The Cyber Why: What We Read This Week...
... and why you should too! (4/5/2023)
Right on, right on, right on. The Cyber Why is comin’ at you with another one of those bomb tracks. Still more AI and Terminators, but this week we also included a Star Trek callout. Tyler makes a joke using a 1990’s rap reference, and Rick claim’s that “ancient aliens” are building a crazy future in 2050. For the cyber people in the audience, we discuss the Vulkan Files and the ever-expanding definition of cybercrime. Grab your coffee and have a read… it’s time for The Cyber Why!
Infosec AI - The Good, The Bad … The Ugly?
AI Revolutionizes Infosec (Daniel Miessler)
Three Ways AI chatbots are a security disaster (MIT Technology Review)
Terminator Director James Cameron Fears AI Has Taken Oven and Will Spark Armageddon (Daily Star)
It’s been a theme now for a number of weeks. AI will dominate the software world. The primary issue with the efficacy of cybersecurity today is a lack of “context”. Specifically, an inability to see the big picture and make intelligent decisions using all available data. Until now, this required a human, and humans don’t scale. The cybersecurity world is being reinvented as we change from “data” to “context” as the “new oil.” The risk in AI in cybersecurity is in the shitty AI systems that are thrown together haphazardly, allowing for jailbreaking, prompt injection, assistant scams, phishing, and data poisoning to become rampant. Oh, and one last thing… James Cameron agrees with me - The Terminators are COMING!
Drama In The W-DC - Go Ask Mr. Joey B!
How Biden’s Anti-Hacking ‘Dream Team’ Was Undone by Internal Strife (Rick Pick - Bloomberg)
Bloomberg reported that Chris Inglis, America's first National Cyber Director, quit because of infighting with Deputy National Security Advisor Anne Neuberger. It's a shame, as the cybersecurity community respects Inglis and Neuberger. "Inglis accused Neuberger of withholding relevant information from his office and trying to undermine his efforts to draft the cyber strategy." Can't we all just get a long? The US has enough challenges dealing with foreign adversaries; we don't need domestic ones as well, but this is the nature of Washington's bureaucracy. <sigh> (Note: The title joke was Tyler’s - He’s old.. and so are his #dad-rap-jokes)
All-In Podcast Goes For a Two-Fer
The Give-to-Get Model for AI Startups (David Sacks)
2022 Annual Letter (Chamath Palihapitiya)
My favorite weekly show, The All-In Podcast, this week gave us a Two-Fer of superb content. First up, the most polarizing person on the show David Sacks, outlined how providing data to AI in return for a unit of product time would result in a perfect AI business model. No data, you pay. If you provide data, you get free service. The kicker? His post was written using AI assistance - pretty nifty. In addition to Sack’s generative AI ponderings, one of the other primary hosts, Chamath “I wear $2,000 sweaters” Palihpitiya released the Social Capital annual letter for 2022. What a fantastic analysis of markets, interest rates, risk-laden assets, and the rest of the insanity that was last year. If you read one thing this week, this should be it!
What Will 2050 Look Like - I Dunno… But ALIENS!
How the world will look in 2050, according to experts (Rick Pick - Daily Mail)
I'm a sucker for future tech stories, and even though the Daily Mail is a tabloid, I still like this story. The article discusses AI overlords, biohacking, personalized TV shows, AI glasses, and aliens (but not Ancient Aliens). Many of the predictions will likely happen well before 2050. The best news is that your mother-in-law could live forever. Side note: If you geek out on future tech too, check out one of my favorite books: "Soonish: Ten Emerging Technologies That'll Improve and/or Ruin Everything."
The Expanding Definition of “Cybercrime”
The World’s REAL Cybercrime Problem (Wired)
What is cybercrime? To us in the industry, it seems like such an easy question. But it’s not. It’s nuanced. In the United States, “cybercrime” means any illegal act involving a computer. Not just malware creation and distribution, network intrusions, or stealing data, but the current definition also seems to include squashing free speech, disinformation campaigns, and fake news. The breadth of the definition is VAST, resulting in add-on charges in many cases with nothing to do with cybercrime. Give this story a read - it’ll really get you thinking.
The "Vulkan Files" - Just a PINCH Of Content
A Look Inside Putin's Secret Plans for Cyber-Warfare (Rick Pick - DER SPIEGEL)
An "anonymous person" leaked over 5,000 pages of sensitive documents from Moscow-based contractor NTC Vulkan. The documents provide fascinating (get it?) insights into Russian cyberwarfare and disinformation strategies. NTC Vulkan built tools for Russia's premier intelligence agencies, the GRU, the SVR, and the FSB. You don't have to be omniscient to assess that a Western-aligned intelligence agency likely conducted the operation.
Nothing To See Here, Move Along
A third of organizations admit to covering up data breaches (Rick Pick - VentureBeat)
I don't know if I'm shocked by the statistic. Still, according to new research from cybersecurity vendor Bitdefender, "42% of IT and security professionals surveyed had been told to keep breaches confidential." Nearly a third of respondents "admitted to actually keeping a breach confidential instead of reporting it." I'm not a lawyer and don't play one on TV, but I wouldn't recommend that you try to cover up a breach. White-collar workers don't usually fare well in Cell Block 4. We all saw how well that idea worked out for Joe Sullivan and Uber. I tried to download the complete Bitdefender report, but it was gated, and I couldn't even be bothered to use a burner email to get it.
If you’ve made it this far, you either found our musings at least semi-entertaining, OR you enjoyed the pain and kept going regardless. No matter how you made it to this point, you should know that we appreciate you. Please do us a solid and share The Cyber Why with your friends. We would love to reach a bigger audience, and referrals are how we do it. Help us out, and we’ll see you next week!