Similar Posts
SEOUL – Pro-Russia hacking groups have conducted cyberattacks against South Korea after North Korea dispatched troops to Russia to support its war against Ukraine, Seoul’s presidential office said on Friday.
The office held an emergency intra-agency meeting after detecting denial-of-service attacks on some government and private websites in recent days.
Some of the websites experienced temporary outages but there was no serious damage, it said, adding that the government will strengthen its ability to respond to such attacks.
“Cyber attacks by pro-Russian hacktivist groups on our country have occurred intermittently in the past, but have become more frequent since North Korea dispatched troops to Russia and participated in the Ukraine war,” the office said in a statement.
Seoul and Washington have said there are more than 10,000 North Korean soldiers in Russia, and U.S. officials and Ukraine’s defence minister said some of them have engaged in combat in Kursk, near the Ukraine border.
The new military cooperation between Pyongyang and Moscow has been condemned by South Korea, the United States and Western allies. Ukrainian President Volodymyr Zelenskiy said on Tuesday that the first battles between his country’s military and North Korean troops “open a new page in instability in the world.” REUTERS
MARYLAND – The director of the US National Security Agency on Nov 20 urged the private sector to take swift, collective action to share key details about breaches they have suffered at the hands of Chinese hackers who have infiltrated US telecommunications.
General Timothy Haugh, a four-star Air Force general who leads the NSA and Cyber Command, told Bloomberg News at the National Security Innovation Forum in Washington that public disclosure would help find and oust the hackers, as the US continues to try to understand a new spate of damaging mass breaches.
In calling for more disclosure, General Haugh didn’t identity specific companies.
General Haugh said he wants to provide a public “hunt guide” so cybersecurity professionals and companies can search out the hackers and eradicate them from telecommunications networks.
“The ultimate goal would be to be able to lay bare exactly what happened in ways that allow us to better posture as a nation and for our allies to be better postured,” he said, adding the US is reliant on industry to share insights into what happened on their own networks.
US authorities have confirmed Chinese hackers have infiltrated US telecommunications in what Senator Richard Blumenthal, a Connecticut Democrat, this week described as a “sprawling and catastrophic” infiltration. AT&T Inc, Verizon Communications Inc and T-Mobile are among those targeted.
Through those intrusions, the hackers targeted communications of a “limited number” of people in politics and government, US officials have said.
They include Vice-President Kamala Harris’ staff, president-elect Donald Trump and vice-president-elect JD Vance, as well as staffers for Senate Majority Leader Chuck Schumer, according to Missouri Republican Senator Josh Hawley.
Representatives of the Chinese government have denied the allegations.
China is “doing this on a scale en masse and as a national effort,” General Haugh said.
The US experience and response is more disjointed, given the limited reach of different law enforcement agencies and the dependence on information from the private sector. There are multiple investigations underway associated with the telecommunications breaches, he said.
“Everybody is in a slightly different place as it relates to Salt Typhoon,” General Haugh said, referring to Microsoft Corporation’s name for the group believed to be behind the telecommunications breaches.
Two cybersecurity experts who requested anonymity to speak freely have privately complained about the lack of information shared that could otherwise help them and others understand, find and tackle the hacks.
Detailed public disclosures would mean that even if some companies haven’t seen the intrusions yet, “they can begin to put countermeasures in place,” General Haugh said. It would also help other nations uncover and root it out too, General Haugh said.
“It’s going to take collective work,” he said, adding the “speed” with which everyone collaborates is a key step. BLOOMBERG
“Singapore Issues New Guidelines to Protect Businesses from AI Security Risks”
SINGAPORE – Rogue chatbots that spew lies or racial slurs may be just the beginning, as maliciously coded free chatbot models blindly used by businesses could unintentionally expose sensitive data or result in a security breach.
In new guidelines published on Oct 15, Singapore’s Cyber Security Agency (CSA) pointed out these dangers amid the artificial intelligence (AI) gold rush, and urged businesses to test what they plan to install rigorously and regularly.
This is especially crucial for firms that deploy chatbots used by the public, or those linked to confidential customer data.
Frequent system tests can help weed out threats like prompt injection attacks, where text is crafted to manipulate a chatbot into revealing sensitive information from linked systems, according to the newly published Guidelines on Securing AI Systems .
The guidelines aim to help businesses identify and mitigate the risks of AI to deploy them securely. The more AI systems are linked to business operations, the more they should be secured.
Announcing the guidelines at the annual Singapore International Cyber Week (SICW) at the Sands Expo and Convention Centre on Oct 15, Senior Minister and Coordinating Minister for National Security Teo Chee Hean said the manual gives organisations an opportunity to prepare for AI-related cyber-security risks while the technology continues to develop.
Mr Teo said in his opening address that managing the risks that come with emerging technology like AI is an important step to build trust in the digital domain. He urged the audience to learn lessons from the rapid rise of the internet.
“When the internet first emerged, there was a belief that the ready access to information would lead to a flowering of ideas and the flourishing of debate. But the internet is no longer seen as an unmitigated good,” he said, adding that there is widespread recognition that it has become a source of disinformation, division and danger.
“Countries now recognise the need to go beyond protecting digital system to also protecting their own societies,” he said. “We should not repeat these mistakes with new technologies that are now emerging.”
The ninth edition of the conference is being held between Oct 14 and 17 and features keynotes and discussion panels by policymakers, tech professionals and experts.
AI owners are expected to oversee the security of AI systems from development, deployment to disposal, according to CSA’s guidelines, which do not address the misuse of AI in cyber attacks or disinformation.
In a statement released on Oct 15, CSA said: “While AI offers significant benefits for the economy and society… AI systems can be vulnerable to adversarial attacks, where malicious actors intentionally manipulate or deceive the AI system.”
Organisations using AI systems should consider more frequent risk assessments than with conventional systems to ensure tighter auditing of machine learning systems.
WASHINGTON – A previously confidential directive by Biden administration lawyers lays out how military and spy agencies must handle personal information about Americans when using artificial intelligence, showing how the officials grappled with trade-offs between civil liberties and national security.
The results of that internal debate also underscore the constraints and challenges the government faces in issuing rules that keep pace with rapid advances in technology, particularly in electronic surveillance and related areas of computer-assisted intelligence gathering and analysis.
The administration had to navigate two competing goals, according to a senior administration official Joshua Geltzer, the top legal adviser to the National Security Council, “harnessing emerging technology to protect Americans, and establishing guardrails for safeguarding Americans’ privacy and other considerations”.
The White House last month held back the four-page, unclassified directive when President Joe Biden signed a major national security memo that pushes military and intelligence agencies to make greater use of AI within certain guardrails.
After inquiries from The New York Times, the White House has made the guidance public. A close read and an interview with Mr Geltzer, who oversaw the deliberations by lawyers from across the executive branch, offers greater clarity on the current rules that national security agencies must follow when experimenting with using AI.
Training AI systems requires feeding them large amounts of data, raising a critical question for intelligence agencies that could influence both Americans’ private interests and the ability of national security agencies to experiment with the technology.
When an agency acquires an AI system trained by a private sector firm using information about Americans, is that considered “collecting” the data of those Americans?
The guidance says that does not generally count as collecting the training data – so those existing privacy-protecting rules, along with a 2021 directive about collecting commercially available databases, are not yet triggered.
Still, the Biden team was not absolute on that question. The guidance leaves open the possibility that acquisition might count as collection if the agency has the ability to access the training data in its original form, “as well as the authorisation and intent to do so.” NYTIMES
Australia’s ban on children under 16 using social media has sparked global conversations about online safety and youth development (Australia’s world-first social media ban for kids under 16 attracts mixed reaction, Nov 29).
While the intentions behind this policy – protecting children from cyber bullying, exploitation and harmful content – are commendable, it raises critical questions about balance, enforcement and unintended consequences.
As a 14-year-old teenager who does not use social media, I can see both sides of the argument.
On the one hand, platforms like Instagram, TikTok and Discord can be overwhelming, exposing young users to unhealthy comparisons, misinformation and even predatory behaviour.
Many parents and educators worry about the long-term effects of excessive screen time, often spent on social media platforms, on mental health and academic performance.
On the other hand, outright bans overlook the positive aspects of social media. For many teens, these platforms are a lifeline for creative expression, activism and staying connected, especially in an increasingly digital world.
Moreover, enforcing such a law could be challenging, as children are often tech-savvy enough to find workarounds.
Rather than outright bans, a better solution might involve empowering young users through digital literacy education. Teaching children how to navigate online spaces safely, recognise misinformation and manage screen time could address the root problems without cutting children off from valuable opportunities.
Singapore can learn from Australia’s debate as we navigate our own challenges with digitalisation. Instead of waiting for government intervention, schools, families and tech companies should work together to create a safer online environment while respecting the voice and agency of young people.
The internet isn’t going anywhere, and neither are we. Let us try to work together to ensure we can use it wisely.
Avishi Gurnani, 14
Secondary 2
WASHINGTON – Members of former U.S. President Donald Trump’s family and officials from the Biden administration were among those targeted by China-linked hackers who were able to break into telecommunications company systems, the New York Times reported on Tuesday, citing people familiar with the matter.
The Times said State Department officials, Trump family members including Eric Trump and Jared Kushner, and prominent Democrats including Senate majority leader Chuck Schumer were among those targeted by the spies.
Concerns about the hacking group have grown since media reports disclosed its activities last month.
On Oct. 6, the Wall Street Journal reported that the group, nicknamed “Salt Typhoon”, had accessed the networks of broadband providers and obtained information from systems the federal government uses for court-authorized wiretapping.
The State Department, as well as aides for Trump family members, did not immediately respond to Reuters’ questions. The White House, the National Security Agency, and the cybersecurity watchdog agency CISA did not immediately return messages. A Schumer aide did not immediately reply to an email. The Chinese Embassy in Washington did not immediately respond to an email, although Beijing routinely denies being behind cyberespionage campaigns. REUTERS