cyber operation
Anthropic warns of AI-driven hacking campaign linked to China
A team of researchers has uncovered what they say is the first reported use of artificial intelligence to direct a hacking campaign in a largely automated fashion. The AI company Anthropic said this week that it disrupted a cyber operation that its researchers linked to the Chinese government. The operation involved the use of an artificial intelligence system to direct the hacking campaigns, which researchers called a disturbing development that could greatly expand the reach of AI-equipped hackers. "While we predicted these capabilities would continue to evolve, what has stood out to us is how quickly they have done so at scale," they wrote in their report. The operation was modest in scope and only targeted about 30 individuals who worked at tech companies, financial institutions, chemical companies and government agencies.
Countering Autonomous Cyber Threats
Heckel, Kade M., Weller, Adrian
With the capability to write convincing and fluent natural language and generate code, Foundation Models present dual-use concerns broadly and within the cyber domain specifically. Generative AI has already begun to impact cyberspace through a broad illicit marketplace for assisting malware development and social engineering attacks through hundreds of malicious-AI-as-a-services tools. More alarming is that recent research has shown the potential for these advanced models to inform or independently execute offensive cyberspace operations. However, these previous investigations primarily focused on the threats posed by proprietary models due to the until recent lack of strong open-weight model and additionally leave the impacts of network defenses or potential countermeasures unexplored. Critically, understanding the aptitude of downloadable models to function as offensive cyber agents is vital given that they are far more difficult to govern and prevent their misuse. As such, this work evaluates several state-of-the-art FMs on their ability to compromise machines in an isolated network and investigates defensive mechanisms to defeat such AI-powered attacks. Using target machines from a commercial provider, the most recently released downloadable models are found to be on par with a leading proprietary model at conducting simple cyber attacks with common hacking tools against known vulnerabilities. To mitigate such LLM-powered threats, defensive prompt injection (DPI) payloads for disrupting the malicious cyber agent's workflow are demonstrated to be effective. From these results, the implications for AI safety and governance with respect to cybersecurity is analyzed.
Towards an ontology of state actors in cyberspace
To improve cyber threat analysis practices in cybersecurity, I present a plan to build a formal ontological representation of state actors in cyberspace and of cyber operations. I argue that modelling these phenomena via ontologies allows for coherent integration of data coming from diverse sources, automated reasoning over such data, as well as intelligence extraction and reuse from and of them. Existing ontological tools in cybersecurity can be ameliorated by connecting them to neighboring domains such as law, regulations, governmental institutions, and documents. In this paper, I propose metrics to evaluate currently existing ontological tools to create formal representations in the cybersecurity domain, and I provide a plan to develop and extend them when they are lacking.
Russia's invasion could return focus on armor and artillery, away from AI and robotics
Russia's invasion of Ukraine could force governments with technologically advanced militaries to reevaluate their investments in areas such as robotics and artificial intelligence, creating a renaissance for spending on armor and artillery, a panel of military leaders said this week at the Eurosatory defense expo. Gen. Matthew Van Wagenen, the deputy chief of staff for operations at NATO's headquarters in Brussels, told attendees that Russia's shelling and force thus far in Ukraine could lead to a greater focus on "hard power." "Many fell asleep believing that the kind of warfare that we're seeing in the Ukraine right now would never [have] happened again in Europe," he said. "And here we are in 2022, and attrition warfare is going on in Western Europe again. And I think what it's going to force many governments to go back and look at is: What are those investments in defense that have been made or need to be made?"
AI Will Be a Double-Edged Sword in Future Cyber Conflicts
"Artificial Intelligence and machine learning … [are] foundational to the future of cybersecurity. We have got to work our way through how we're going to deal with this. It is not the if, it's only the when to me," Adm. Mike Rogers, former chief of the National Security Agency and U.S. Cyber Command, remarked in an interview. During his presidency, Barack Obama shared his concerns about an attacker using artificial intelligence (AI) to access launch codes for nuclear weapons. "If that's its only job, if it's self-teaching and it's just a really effective algorithm, then you've got problems," Obama said.
How cyber operations, social media and artificial intelligence are…
When Russia invaded Ukraine in February 2022, the images of tanks and troops amassing and then crossing the border could make it seem like little has changed in the world of warfare. However, as the fighting in Ukraine progressed it also became clear how conflicts today are developing in new and very different ways. Many of the images we have seen were captured by satellites in space or on mobile phones, and the sharing of these on social media has helped to shape public attitudes and been used to circumvent or undermine state-sponsored messaging. We have also seen hackers declare cyberwar on Russia. In the latest episode of the WORLD:we got this podcast series Dr Tim Stevens and Dr Kenneth Payne, who are both based in the School of Security Studies in our Faculty of Social Science & Public Policy, explore how cyber operations, social media and artificial intelligence are changing the face of war.
Secretive Pentagon research program looks to replace human hackers with AI
The Joint Operations Center inside Fort Meade in Maryland is a cathedral to cyber warfare. Part of a 380,000-square-foot, $520 million complex opened in 2018, the office is the nerve center for both the U.S. Cyber Command and the National Security Agency as they do cyber battle. Clusters of civilians and military troops work behind dozens of computer monitors beneath a bank of small chiclet windows dousing the room in light. Three 20-foot-tall screens are mounted on a wall below the windows. On most days, two of them are spitting out a constant feed from a secretive program known as "Project IKE." The room looks no different than a standard government auditorium, but IKE represents a radical leap forward. If the Joint Operations Center is the physical embodiment of a new era in cyber warfare -- the art of using computer code to attack and defend targets ranging from tanks to email servers -- IKE is the brains. It tracks every keystroke made by the 200 fighters working on computers below the big screens and churns out predictions about the possibility of success on individual cyber missions. It can automatically run strings of programs and adjusts constantly as it absorbs information. IKE is a far cry from the prior decade of cyber operations, a period of manual combat that involved the most mundane of tools.
Twilight of the Human Hacker – Center for Public Integrity
The Joint Operations Center inside Fort Meade in Maryland is a cathedral to cyber warfare. Part of a 380,000-square-foot, $520 million complex opened in 2018, the office is the nerve center for both the U.S. Cyber Command and the National Security Agency as they do cyber battle. Clusters of civilians and military troops work behind dozens of computer monitors beneath a bank of small chiclet windows dousing the room in light. Three 20-foot-tall screens are mounted on a wall below the windows. On most days, two of them are spitting out a constant feed from a secretive program known as "Project IKE." Join the Watchdog newsletter to hear about our latest ground-breaking investigation. The room looks no different than a standard government auditorium, but IKE represents a radical leap forward. If the Joint Operations Center is the physical embodiment of a new era in cyber warfare -- the art of using computer code to attack and defend targets ranging from tanks to email servers -- IKE is the brains. It tracks every keystroke made by the 200 fighters working on computers below the big screens and churns out predictions about the possibility of success on individual cyber missions. It can automatically run strings of programs and adjusts constantly as it absorbs information. IKE is a far cry from the prior decade of cyber operations, a period of manual combat that involved the most mundane of tools.