Menu Close

Cyber Newsletter (#4) – December 2023

Israel uses AI system “the Gospel” to generate bombing targets


As part of their airstrike operations in Gaza, the Israel Defense Forces have been using a controversial AI-enabled decision support system named Habsora, or “the Gospel”. The Gospel assists the IDF’s target division to rapidly generate targeting recommendations based on vast surveillance data sets, with human operators still retaining the ultimate decision to engage. The IDF seems to have resorted to the Gospel as a result of the depletion of viable targets during previous Gaza operations. With senior Hamas officials often retreating to tunnels at the onset of offensives, the Gospel enables the IDF to target a broader range of lesser-known “junior” operatives. The IDF asserts that the Gospel enhances the accuracy of strikes, thereby minimizing civilian casualties. However, experts point out a lack of substantial evidence supporting these claims, warning against automation biases and violation of International Humanitarian Law, particularly concerning the principle of proportionality.

AI Act: the European Union agreed on a pioneering approach to regulating artificial intelligence


After more than twenty four hours of debate, the representatives of the European institutions agreed on a final version of the AI Act. The Act presents a risk-based approach with four levels associated with different obligations. Systems deemed unacceptable such as social scoring or mass surveillance are banned in the EU and “high-risk” systems are subject to strict requirements. As regards the controversial subject of frontier AI models GPAI, the EU representatives agreed on only imposing obligations on high-impact GPAIs. The other models would be encouraged to adopt non-binding best practices. The AI Act is due to come into force in 2025 and will make it possible to impose financial penalties of up to seven percent of the company revenue. European citizens will also be able to take action against illegal uses.

New York Times Files Landmark Lawsuit Against OpenAI and Microsoft Over AI Copyright Infringement


On December 27, 2023, The New York Times filed a lawsuit accusing OpenAI and Microsoft of using the Times’s copyrighted content to train their large language models without permission. The Times alleges that OpenAI and Microsoft used millions of their articles to train their chatbots, which are now used to generate text, translate languages, and answer questions. The Times is seeking damages and an injunction to prevent OpenAI and Microsoft from using its copyrighted content. This lawsuit raises important questions about the use of copyrighted material in the development of artificial intelligence and could have significant implications for the future of the news industry.

The European Union initiates a “formal investigation” against social network X


The European Commission initiated a “formal investigation” against X for alleged breaches of the DSA, the first since the regulation has come into force. Investigations will focus particularly on “the dissemination and amplification of illegal content and disinformation in the EU”, explained Thierry Breton. Since its acquisition by Elon Musk, the platform has relaxed its rules on disinformation and reduced its moderation teams. This procedure will enable the Commission to take binding measures against X, with penalties of up to 6% of the group’s worldwide revenue or, in the most serious cases, a ban on the platform on European soil.

The European institutions finalise an agreement on the “Cyber Resilience Act” 


European Union policy makers reached a political agreement on the “Cyber Resilience Act” (CRA) on November 30th. The primary objective of the CRA is to establish security requirements for a wide array of connected devices, ranging from intelligent toys to industrial machinery. Manufacturers of these connected devices will be prohibited from marketing their products if they are aware of significant vulnerabilities. Furthermore, they are obligated to report security incidents and actively exploited vulnerabilities to the authorities. Notifications must be sent simultaneously to the competent CSIRT and to ENISA through a unified platform. However, information shared with ENISA may be subject to restrictions for security reasons.

EU cybersecurity about to be considerably enhanced thanks to the “EU Cyber Solidarity Act”


On December 20th, the EU Member States reached a consensus on the “Cyber Solidarity Act” to enhance the EU’s collective cybersecurity capabilities. The act introduces a “European cyber shield”, through national and cross-border security operations centers (SOCs) responsible for detecting and sharing warnings on cyber threats. The draft proposes a system for cyber emergencies, a cybersecurity reserve and financial aid to assist member states during significant cybersecurity incidents. Council amendments refined terminology, highlighted the voluntary nature of member state participation and strengthened the role of ENISA. With a budget of €1.1 billion, largely funded by the EU through the “Digital Europe program”, the legislation aims to bolster the EU’s overall cyber resilience. The act will now enter negotiations with the European Parliament.

Alliance in fighting against North Korea cybercrime 

US, Japan & South Korea 

Japan, the United States, and South Korea have joined forces to combat North Korean cybercriminal activities, targeting funding streams for the country’s alleged “illegal” nuclear and ballistic missile programs. According to a recent report by Insikt, North Korean agents successfully stole $1.7 billion in cryptocurrencies in 2022, equivalent to 5% of the nation’s economy or 45% of its military budget. Noteworthy attacks include a $600 million heist from the Ronin network and the exploitation of Cloudzy’s infrastructure for ransomware and data theft. The collaboration aims to tackle the growing threat posed by North Korean hackers, who benefit from the regime’s strategic investment in information technology and the cultivation of skilled experts. 

Kaspersky Reveals In-Depth Analysis of iPhone Attack: Operation Triangulation


On December 27th, during a conference, Kaspersky’s researchers revealed intricate details about the sophisticated iPhone attack known as “Operation Triangulation”. Initially detected in July 2023 within the company’s network, the Russian FSB promptly accused Apple and the NSA of involvement. This latest report delves deeper into the highly advanced chain of exploits, exposing the attack’s use of multiple vulnerabilities to compromise iPhones. This chain of exploits includes the manipulation of a rare hardware feature: the attackers exploited certain hardware registers in the iPhone’s GPU coprocessor, tapping into a concealed functionality likely designed for testing or debugging. This discovery raises concerns about relying on hardware secrecy for security and underscores the heightened sophistication of attacks orchestrated by well-funded adversaries.


The Ohio Lottery targeted by complex ransomware attack                                               


On December 27th, the Ohio state lottery was the target of a complex cyberattack by a seemingly new ransomware group named DragonForce. They claimed the theft of over 600 Gb of data, including more than 3 million records of employees and players, with names, addresses, social security numbers and other sensitive pieces of information. They are currently threatening to make the data public if the Ohio Lottery does not pay the demanded ransom. This is the latest move from what has become one of the most active ransomware gangs this year, and it has further consolidated the notion that no organization or body is free of cybersecurity threats posed by ransomware attacks.

Huawei’s ambitions for the semiconductor market


Despite heavy US sanctions against China, Huawei has revealed major innovations for its semiconductor industry. The company recently unveiled a new computer equipped with a 5 nm chip, a technical achievement that few companies have achieved to date. The company’s ability to innovate against a backdrop of regional and global crises and tensions remains undiminished. However, U.S. sanctions have had, and will continue to have, an impact on the company, which finds itself unable to export its products to numerous trading partners.