Governments could already be plotting to make use of brand new tech, including drones adapted into missiles, fake videos and auto-hacking tools, the Malicious Use of Artificial Intelligence report warns.
Within five years AI could “go rogue” and be utilized by criminals. Lifelike videos and speech impersonation could be used to target individuals, while drones could be launched to physically attack a person, the report says.
Miles Brundage, research fellow at Oxford University’s Future of Humanity Institute, said: “AI will alter the landscape of risk for citizens, organisations and states — whether it’s criminals training machines to hack or ‘phish’ at human levels of performance or privacy-eliminating surveillance, profiling and repression — the full range of impacts on security is vast.
“It is often the case that AI systems don’t merely reach human levels of performance but significantly surpass [them].
“It is troubling, but necessary, to consider the implications of superhuman hacking, surveillance, persuasion, and physical target identification, as well as AI capabilities that are subhuman but nevertheless much more scalable than human labour.”
The 100-page report has contributors including digital rights group OpenAI, The Electronic Frontier Foundation and the Center for a New American Security, a national security think-tank.
It warned advances may include speech synthesis to impersonate targets, facial recognition software being widely available and lifelike videos for political manipulation.
Dr Seán Ó hÉigeartaigh, executive director of the Centre for the Study of Existential Risk and one of the co-authors, added: “Artificial intelligence is a game changer and this report has imagined what the world could look like in the next five to 10 years.
“We live in a world that could become fraught with day-to-day hazards from the misuse of AI and we need to take ownership of the problems — because the risks are real.
“There are choices that we need to make now, and our report is a call to action for governments, institutions and individuals across the globe.
“For many decades hype outstripped fact in terms of AI and machine learning. No longer. This report looks at the practices that just don’t work anymore — and suggests broad approaches that might help: for example, how to design software and hardware to make it less hackable — and what type of laws and international regulations might work in tandem with this.”
A top US security firm is cautioning American politicians about a North Korean elite hacking group’s capability to engage in a cyber-war with the United States.
The elite hacking group called Reaper, which is also known as ACT37, has reached the level of “advanced persistent threat,” according to a Tuesday report by American cybersecurity company FireEye.
“APT37 has expanded its operations in both scope and sophistication,” the company warned.
It further claimed that the group has been active “since at least 2012 and focuses on targeting the public and private sectors primarily in South Korea.”
FireEye’s director of intelligence analysis, John Hultquist, told Wired, that the group is “the next team to watch.”
“This operator has continued to operate in a cloud of obscurity, mostly because they’ve stayed regional. But they’re showing all the signs of a maturing asset that’s commanded by the North Korean regime and can be turned to any purpose it wants,” Hultquist claimed. “They’re making moves outside of South Korea, which is very disconcerting, given their level of aggression.”
The report was released amid growing tensions between the US and North Korea as well as a war of words between the two countries’ leaders, Donald Trump and Kim Jong-un.
‘Come springtime, war breaks out’
Meanwhile, Fox News, the US president’s favorite news channel, published a report on its website, predicting a war between the two nuclear powers “by April.”
“Know this: come springtime, the United States and North Korea could very well find itself at war as tensions are set to spike once more,” Fox News reported.
This is while efforts have recently been underway for a diplomatic solution on the Korean Peninsula, in part through the Winter Olympics held in South Korea.
Nukes, North Korea’s ‘last resort’
There are also concerns that Washington may launch a preemptive nuclear strike against the resolute nation, a move described as “extremely foolish,” by Keith Preston, the director of attackthesystem.com.
“The North Koreans may have nuclear capabilities but the real question is to what degree do they have incentives to actually use any weapons of mass destruction,” he told Press TV in an interview on Tuesday, arguing it would be “their last resort.”
He further asserted that Pyongyang is using its nuclear power merely as a “bargaining chip,” predicting that North Korea’s use of such weapons is “a bit far-fetched.”
Tensions heightened between the two countries after Trump warned to “totally destroy” North Korea during a speech to the latest UN General Assembly.
Even the Trump administration, the Virginia-based analyst noted, would probably “prefer to avoid direct military confrontation with North Korea because the consequences for the United States would be significant.”
Hypocrites! The only reason the US is going after Kaspersky is because he divulged that the terrifying Suxnet virus, which attacked Iran’s nuclear program, was made by Americans and Israelis.
The whole situation around the US ban on the use of Kaspersky Lab antivirus products by federal agencies “looks very strange,” Kaspersky told Germany’s Die Zeit daily, adding that the whole issue in fact lacks substance. “It was much more hype and noise than real action,” he said.
Kaspersky then explained that the US authorities ordered all governmental agencies to remove all the company’s software from their computers, even though “we had almost zero installations there.” With little real need for such measures, they were apparently aimed at damaging the company’s reputation.
“It seems that we just do our job better than others and that made someone very disappointed,” Kaspersky said of the motives behind the US government’s move. “It seems that we detected some unknown or probably very well-known malware that made someone in the US very disappointed.”
At the same time, he stressed that his company does not collect “any sensitive personal data,” not to mention any classified documents, adding that the only data Kaspersky Lab is hunting for is “new types of malware, unknown or suspicious apps.”
The Russian cybersecurity company was indeed accused by the US media of using its software to collect the NSA technology for the Russian government – something that Kaspersky Lab vehemently denied.
According to US media reports in October 2017, an employee from the National Security Agency (NSA) elite hacking unit lost some of the agency’s espionage tools after storing them on his home computer in 2015. The media jumped to blame Kaspersky Lab and the Kremlin.
Following the reports, the company conducted an internal investigation and stumbled upon an incident dating back to 2014. At the time, Kaspersky Lab was investigating the activities of the Equation Group – a powerful group of hackers that later was identified as an arm of the NSA.
As part of Kaspersky’s investigation, it analyzed information received from a computer of an unidentified user, who is alleged to be the security service employee in question. It turned out that the user installed pirated software containing Equation malware, then “scanned the computer multiple times,” which resulted in antivirus software detecting suspicious files, including a 7z archive.
“The archive itself was detected as malicious and submitted to Kaspersky Lab for analysis, where it was processed by one of the analysts. Upon processing, the archive was found to contain multiple malware samples and source code for what appeared to be Equation malware,” the company’s October statement explained.
The analyst then reported the matter directly to Eugene Kaspersky, who ordered the company’s copy of the code to be destroyed.
On Thursday, Kaspersky Lab issued another statement concerning this incident following a more extensive investigation. The results of the investigation showed that the computer in question was infected with several types of malware in addition to the one created by Equation. Some of this malware provided access to the data on this computer to an “unknown number of third parties.”
In particular, the computer was infected with backdoor malware called Mokes, which is also known as Smoke Bot and Smoke Loader. It is operated by an organization called Zhou Lou, based in China.
Kaspersky Lab, a world leader in cybersecurity founded in Moscow in 1997, has been under pressure in the US for years. It repeatedly faced allegations of ties to the Kremlin, though no smoking gun has ever been produced.
In July, Kaspersky offered to hand over source code for his software to the US government, but wasn’t taken up on the offer. In October, the cybersecurity company pledged to reveal its code to independent experts as part of an unprecedented Global Transparency Initiative aimed at staving off US accusations.
Kaspersky has been swept up in the ongoing anti-Russian hysteria in the US, which centers on the unproven allegations of Russian meddling in the 2016 presidential elections. In September, the US government banned federal agencies from using Kaspersky Lab antivirus products, citing concerns that it could jeopardize national security and claiming the company might have links to the Kremlin. Eugene Kaspersky denounced the move as “baseless paranoia at best.”
Even as Kaspersky Lab is offering its cooperation to US authorities, on Thursday, WikiLeaks published source code for the CIA hacking tool “Hive,” which was used by US intelligence agencies to imitate the Kaspersky Lab code and leave behind false digital fingerprints.
The US might be targeting Kaspersky Lab in its witch hunt because the company might be able to disprove American allegations against Russia, experts told RT. “We have Kaspersky saying, ‘We can do this. We can prove some of these hacks are not Russian, they are American,’ when it comes to the presidential elections. And so they needed to discredit them,” former MI5 analyst Annie Machon said.
The campaign against the Russian cybersecurity firm could go back as early as to 2010, when Kaspersky Lab revealed the origin of the Stuxnet virus that hit Iran’s nuclear centrifuges, she told RT. Back then, Kaspersky Lab stated that “this type of attack could only be conducted with nation-state support and backing.” Nobody claimed responsibility for the creation of the malware that targeted Iran. However, it is widely believed that the US and Israeli intelligence agencies were behind Stuxnet.
Oct 4, 2017
National Geographic (2008)
Web Warriors is a documentary about the vulnerability of major computer-controlled power, communication, transport and military grids to attacks by hackers, viruses and worms that have the potential to bring regional and national economies to a standstill.
The goal of the film is to confront viewers with the stark reality that the Internet was never designed to be secure. The World Wide Web was never designed to be an engine of commerce or to safeguard bank and other financial data. At present, it’s still virtually impossible to design a 100% secure computer network.
The video opens by exploring the likelihood that the August 24 blackout that shut down the eastern US and Canada for two days in August 2003 was most likely caused by a computer worm attack, rather than a “programming error,” as claimed by company officials.
It goes own to identify other Fortune 500 companies shut down at various times by hackers, including Yahoo, Ebay, Dell, CNN, Amazon, Amtrak and Air Canada. Most companies try to cover up incidents of cybercrime so as not to alarm their shareholders or customer base.
Microsoft’s monopoly on the operating systems used in commercial computer networks (ie they all use Windows) significantly increases their vulnerability to hacking, viruses and worms.*
*This was seen recently in the critical infrastructure in countries all over the world shut down by the May 2017 WannaCry Ransomware attack. See WannaCry Ransomware Everything You Need to Know
Aug 20, 2017
The threat of cyberterrorism has competed for centre stage in American politics with fears of “Russian hackers” disrupting everything from elections to electrical grids. And yet as US policymakers wield threats of cyberterrorism to promote a long and growing list of countermeasures and pretexts for expanding its conflict with Moscow, it is simultaneously promoting very real cyberterrorism globally.
Worst of all, it does so under the guise of “activism.”
The Carnegie Endowment for International Peace recently published a paper titled, “Growing Cyber Activism in Thailand.”
In it, readers may have expected a detailed description of how independent local activists were using information technology to inform the public, communicate with policymakers and organise themselves more efficiently.
Instead, readers would find a list of US-funded fronts posing as “nongovernmental organisations” (NGOs) engaged in subversion, including attacks carried out against Thai government websites aimed at crippling them, the dumping of private information of ordinary citizens online and coercing policymakers into adopting their foreign-funded and directed agenda.
The paper cites petitions created by the US-funded Thai Netizen Network on the US-based petition site, Change.org as well as distributed denial of service attacks (DDoS) aimed at crippling essential government websites, a campaign defended by US-funded Thai Netizen as being “virtual civil disobedience.”
The paper would claim (our emphasis):
The most innovative countermeasure was a series of Distributed Denial of Service (DDoS) attacks: an anonymous group, Thailand F5 Cyber Army, declared a cyberwar on the Thai government by encouraging netizens to visit listed official websites and continuously press F5 on their keyboards to refresh the pages. The goal was to overwhelm web servers and cause a temporary collapse of the websites of the Ministry of Defense, Ministry of Information and Communication Technology, Government House of Thailand, National Legislative Assembly, and Internal Security Operations Command. The group disseminated detailed instructions on the operation to its anonymous activists. It then demanded that the junta cancel its Single Gateway proposal.
Most of the attacks were successful. Activists wanted to demonstrate the government’s technological ineptitude and its lack of capacity to manage the Single Gateway. Arthit Suriyawongkul, coordinator of the Thai Netizen Network, described the campaign as virtual civil disobedience—an online version of the nonviolent resistance practiced by civil rights groups in the United States.
In another case, an activist group called Anonymous launched a #BoycottThailand campaign on Twitter and reportedly hacked government websites, snatched confidential information from official databases, and shared it online.
The Thai Netizen Network is funded by the US State Department via the National Endowment for Democracy (NED) subsidiary, Freedom House, as well as convicted financial criminal George Soros’ Open Society and a number of other foreign governments and corporate-funded foundations.
The role of a foreign-funded front coordinating efforts to undermine Thailand’s national security, including promoting cyberterrorism as “civil disobedience,” carries with it many implications. That the US is the foreign state promoting these activities in Thailand, undermines its own efforts to define and combat cyberterrorism back home.
What is Cyberterrorism?
Cyberterrorism is described on the United States Federal Bureau of Investigation’s (FBI) website as:
…the use of computer network tools to shut down critical national infrastructures (e.g., energy, transportation, government operations) or to coerce or intimidate a government or civilian population.
Attacking government websites millions of people across Thailand depend on for information and services while pilfering the personal information of thousands of ordinary citizens clearly fits the definition of not only cyberterrorism because of the political motivations involved, but also malicious criminality in general.
Unlike alleged Russian hacks which divulged emails detailing impropriety among American politicians, the information pilfered by US-backed hackers in Thailand included the personal information of millions of ordinary citizens using government services as part of their daily lives.
Bangkok Post would fill in the missing information intentionally omitted from the Carnegie Endowment paper, reporting that:
Files posted by Anonymous and examined by the Bangkok Post appear to be from the court system, as the Anonymous posters claimed.
An SQL database file of 1.1 gigabytes contains thousands of names, ID card numbers, photos, email addresses, personal phone numbers and more — all in clear text.
By dumping this information online, US-backed hackers targeted ordinary citizens, jeopardising their privacy and exposing them to criminal elements the world over involved in identity theft.
US Cyberterrorism is not “Activism”
The Carnegie Endowment paper itself was drafted by Janjira Sombatpoonsiri, assistant professor of political science at Thammasat University, Thailand. She is also cited as a member of the Carnegie Endowment’s Civic Activism Network. Not only is she an active, contributing member of Thailand’s foreign-backed opposition, she is admittedly involved in a foreign think-tank funded by foreign corporate interests.
The Carnegie Endowment includes among its sponsors in its 2016 annual report; the US government, pharmaceutical giants including Gilead, petrochemical monopolies including Chevron, British Petroleum and Shell, defence contractors including Lockheed Martin and several automakers including Ford.
Like many other episodes of extraterritorial political interference up to and including military intervention, America’s meddling in Thailand is done on behalf of corporate interests seeking to expand their respective and collective hegemony both regionally in Asia vis-a-vis Beijing, and globally. This interference is done under the cover of rights advocacy, both by the think tanks and foundations funding it and those in Thailand receiving foreign cash.
The US use of cyberterrorism in Thailand and beyond should come as no surprise. It augments already ongoing efforts by US-backed opposition in Thailand to destabilise and upend Thailand’s political order which has included armed terrorism.
Most recently, a string of bombings plagued Bangkok, including one targeting a hospital. At various junctures during Thailand’s political conflict, foreign-backed opposition has brought militants into the streets. In 2010, nearly 100 would die over the course of several weeks, culminating in citywide arson leaving areas of Thailand’s capital, Bangkok, resembling a war zone.
To see US-sponsored authors attempting to promote cyberterrorism as “activism” in Thailand also comes as no surprise. When Thailand’s opposition carries out armed terrorism, US-sponsored media and policy think tanks often attempt to spin it as well. Other forms of more traditional subversion are also regularly defended by the US and its myriad fronts posing as rights advocates as “activism.”
Understanding that it is not “activism,” but by America’s own very definition, cyberterrorism, helps disarm this malicious campaign posing as “civil disobedience” and “activism,” and allows nations like Thailand to defend themselves through enhanced technological security measure as well as legislation.