Thursday, March 03, 2022

Restraint or not part of the ‘re-fight the last war’ strategy?

https://www.lawfareblog.com/cyber-realism-time-war

Cyber Realism in a Time of War

It turns out that the next war was not fought in cyberspace after all. Or at least the start of it has not been.

There has been no shortage of predictions over the past two decades about the importance of the digital domain in conflict since John Arquilla and David Ronfeldt warned that “cyberwar is coming” in a Rand Corporation paper back in 1993. As recently as November 2021, British Prime Minister Boris Johnson remarked in a testy exchange with Tobias Ellwood, chairman of the committee of the House of Commons that oversees defense, that “the old concept of fighting big tank battles on the European land mass are over … there are other big things that we should be investing in … [like] cyber—this is how warfare of the future is going to be.”

Even those of us long skeptical about the mischaracterization of cyber operations and cyber risk as catastrophic weapons of destruction, rather than a still serious but quite different threat of chronic disruption and destabilization, have been surprised by just how little cyber operations have featured in the early part of the invasion. The Kremlin’s handful of serious cyberattacks on Ukraine ahead of and around the beginning of the invasion represents its long-standing campaign of cyber harassment of the country over the past decade, rather than a serious escalation of it. There seems to have been little effort, for example, to strike the core of Ukraine’s internet infrastructure. Instead, the missiles rain, and the soldiers and tanks roll in. Similarly, the actions of pro-Ukrainian actors in defacing and taking down Russian websites may embarrass the Kremlin but hardly merit the much misused term of “cyberwar.” (As yet unverified reports of a massive data leak of the personal data of Russian soldiers would be much more impactful if true).


(Related) Interesting that this was not Russian hackers leaking Ukrainian data.

https://www.csoonline.com/article/3652370/purported-massive-leak-of-russian-soldiers-data-could-sink-morale-digital-security.html#tk.rss_all

Purported massive leak of Russian soldiers' data could sink morale, digital security

In what security experts say is an unprecedented wartime leak, Ukrainian newspaper Ukrayinska Pravda published what it claims are the personal details of 120,000 Russian service personnel fighting in Ukraine. The nearly 6,000 pages of information, if accurate, contain names, registration numbers, and place of service for well over half of the estimated number of Russian soldiers who have invaded Ukraine.

The data was obtained by a Ukrainian think tank called The Center for Defense Strategies, which was created to monitor defense reforms and develop key government policies affecting Ukraine’s security and defense sector, with a particular focus on building independent analytical capabilities “at the level of the United States and Britain.[Suggesting we have the same access to Russian military records? Bob]

Thomas Rid, Professor of Strategic Studies at Johns Hopkins University's School of Advanced International Studies, said in a tweet that if the leak is confirmed as accurate, “we're probably looking at one of the best-timed and most devastating leaks of all time.” Elad Ratson, Former Israeli diplomat and an expert in the field of digital diplomacy and digital communications, tweeted that if the leak is valid, “This would mark the 1ˢᵗ use #doxing as a weapon of war in the history of warfare!”



You can trick/evade/befuddle AI only if it is poorly designed.

https://betanews.com/2022/03/03/malware-is-being-geared-to-evade-ai-based-defenses/

Malware is being geared to evade AI-based defenses

The latest Cyber Threat Landscape Report out this week from Deep Instinct reveals that bad actors are clearly investing in anti-AI and adversarial attack techniques and integrating these methods into their larger evasion strategy.

It also highlights a change in the way attacks are carried out and says we are now witnessing some groups opting to inflict maximum impact over a shorter time span. These short duration attacks are carried out with the goal of damaging data (its confidentiality and availability), destabilizing a business, and impairing business continuity.

This is in contrast to the earlier pattern of attackers looking to stay in a network for extended periods, stealing information, and avoiding detection from security solutions for as long as possible.



Solving the TL;DR problem.

https://fpf.org/blog/brussels-privacy-symposium-2021-report/

BRUSSELS PRIVACY SYMPOSIUM 2021 REPORT

On November 16, 2021, the Future of Privacy Forum (FPF) and the Brussels Privacy Hub of Vrije Universiteit Brussel (VUB) hosted the Brussels Privacy Symposium 2021 – The Age of AI Regulation: Global Strategic Directions.

A new report from FPF’s Sebastião Barros Vale, Katerina Demetzou and Lee Matheson summarizes and offers context to the discussions at the event.



Could it possibly be this simple?

https://hbr.org/2022/03/how-data-can-make-better-managers

How Data Can Make Better Managers

Courageous leaders move past their insecurities regarding emerging technologies, unfamiliar jargon in the boardroom, or modifications to their leadership style. They adopt an opportunity-oriented mindset by understanding how CLS boosts their performance. This does not mean you have to code in Python, but you must at least dip your toe in the digital water.

CLS allows businesses to better anticipate, address, mitigate, and even benefit from the tidal waves of disruption one’s organization is going to experience in the months and years ahead. This article addresses three examples for which CLS provides near- and long-term value.

Computational leadership science (CLS) is the next evolution, designed to fundamentally improve leadership by using simulations, network analysis, AI, and other computational approaches. It is at the intersection of trailblazing science and technology, well-established leadership research, and invaluable knowledge gleaned from practice.



Another round of “vetting” software targeting kids must undergo?

https://www.cnbc.com/2022/03/02/bipartisan-state-ags-investigating-tiktoks-impact-on-kids-and-teens.html

TikTok’s effects on kids and teens under investigation by states

TikTok is under investigation by a bipartisan group of state attorneys general to determine if the popular short-form video platform’s design, operations or promotion to young users negatively affects their physical or mental health.



Perspective.

https://www.axios.com/trump-blowing-truth-social-launch-c2d4f1f0-5440-478a-acfa-b9462b64568c.html

Trump's Truth Social bomb

Former President Trump is blowing the launch of his new social media company, via a series of unforced errors.


No comments: