
AI Sparks Major Concerns for Security Leaders: Top Cybersecurity News from the Week of May 1st
What’s in the paper for this week’s top cybersecurity news? Artificial Intelligence (AI) has been the major focus of headlines this week, as world leaders and security professionals are increasingly pushing for more scrutiny over this new generation of AI tools.
Here are the most notable cybersecurity news and events from the week:
FTC addresses AI sector challenges amid growing concerns
On May 3rd, Federal Trade Commission (FTC) Chair Lina Khan assured the public that the FTC is prepared to tackle the complex issues surrounding the artificial intelligence (AI) sector. These issues include collusion, monopolisation, mergers, price discrimination, and unfair methods of competition. The rise of AI technology has also introduced significant cybersecurity challenges.
The interest in AI systems, which can exhibit unpredictable behaviour, has surged recently. Many potential problems have been overlooked for decades, but AI is now facing legal battles similar to those experienced by other emerging technologies.
This shift began with a data breach at ChatGPT. On March 24, the company disclosed that during a nine-hour window, some users had been able to access other users’ personal information, including names, email addresses, payment addresses, and partial credit card information. Over a million users were affected by the breach.
In response, an open letter called “Pause Giant AI Experiments (for six months)” gained traction, amassing signatures from more than 27,000 technologists. A complaint was filed with the FTC, claiming that ChatGPT posed a risk to privacy and public safety. Additionally, Italy’s data protection authority banned the platform due to data privacy concerns.
President Biden addresses AI safety concerns with tech leaders
On Thursday, President Joe Biden met with the CEOs of leading artificial intelligence (AI) companies, including Microsoft and Alphabet’s Google, emphasising the importance of ensuring product safety before deployment.
Generative AI has gained significant attention this year, with applications such as ChatGPT becoming increasingly popular among the public. This surge in interest has prompted numerous companies to develop similar products, which they believe will revolutionise the way people work.
As millions of users test these tools, advocates argue that AI can diagnose medical conditions, write screenplays, craft legal briefs, and debug software. However, growing concerns have arisen about potential privacy violations, biased employment decisions, and the facilitation of scams and misinformation campaigns.
President Biden, who has personal experience using ChatGPT, urged the executives to address the current and potential risks that AI poses to individuals, society, and national security, according to a White House statement.
American College endures cyberattack amid increasing hostilities
Following a major victory last month in which a federal judge ruled in favour of the American College of Pediatricians (ACPeds) and halted the Food and Drug Administration’s approval of mifepristone, a drug used in chemical abortions, the organisation faced a damaging cyberattack. News of the hack was subsequently leaked to an adversarial journalist in an attempt to tarnish the organisation’s reputation.
Since the U.S. Supreme Court overturned Roe v. Wade last year, pro-life institutions and individuals have experienced a series of sustained attacks. Incidents include the vandalism of pregnancy resource centres by the militant group Jane’s Revenge, the FBI arrest of pro-life father Mark Houck in Pennsylvania, and a planned assassination attempt on Justice Brett Kavanaugh by a pro-abortion individual.
The recent cyberattack on ACPeds serves as a stark reminder that these relentless assaults show no signs of diminishing.
Avos ransomware gang attacks Bluefield University
The Avos ransomware group recently targeted Bluefield University’s emergency broadcast system, “RamAlert,” sending SMS texts and email alerts to students and staff, notifying them of stolen data that would soon be released. Bluefield University, a small private institution located in Bluefield, Virginia, has around 900 students enrolled.
On April 30th, the university informed students and staff of a cyberattack that impacted its IT systems, resulting in the postponement of all examinations. At the time, the university stated that its investigation had not uncovered any instances of financial fraud or identity theft connected to the incident.
Bluefield University reassured its community that faculty and students could safely use and access MyBU, Canvas, and library resources through the university’s website.
Ex-Uber CSO receives sentencing
On Thursday, a U.S. federal judge sentenced former Uber Chief Security Officer Joe Sullivan to three years of probation following a high-profile conviction last year for his mishandling of a data breach. U.S. District Judge William Orrick, of the Northern District of California, decided against prison time for Sullivan during a tense hearing that involved in-depth discussions on the proper conduct of cybersecurity executives during law enforcement investigations.
A federal jury found Sullivan guilty of two charges related to his attempt to conceal a 2016 security breach at Uber. In the incident, hackers accessed the personal details of 57 million customers and the private information of 600,000 Uber drivers.
For more cybersecurity news, insights and analysis, follow Code Red on Twitter and LinkedIn.