Authorities in the United States, the United Kingdom and Australia this week named a Russian national as the person behind LockBitSupp, the pseudonym of the leader of the LockBit ransomware gang that the United States says is responsible for siphoning $500 million from its victims. Dmitry Yuryevich Khoroshev has been sanctioned and charged with 26 criminal counts in the United States, which combined could result in a prison sentence of 185 years. That is, if he is ever arrested and successfully prosecuted, an extremely rare event for suspects living in Russia.
Elsewhere in the world of cybercrime, WIRED’s Andy Greenberg interviewed a representative of Russia’s Cyber Army, a group of hackers who have attacked water companies in the US and Europe and are said to have ties to the notorious Russian military hacking unit known as Sandworm. The Russian Cyber Army’s responses were filled with pro-Kremlin talking points and some curious admissions.
An FBI deputy director has urged agency employees to continue using a massive foreign surveillance database to search the communications of “American persons,” drawing the ire of privacy and civil liberties advocates who fought unsuccessfully for such searches to require a court order. . Section 702 of the Foreign Intelligence Surveillance Act requires that the “targets” of the surveillance program be located outside the U.S., but text messages, emails, and phone calls from people in the U.S. They may be included in the database 702 if one of the parties involved in the communication is an outsider. An amendment that would have required the FBI to obtain a warrant for 702 records of American persons failed in a tie vote earlier this year.
Security researchers this week revealed an attack on VPNs that forces some or all of a user’s web traffic to be routed outside the encrypted tunnel, thereby negating the entire reason for using a VPN. Dubbed “TunnelVision,” the attack affects almost all VPN applications and researchers say the attack has been possible since 2022, meaning it may have already been used by malicious actors.
Thats not all. Each week, we round up the security and privacy news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.
Microsoft has developed an offline generative AI model designed specifically to handle top secret information for US intelligence agencies, according to Bloomberg. This system, based on GPT-4, is isolated from the Internet and can only be accessed through a dedicated US government network. William Chappell, Microsoft’s chief technology officer for strategic missions and technology, said Bloomberg that, theoretically, around 10,000 people could access the system.
Although spy agencies are eager to take advantage of the capabilities of generative AI, concerns have been raised about the possible inadvertent leak of classified information, as these systems typically rely on online cloud services for data processing. However, Microsoft claims that the model it created for the US government is “clean,” meaning it can read files without learning from them, preventing secret information from being embedded into the platform. Bloomberg noted that this is the first time that a major language model works completely offline.
Sky News reported this week that Britain’s Ministry of Defense was the target of a major cyberattack on its third-party payroll system. On Tuesday, UK Defense Secretary Grant Shapps told MPs that the payroll records of approximately 270,000 current and former military personnel, including their home addresses, had been accessed during the cyberattack. “State participation” cannot be ruled out, he stated.
While the government has not publicly identified a specific country involved, Sky News has reported that the Chinese government is suspected. China’s Foreign Ministry has denied the allegations, saying in a statement that it “firmly opposes and fights all forms of cyber attacks” and “rejects the political use of this issue to smear other countries.”
The payroll company, Shared Services Connected, had known about the breach for months before reporting it to the government, according to The Guardian.
The United States Marine Forces Special Operations Command (MARSOC) is testing robotic dogs that can be armed with artificial intelligence-enabled weapons systems. According to a report by The War Zone, AI weapons system maker Onyx Industries confirmed to reporters at a defense conference this week that up to two of MARSOC’s robot dogs, developed by Ghost Robotics, are equipped with its weapons systems.
In a statement to The War Zone, MARSOC clarified that the robot dogs are “under evaluation” and are not yet being deployed in the field. They noted that weapons are just one possible application of the technology, which could also be used for surveillance and reconnaissance. MARSOC emphasized that they are in full compliance with the US Department of Defense policies on autonomous weapons.
The US Marine Corps formerly Tested robotic dogs armed with rocket launchers..
Days after a hacker posted on BreachForums an offer to sell data of nearly 50 million Dell customers, the company began notifying its customers about a data breach on a company portal. According to the email sent to affected individuals, the leaked data contains names, addresses and information about the hardware purchased. “The information involved does not include financial or payment information, email address, phone number, or any highly confidential customer information,” the email to affected customers states.
