TechLetters #135 - Cyberwarfare in Ukraine. "Diplomat car advert" cyber tactic strikes again. Russia wants to prohibit cyber-attribution. Neural privacy not in scope of #GDPR. Aspartame carcinogenic.
Security
Cyberwarfare phases in Ukraine. Psychological effects sought, and for that sometimes Western media coverage has been exploited (even if without the awareness of the distributing media outlet).
Russia cyber intelligence service hijacked a BMW advert of a diplomat. Lowered its price, disseminates it at other embassies trying to spread malware. “The nature of service for professional diplomats is often one that involves a rotating lifestyle of short- to mid-term assignments at postings around the world. Ukraine presents newly assigned diplomats with unique challenges, being in an area of armed conflict between Russia and Ukraine.
Cyber-physical security white paper. Recommended, for those interested in the topic.
Russia announces a proposal for a information security treaty. Convention on Ensuring International Information Security. Another attempt. I don't think it has much chances this time either. They are against: cyber attribution, making available offensive cyber tools (so also security testing ones?), and “propaganda”. The drafting quality of this document looks to be extremely high. But I don’t think it has chances. It also penalised "unsubstantiated accusations by some States against other States of organizing and carrying out wrongful acts with the use of information and communications technologies, including computer attacks". In other words, Russia dislikes cyber attribution. Russia also dislikes placing tools for making cyberattacks (or: testing security of systems). But in general, they want to prohibit: cyberattacks, propaganda, disinformation, etc. However, the sole quality of drafting this proposal is extremely high. They sure know how to do this on the United Nations level of policy/politics. But I don't think it's going to be passed.
NATO reaffirms that cyberattacks may mean war. "Single or cumulative set of malicious cyber activities could reach the level of armed attack and could lead the North Atlantic Council to invoke Article 5 of the Washington Treaty". Also significant: "Today, we endorse a new concept to enhance the contribution of cyber defence to our overall deterrence and defence posture. It will further integrate NATO’s three cyber defence levels - political, military, and technical".
Germany has China Strategy. "Security in the Taiwan Strait is of crucial importance for peace and stability in the region and far beyond". "Espionage activities targeting Germany continue to increase, particularly in cyberspace".
UK Parliament intelligence committee opinion points to Chinese cyber operations. It also mentions close-access operations: "capability to deploy what are known as close-proximity technical operations ***. This is offensive technical activity that requires physical access or proximity to a target, whether to gain access to premises"
Privacy
European Commission approved a new data flow deal with U.S. Third one, refined this time. It is unclear what happens to organisations transferring data between 2020-2023.
Neurotechnology is advancing so fast that it threatens human rights. According to UNESCO, it requires global regulation. Problems for human identity, not just privacy, mental abilities. In 2023, the specific risk to neural privacy is not been in scope of any regulations, including the world-standard EU GDPR.
Technology Policy
China announces rules/standards for generative AI. It will bind ChatGPT, Bard, and others of the kind. AI must "Adhere to the core values of socialism, and must not generate incitement to subvert state power, overthrow the socialist system". "Where intellectual property rights are involved, the intellectual property rights enjoyed by others shall not be infringed".
Other
WHO labels aspartame a possible carcinogenic. The rest is up to consumers.
Small Python script using compression library (gzip) outperforms most advanced AI models. Nobody is surprised, except AI people? "Being parameter-free, our method doesn’t rely on GPU force but CPU resources only. Thus, it does not bring negative environmental impacts revolving around GPU".
In case you feel it's worth it to forward this content further:
If you’d like to share: