top cybersecurity news

Apple Bans ChatGPT for its Employees: Top Cybersecurity News from the Week of May 22nd

What’s in the paper for this week’s top cybersecurity news? As we have seen throughout this year, more and more focus is being brought to OpenAI’s revolutionary AI chatbot. At the same time, ransomware threats continue to grow as newly formed gangs are widening their target spectrum. From ChatGPT to BlackByte ransomware, here are this week’s top stories. 


Apple bans ChatGPT and Copilot for internal use

In a significant development, tech giant Apple has joined a growing list of companies, including Amazon and an array of major banks such as JPMorgan Chase, Bank of America, Citigroup, and Deutsche Bank, to ban the internal use of ChatGPT and similar technologies. The decision ironically coincides with the arrival of the chatbot to iOS as a mobile application.

Details of this corporate policy change were unveiled in a Wall Street Journal report yesterday, citing an internal Apple document. Echoing the apprehensions of several other corporations, Apple’s primary concern is the potential risk of AI-driven tools divulging sensitive internal information it may acquire during interactions.

Apple’s prohibitive measures have also encompassed GitHub’s automated coding tool, Copilot. Speculation has been rife regarding Apple’s future AI ambitions, with hints of the company possibly developing its own large language model (LLM) to compete with products like ChatGPT and Google Bard.

Furthermore, Apple isn’t the sole tech heavyweight to enforce such restrictions. Samsung, a prominent Apple competitor, also enacted a similar ban on ChatGPT twice due to incidents of inappropriate usage. After briefly lifting the ban on employee use of ChatGPT in March, Samsung had to reinstate it when Korean media reported instances of employees seeking the AI’s assistance in resolving source code bugs, improving software related to data acquisition, and converting meeting notes into minutes.

Issues around AI-powered chatbots like ChatGPT, Google Bard, and other LLM bots arise from their training process, which often uses the data fed into them. GCHQ, the UK’s intelligence agency, has issued warnings about this method, suggesting it could inadvertently lead to the leakage of confidential business information if the AI is queried with similar questions.


BlackByte ransomware targets a major city in Georgia

The city of Augusta, Georgia, appears to have become the latest casualty of a cyberattack, falling into the crosshairs of the notorious BlackByte ransomware group. This follows an announcement made by Augusta Mayor Garnett Johnson, alluding to a recent cyber “incident” that the city had experienced.

In an official statement released on Wednesday about the “network outage,” Mayor Johnson revealed that the city began experiencing “technical difficulties” on Sunday, May 21, which interrupted operations of some of the city’s computer systems.

“We commenced an investigation upon detecting unauthorised access to our system,” the mayor’s statement said. “Our Information Technology Department is actively working on probing the incident, determining its impact on our systems, and restoring full functionality as swiftly as possible.”

The city is concurrently looking into whether any data was compromised or stolen during the cyber breach. They committed to keeping the public informed as further details emerge.

Nevertheless, on Thursday, FOX54 reported that the city had actually fallen victim to a ransomware attack. The attackers, purportedly from the extortion group BlackByte, demanded a ransom of $50 million from the city. According to the news outlet, “several city officials” met with agents from the Federal Bureau of Investigation (FBI) to discuss this cyber crisis.

Upon reaching out to The Register, Augusta city officials declined to comment on the issue. However, they indicated that the mayor’s office would issue a new statement come Friday morning.


Ransomware targets a major school in Dorchester 

In a serious cybersecurity incident, Thomas Hardye School, Dorchester, has been left incapable of using its email system or accepting any form of digital payments after falling victim to a cyberattack.

Following the attack that occurred on Sunday, the school’s screens and systems have remained inaccessible, effectively locked down by the perpetrators. The cyber attackers accompanied their assault with a ransom demand, specifying payment through the clandestine channels of the dark web.

Despite this predicament, the school, which hosts over 2,000 students, affirmed its stance of not succumbing to the ransom demand. Instead, it is working diligently in conjunction with the National Cyber Security Centre and local law enforcement to alleviate the issue.

Crucial operations that hinge on the school’s server, such as cafeteria payments, record maintenance, and email communications, have been disrupted since the weekend. In light of this, the school has requested parents to establish communication via telephone.

In a message to parents, Headteacher Nick Rutherford assured that despite the technical difficulties, the school will continue to function, with necessary adaptations made to the teaching and learning processes.


Former IT Analyst admits to profiting from ransomware

A former IT security analyst at Oxford Biomedica, Ashley Liles, has admitted to orchestrating a scheme in which he aimed to divert ransom payments to himself during a cyberattack against his employer. This confession, coming five years post-incident, reveals a turn to unscrupulous actions that even involved exploiting his role in the company’s cyber defence.

Liles, a resident of Letchworth Garden City in Hertfordshire, England, entered a guilty plea at the Reading Crown Court on charges of blackmail and unauthorised access to a computer with intent to commit other offences. This came on May 17, following a detailed investigation by the South East Regional Organised Crime Unit (SEROCU).

The case dates back to February 27, 2018, when the Oxford-based gene and cell therapy company experienced a “security incident”. The unauthorised access was obtained to a segment of the company’s computer systems, following which the assailants demanded a ransom, later confirmed by authorities to be £300,000 in Bitcoin.

Liles, serving as a security analyst for Oxford Biomedica at the time, commenced investigating the incident along with his colleagues and law enforcement. However, a separate investigation by SEROCU soon discovered a clandestine agenda in play.


For more cybersecurity news, insights and analysis, follow Code Red on Twitter and LinkedIn.



Back to Knowledge Hub