UK supermarkets. Blue Yonder confirmed on November 21 that it was experiencing disruptions to its managed services-hosted environment due to the attack. – https://www.infosecurity-magazine.com/news/starbucks-sainsburys-ransomware/
DEFENSE, INTELLIGENCE, AND WAR
Commerce announces more semiconductor funding for military aircraft, commercial satellites
(Carley Welch – Breaking Defense – 26 November 2024) In an effort to bolster domestic manufacturing of chips for national security and the space industry, the Department of Commerce announced it is awarding BAE Systems Inc. and Rocket Lab a CHIPS Incentive Award worth up to a combined $59.4 million. The funding comes from the Biden administration’s CHIPS and Science Act. BAE Systems Inc., the US subsidiary of British company BAE Systems, will receive $35.5 million in direct funding to build chips used for military jets and commercial satellites, according to a press release from the Department of Commerce. Rocket Lab, the parent company of space power provider SolAero Technologies Corp., will receive up to $23.9 million for space-grade solar cells — space devices used to convert light to electricity which help operate missile awareness systems and “world-leading science missions,” per the Monday release. – https://breakingdefense.com/2024/11/commerce-announces-more-semiconductor-funding-for-military-aircraft-commercial-satellites/
DOD reveals first draft of $15B artificial intelligence contract
(Ross Wilkers – NextGov – 26 November 2024) The Defense Department has given industry a first glimpse at how it plans to compete a potential $15 billion program whose mission is in the name — Advancing Artificial Intelligence Multiple Award Contract. A draft solicitation released Wednesday outlines what DOD is looking for in this contract that supports Advana, a multi-domain analytics and AI platform run by the Pentagon’s Chief Digital and Artificial Intelligence Office. Advana is in the midst of an overhaul, which DOD is undertaking to ensure the platform can further scale out across the department. – https://www.nextgov.com/artificial-intelligence/2024/11/dod-reveals-first-draft-15b-artificial-intelligence-contract/401301/?oref=ng-homepage-river
Will Musk’s ‘Algorithm’ reduce military inefficiency—or increase risk?
(Todd Harrison – Defense One – 26 November 2024) Following through on a campaign promise, president-elect Donald Trump recently appointed Elon Musk and Vivek Ramaswamy to co-lead an effort they are calling the Department of Government Efficiency, or DOGE. While it is not actually a government department, the entity is likely to prove influential within the Trump administration and the Republican-led Congress—at least initially. Its mandate is to cut federal spending, and Musk and Ramaswamy have made clear that the Pentagon is in their sights. “The Pentagon recently failed its seventh consecutive audit,” the co-leaders wrote in a recent Wall Street Journal op-ed, “suggesting that the agency’s leadership has little idea how its annual budget of more than $800 billion is spent.”. Previous DoD efficiency initiatives have tried, and largely failed, to trim spending. This time will be different, one could argue, because Elon Musk is involved. He has done things in industry, such as revolutionizing space launch and electric vehicles, that many thought were impossible. To achieve these unlikely feats, Musk developed a ruthless approach that he calls “The Algorithm.” As recounted in Walter Isaacson’s biography, the Algorithm consists of five sequential steps: 1) question every requirement; 2) delete any part or process you can; 3) simplify and optimize; 4) accelerate cycle time; 5) automate. As Musk tries his hand at public policy, can this approach work? Musk’s Algorithm has largely, and perhaps exclusively, been applied to high-technology and manufacturing-intensive sectors of industry. – https://www.defenseone.com/ideas/2024/11/will-musks-algorithm-reduce-military-inefficiencyor-increase-risk/401327/?oref=d1-homepage-top-story
France takes aim at unmanned systems, taking lessons from Paris Olympics
(Christina Mackenzie – Breaking Defense – 26 November 2024) “Attacks using swarms of armed, unmanned air systems is no longer just science fiction.”. That was the warning from Emmanuel Chiva, director of France’s defense procurement agency, at one of the nation’s largest defense expositions, Euronaval, hosted in Paris earlier this month. Since Chiva’s remarks Ukraine says it has suffered a wave of drone attacks from Russia, and Israel is bracing for a potential third barrage of drones and missiles fired by Iran. Meanwhile sea-based unmanned surface vessels (USVs) have struck both commercial and naval ships in the Red Sea, and Kyiv has managed to strike significant blows against Russia’s Black Sea fleet using the same kind of nascent technology. As such, defense against unmanned aerial and maritime systems was a key focus of this year’s Euronaval, where officials discussed what Paris was doing about the threat and industry players offered up their defensive systems as potential solutions. – https://breakingdefense.com/2024/11/france-takes-aim-at-unmanned-systems-taking-lessons-from-paris-olympics/