Latest news with #RosiePerper
Politico
4 days ago
- Politics
- Politico
The ‘dual-edged sword' of AI chatbots
With help from Maggie Miller Driving the day — As large language models become increasingly popular, the security community and foreign adversaries are constantly looking for ways to skirt safety guardrails — but for very different reasons. HAPPY MONDAY, and welcome to MORNING CYBERSECURITY! In between the DMV's sporadic rain this weekend, I managed to get a pretty gnarly sunburn at a winery. I'll be spending the rest of the summer working to fix the unflattering tan lines. Follow POLITICO's cybersecurity team on X at @RosiePerper, @johnnysaks130, @delizanickel and @magmill95, or reach out via email or text for tips. You can also follow @POLITICOPro on X. Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You'll also receive daily policy news and other intelligence you need to act on the day's biggest stories. Today's Agenda The House meets for morning hour debate and 2 p.m. to consider legislation under suspension of the rules: H.R. 1770 (119), the 'Consumer Safety Technology Act"; H.R. 1766 (119), the 'NTIA Policy and Cybersecurity Coordination Act"; and more. 12 p.m. Artificial Intelligence SKIRTING GUARDRAILS — As the popularity of generative artificial intelligence systems like large language models rises, the security community is working to discover weaknesses in order to boost their safety and accuracy. But as research continues identifying ways bad actors can override a model's built-in guardrails — also known as 'jailbreaking' — to improve safeguards, foreign adversaries are taking advantage of vulnerabilities in LLMs to pump out misinformation. 'It's extremely easy to jailbreak a model,' Chris Thompson, global head of IBM's X-Force Red Adversary Simulation team, told your host. 'There's lots of techniques for jailbreaking models that work, regardless of system prompts and the guardrails in place.' — Jailbreaking: Popular LLMs like Google's Gemini, OpenAI's ChatGPT and Meta's Llama have guardrails in place to stop them from answering certain questions, like how to build a bomb. But hackers can jailbreak LLMs by asking questions in a way that bypasses those protections. Last month, a team from Intel, the University of Illinois at Urbana-Champaign and Boise State University published research that found AI chatbots like Gemini and ChatGPT can be tricked into teaching users how to conduct a ransomware attack on an ATM. The research team used an attack method called 'InfoFlood,' which pumps the LLM with dense language, including academic jargon and fake citations, to disguise the malicious queries while still getting the questions answered. According to Advait Yadav, one of the researchers, it was a simple yet successful idea. 'It was a very simple test,' Yadav told your host. 'We asked, what if we buried … a really harmful statement with very dense, linguistic language, and the success rate was really high.' Spokespeople for Google and OpenAI noted to your host that the report focuses on older LLM models. A spokesperson for OpenAI told MC in a statement that the firm takes steps 'to reduce the risk of malicious use, and we're continually improving safeguards to make our models more robust against exploits like jailbreaks.' — Disinfo mission: And as university researchers find ways to sneak past these guardrails, foreign adversaries are, too. Rival powers like Russia have long exploited AI bots to push their agenda by spreading false information. In May 2024, OpenAI detailed how operations from Russia are using its software to push out false and misleading information about a variety of topics — including the war in Ukraine. 'These models are built to be conversational and responsive, and these qualities are what make them easy for adversaries to exploit with little effort,' said McKenzie Sadeghi, AI and foreign influence editor at the misinformation tracker NewsGuard. NewsGuard's monthly audits of leading AI models have repeatedly found that chatbots will generate false claims around state narratives from Russia, China and Iran with little resistance. 'When foreign adversaries succeed in manipulating these systems, they're reshaping the informational landscape that citizens, policymakers and journalists rely on to make decisions,' she added. — Boosting safeguards: As actors linked to foreign adversaries utilize the chatbots, the security community says they are working to keep up. 'The goal of jailbreaks is to inform modelmakers on vulnerabilities and how they can be improved,' Yadav told your host, adding that the research team plans to send a courtesy disclosure package to the model-making companies in the study. For Google's Gemini App, the firm runs red-teaming exercises to train models to defend against attacks, according to Elijah Lawal, the global communications manager for the Gemini App. 'This isn't just malicious threat actors using it,' Thompson told your host. 'There's also the security research community that is leveraging this work to do their jobs better and faster as well. So it's kind of a dual-edged sword.' On The Hill FIRST IN MC: QUESTIONS, CONCERNS — Rep. Raja Kristhnamoorthi (D-Ill.), ranking member of the House Select Committee on China, wants answers on how the State Department is working to prevent the use of AI-enabled impersonations of officials, following reports that Secretary of State Marco Rubio was the recent subject of an AI hoax. Krishnamoorthi will send a letter to Rubio today, first obtained by Maggie, asking questions around the agency's approach to countering AI-enabled impersonations, such as deepfake videos and voice recordings. This comes after The Washington Post reported last week that an imposter used these types of scams to pose as Rubio and contact foreign diplomats and U.S. lawmakers. Given his role on the China Committee, Krishnamoorthi is particularly interested in understanding how the State Department is studying and addressing the potential negative impact of deepfakes on the U.S.-China relationship, and whether the agency has a process for evaluating the authenticity of communications from Chinese and other foreign officials. 'While I currently have no information indicating this incident involved a foreign state, and hoaxers are equally capable of creating deceptive deepfakes like this given the proliferation of AI technologies, this incident presents an opportunity to highlight such risks and seek information about the department's efforts to counter them,' Rajnamoorthi wrote in the letter being sent today. When asked about the impersonations, Rubio reportedly told reporters in Malaysia last week that he uses official channels to communicate with foreign officials, in part due to the risk of imposters claiming to be him. The State Department put out a statement last week following the Post's report, noting that the agency is investigating the incident. China corner SUSPECTED BREACH — Suspected Chinese hackers have gained access to email accounts of advisers and attorneys at Wiley Rein, a top law firm in Washington, in an intelligence-gathering operation. CNN reported on Friday that the hackers linked to the breach 'have been known to target information related to trade, Taiwan and US government agencies involved in setting tariffs and reviewing foreign investment,' according to the firm. — Zoom out: This breach comes amid the Trump administration's trade war against China, which Wiley Rein helps its powerful clients navigate. The International Scene COME TOGETHER — Norway is joining the international initiative to boost Ukraine's cybersecurity defenses. Ukraine's Digital Transformation Ministry announced on Friday that Norway is also joining the Tallinn Mechanism and will provide Ukraine with 25 million Norwegian krone, or $2.5 million, to support the country's cyber defenses by the end of 2025. 'The Tallinn Mechanism is a key instrument of international support that helps Ukraine resist these attacks while building long-term digital resilience,' Norway's Foreign Minister Espen Barth Eide said in a statement. — Zoom out: Norway is the 12th country to join the Tallinn Mechanism — which includes Estonia, the United Kingdom, Germany, Canada and the U.S. The group was established in 2023 to coordinate private sector and government aid to Ukraine. Quick Bytes LOCATION, LOCATION, LOCATION — Bodyguards using fitness app Strava inadvertently made locations of Swedish leaders, writes Lynsey Chutel for The New York Times. 'HORRIFIC BEHAVIOR' — In a series of posts on X, the AI chatbot Grok apologized for 'horrific behavior' following a series of posts that included expressing support for Adolf Hitler, Anthony Ha reports for TechCrunch. Also Happening Today The Armed Forces Communications and Electronics Association holds the TechNet Emergency 2025 conference. 9 a.m. Chat soon. Stay in touch with the whole team: Rosie Perper (rperper@ John Sakellariadis (jsakellariadis@ Maggie Miller (mmiller@ and Dana Nickel (dnickel@
Politico
02-06-2025
- Business
- Politico
DOGE days aren't over
Driving the day — Elon Musk has officially left the so-called Department of Government Efficiency. But experts warn that the billionaire businessperson could take the trove of data DOGE amassed with him — and that the agency's digging around federal data systems may well carry on. HAPPY MONDAY, and welcome to MORNING CYBERSECURITY! I hope everyone had a nice weekend! I finally tried Honeymoon Chicken, and I'll be adding them to my takeout rotation. Hit me up with restaurant recommendations, gossip or news tips at dnickel@ Follow POLITICO's cybersecurity team on X at @RosiePerper, @johnnysaks130, @delizanickel and @magmill95, or reach out via email or text for tips. You can also follow @POLITICOPro on X. ICYMI: The Conversation kicked off with Dr. Oz In the premiere episode of The Conversation, Dasha Burns sat down with Dr. Mehmet Oz — now leading the Centers for Medicare and Medicaid Services — for a candid talk on drug prices, potential Medicaid cuts and why he's getting early morning calls from President Donald Trump. Plus, POLITICO's Jonathan Martin dished on the Ohio governor's race (featuring Elon Musk, Vivek Ramaswamy and former Ohio State football coach Jim Tressel), and Kyle Cheney unpacked Trump's legal battle over 'Liberation Day' tariffs. Watch the full episode on YouTube. And don't miss a moment — subscribe now on Apple Podcasts or Spotify to get new episodes when they drop. Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You'll also receive daily policy news and other intelligence you need to act on the day's biggest stories. Today's Agenda The Special Competitive Studies Project holds its AI+ Expo. 9 a.m. Happening This Week ON WEDNESDAY — The House Energy and Commerce Communications and Technology Subcommittee holds a hearing on 'AI in the Everyday: Current Applications and Future Frontiers in Communications and Technology.' 10:30 a.m. The House Intelligence National Security Agency and Cyber Subcommittee holds a closed hearing on the fiscal 2026 budget request for the National Security Agency. 1:30 p.m. ON THURSDAY — The Senate Homeland Security and Governmental Affairs Committee holds a hearing on the nominations of Sean Cairncross as White House national cyber director and Sean Plankey as director of the Cybersecurity and Infrastructure Security Agency. 9:30 a.m. At the Agencies ELON'S GONE — After a fraught four months at the helm, Elon Musk officially stepped back from his role atop the so-called Department of Government Efficiency last week. Under his direction, DOGE staffers carried out a slash-and-burn policy across the federal government, including the Education and Defense departments, CISA and the U.S. Census Bureau. Musk's team also accessed vast amounts of sensitive information on millions of Americans through federal agency databases. 'Having personal information about someone confers the government a certain amount of power. Having a lot of personal information about a lot of people confers a lot of power,' said John Davisson, senior counsel and director of litigation at the Electronic Privacy Information Center. 'DOGE has recognized this correctly, and they have acted on that.' Even as Musk formally steps back, questions remain about the data accessed by his cost-cutting group and where it ended up, as well as how it could benefit him as he returns to the private sector. DOGE has also made clear that its work is far from finished. — Let's catch up: DOGE has faced a deluge of litigation over its access to federal databases and the lack of transparency surrounding what the team plans to do with all the data. Experts and lawmakers have also expressed alarm over reports of DOGE staff funneling data out of networks without a clear destination or storage plan could be an easy target for cybercriminals or U.S. adversaries, and emphasized that the agency's reported plans to build a master database of information on immigrants could be a target for cybercriminals. 'It's a pretty fundamental principle of data security that you don't aggregate more data than you need to, don't provide more access than you need to,' Davisson said. 'When you start to create an even bigger honeypot that nation-state hackers will be interested in, the security risk just grows,' he added. Broad access to sensitive information can also hurt the country's national security efforts, according to Lily Li, a data privacy lawyer and founder of cybersecurity law firm Metaverse Law. Li pointed to reports of DOGE's access to systems at the Office of Personnel Management, whose network previously fell victim to a massive security breach. 'OPM maintains sensitive information for current and former government personnel, including FBI agents, government officials, active military and veterans,' she told your host. 'This information is not just personally sensitive, but contains information that impacts U.S. national security interests.' — Back to business: Musk is leaving the federal government to return to his businesses, which have taken a bruising in his absence. Li told MC that she wouldn't be surprised if he leveraged his DOGE experience, coupled with his access to federal payments data, to boost his business dealings. 'Whether or not he does this with his legally obtained know-how or through more questionable access to U.S. sensitive data remains to be seen,' Li said. Davisson agreed, adding that the information gleaned from agencies like the Securities and Exchange Commission and the Consumer Financial Protection Bureau could prove useful in the future. 'A lot of that [data] includes commercial, trade secret-protected information on competitors to Elon Musk's businesses,' he said. — Troubled waters ahead: Experts warn that the DOGE task force will likely continue working to access data across government agencies. POLITICO reported last week that DOGE staffers have been hired as permanent government employees inside federal agencies. Elizabeth Laird, director of equity in civic technology for the Center for Democracy and Technology, told your host that although Musk is stepping away from DOGE, 'it does not appear that this administration's bottomless hunger for collecting, accessing and compiling sensitive, individual-level data will be quenched anytime soon.' Musk seemed to confirm this sentiment. In his exit announcement on X, he wrote that DOGE's 'mission will only strengthen over time as it becomes a way of life throughout the government.' On The Hill CYBER ON DECK — The Senate Homeland Security Committee will officially hold nomination hearings for two top cybersecurity positions in the Trump administration this week. Sean Plankey, President Donald Trump's pick to head CISA, will have his long-awaited confirmation hearing before the panel on Thursday. Plankey, a cyber alum from the first Trump administration, is widely respected in the industry and expected to glide through his nomination. The hearing will also include Sean Cairncross, who Trump tapped in February for national cyber director. Though Cairncross, a former RNC official, lacks cybersecurity experience, officials have expressed cautious optimism about him in the role. — Not all smooth sailing ahead: Sen. Ron Wyden (D-Ore.) has pledged to block Plankey's nomination unless CISA releases a 2022 report on security issues within the U.S. telecommunications sector. The Trump administration has not yet released the report, so a confirmation vote on Plankey could still face a fight in the Senate. The International Scene 'INTENSIFYING' ESPIONAGE — The Netherlands' Defense Minister Ruben Brekelmans is warning that China is stepping up its espionage on Dutch semiconductors, POLITICO's Rory O'Neill reported. 'The semiconductor industry, which we are technologically leading … to get that intellectual property — that's interesting to China,' Brekelmans told Reuters on Saturday on the sidelines of the Shangri-La Dialogue security forum in Singapore. Dutch intelligence services previously cautioned of Chinese spying on the aerospace, maritime and semiconductor industries. Brekelmans said the threat is 'continuing.' 'In our newest intelligence reports, our intelligence agency said that the biggest cyber threat is coming from China.' FIRST OF ITS KIND — Australia is making ransomware policy history with a new law requiring victims to declare to the government any extortion payments made on their behalf to hackers. The law, enacted on Friday, makes Australia the first country to pass such legislation on ransomware payments. It applies to a group of specific organizations within critical infrastructure sectors or entities with an annual turnover of 3 million Australian dollars or more. Under the law, entities will have to report ransomware payments to the Australian Signals Directorate within 72 hours. — Elsewhere: A similar law was introduced in the U.K. earlier this year in an effort to ban privately owned critical infrastructure entities or public sector organizations — like hospitals or schools — from paying the ransom to cybercriminals. Vulnerabilities FIRST IN MC: GOING PHISHING — Hackers are using Glitch, a coding platform for developers to share and remix apps, to create phishing campaigns to target customers at Navy Federal Credit Union, according to a new report from cybersecurity firm Netskope Threat Labs. The report, out today, found that these attacks have affected more than 830 organizations and over 3,000 users since January. Members of Navy Federal Credit Union were the hackers' primary target. Researchers found that the hackers abused Glitch's features to host their phishing pages for free across multiple projects. The app's 'remix' feature allows hackers to set up multiple phishing pages within minutes, according to the report. Quick Bytes STUDENT DATA — Funding is drying up for a service that alerts schools to cybercrime and offers solutions, reports Jill Barshay for The Hechinger Report. B.Y.O. AI MODELS — Google quietly released an app that lets users run a variety of openly available AI models locally, reports Kyle Wiggers for TechCrunch. DATA CENTER PUSHBACK — Some local lawmakers are pushing back against states' efforts to incentivize data center build-outs, writes Marc Levy for The Associated Press. Chat soon. Stay in touch with the whole team: Rosie Perper (rperper@ John Sakellariadis (jsakellariadis@ Maggie Miller (mmiller@ and Dana Nickel (dnickel@
Politico
12-05-2025
- Business
- Politico
Tech companies have a remote worker problem: North Korean operatives
With help from Maggie Miller Driving the day — North Korean operatives are posing as remote workers and infiltrating top tech companies on a scale cybersecurity firms haven't seen before. HAPPY MONDAY, and welcome to MORNING CYBERSECURITY! And happy belated Mother's Day to all the moms out there — especially mine. ❤️ Follow POLITICO's cybersecurity team on X at @RosiePerper, @johnnysaks130, @delizanickel and @magmill95, or reach out via email or text for tips. You can also follow @POLITICOPro on X. Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You'll also receive daily policy news and other intelligence you need to act on the day's biggest stories. Today's Agenda The Senate Armed Services Strategic Forces Subcommittee holds a closed briefing on space superiority. 3:30 p.m. Happening This Week On Wednesday: The House Homeland Security Committee holds a hearing to review the Department of Homeland Security's FY2026 budget request. 10 a.m. On Thursday: POLITICO hosts its 2025 Security Summit, featuring conversations with senior administration officials, military leaders, key lawmakers and industry executives. 8 a.m. Register here. Industry Intel SIGNING ON — Some of the country's top tech companies are hiring remote information technology workers — only to find out their employees are actually North Korean cyber operatives. Your host and Maggie Miller spoke to almost a dozen cybersecurity experts in the U.S., who said this is a much more widespread problem than previously understood, and the prolific scam has recently hit Fortune 500 companies and top cybersecurity firms, like SentinelOne. 'I've talked to a lot of CISOs at Fortune 500 companies, and nearly every one that I've spoken to about the North Korean IT worker problem has admitted they've hired at least one North Korean IT worker, if not a dozen or a few dozen,' Charles Carmakal, chief technology officer at Google Cloud's Mandiant, said during a media briefing on the sidelines of the RSAC Conference. — North Korea's playbook: Cyber experts found that the scheme sticks to a similar plot: A North Korean operative will use generative artificial intelligence to create a fake LinkedIn profile posing as an American job seeker, often using stolen information belonging to a real person. Then, an operative will apply for high-paying positions en masse or contact job recruiters using a fake identity. Once an operative makes it to the interviewing stage, they use AI-generated deepfakes to look and sound like the candidate they are impersonating, often in real time. Alexander Leslie, threat intelligence analyst at cybersecurity company Recorded Future, said that these operatives have stolen information from real software developers across the country as part of this scam. 'Their personally identifiable information has been stolen — Social Security records, passport information, ID information,' he said. Once they're hired, the operatives will use the stolen credentials to glide through the onboarding process and request that employers send their work laptops to U.S. addresses dubbed 'laptop farms' by law enforcement, with dozens of devices kept running by Americans who are paid to join the scheme. — Cashing in: These operatives are exploiting the rise of pandemic-era remote work and the country's lack of IT security talent to funnel millions of dollars in top tech salaries back to Pyongyang. 'This money is going directly to the weapons program, and sometimes you see that money going to the Kim family,' said Adam Meyers, senior vice president of counter-adversary operations at cyber firm CrowdStrike. An advisory from the FBI indicated that each worker can earn up to $300,000 annually on average. And once they're in, these operatives can bring on more of their own. Elizabeth Pelker, a special agent with the FBI, said during a panel at the RSAC Conference in San Francisco that when one operative is hired, they can provide references for others, and some companies have reported up to 10 scammers on their payroll posing as IT workers. — Just when we think they're out: The scheme doesn't stop when the operatives have been found out and terminated, experts warned. Once inside the company networks, the operatives plant malicious software to gain access to sensitive company intelligence and often demand ransom payments from companies. 'This is very adaptive,' Pelker said. 'Even if [the hackers] know they're going to get fired at some point, they have an exit strategy for them to still … have some sort of monetary gain.' On The Hill THE OTHER CISA — The House Homeland Security's cyber panel will hold a hearing to examine the potential reauthorization of a 2015 cybersecurity information sharing law set to expire in September. Rep. Andrew Garbarino (R-N.Y.), chair of the cybersecurity subcommittee, announced that the panel will weigh the Cybersecurity Information Sharing Act in a hearing on Thursday. The law incentivizes companies to voluntarily share cybersecurity threat information, such as software vulnerabilities, with DHS. The private sector has long supported reauthorization because the law provides participating companies with legal protections from federal antitrust exemptions and state and federal disclosure laws. 'With the expiration of CISA 2015 quickly approaching, Congress must act swiftly to examine and reauthorize the federal government's ability to close gaps in visibility across government and industry,' Garbarino said in a statement. Across chambers — Last month, Sens. Mike Rounds (R-S.D.) and Gary Peters (D-Mich.) introduced legislation to extend the law for another 10 years. The bipartisan pair both said the law has been 'instrumental in fostering collaboration between industry leaders and federal agencies,' an area your host reported has been struggling amid federal cuts to cyber agencies like CISA. Peters said that the law needs to be renewed to 'continue this collaborative partnership between the private sector and government to bolster our nation's cybersecurity defenses against a wide range of adversaries.' The International Scene ACROSS THE POND — The U.K. Parliament's Public Accounts Committee is raising the alarm over the significant gaps in the British public sector IT systems. In a report released on Friday, the committee found that the British government's cyber defenses have not kept up with the evolving threats from state-sponsored hackers and cybercriminals, and that these threat actors can wreak havoc on critical national infrastructure faster than Parliament expected. The PAC's report found that there is a shortage of cybersecurity skills and experience in government, and cybersecurity has not been prioritized as a key issue, causing gaps in the British government's understanding of the vulnerabilities in the public IT sector. The committee also called on the British Cabinet Office to conduct an audit of IT systems and share details on how it plans to fix the issues found in the report. Industry Intel CONFLICT UTILIZATION — The tech industry plans to play the national security card when lobbying the federal government to oppose state laws that regulate AI. POLITICO's Brendan Bordelon and Chase Difeliciantonio reported on Sunday that big tech firms — including Meta, Google, IBM and OpenAI — are urging Washington to pass rules on AI that would rein in state laws that the firms don't like. The effort puts the companies in an unusual position of supporting federal regulation on AI, which the industry has so far managed to delay almost entirely. — Learning from past losses: This continues the longstanding California vs. Washington debate on regulating technology — an argument California won previously by passing strict data privacy laws in 2018. Sacramento's legislation prompted a wave of other states to enhance their own privacy laws. At the time, tech lobbyists urged Congress to preempt them all, but bipartisan privacy legislation was killed on Capitol Hill, and California's privacy law remains the nationwide standard. This time, the tech industry believes the fight will be different due to Washington's perception of AI as a key part of the country's rising tensions with China. Lobbyists plan to use the geopolitical and national security backdrop for AI regulation talks with lawmakers and the White House. Vulnerabilities ADDRESSING SECURITY CONCERNS — IT teams ranked the top security threats facing companies contracting with state, local and federal governments. Ransomware attacks, phishing and social engineering and unpatched systems were among the top concerns, according to a new report from software firm Deltek out today. The report found that IT leaders are addressing security threats by increasing security monitoring, investing in cloud solutions, hiring more IT staff and increasing skills training among company personnel. People on the Move Robert Silvers has joined Ropes & Gray as co-chair of the firm's national security practice and a partner in its data, privacy and cybersecurity practice. Silvers was previously the former undersecretary for policy at DHS. Quick Bytes ON THE SAME TEAM — Microsoft is developing a new Teams feature that will prevent users from capturing screenshots of sensitive information shared during meetings, Sergiu Gatlan writes for Bleeping Computer. 764 — The FBI opened an inquiry into an online group that sexually exploits and urges children to self-harm, The Guardian reports. AI CHALLENGES — In his first meeting with the College of Cardinals since the papal conclave, Pope Leo XIV said AI poses new challenges for human dignity, writes Lauren Edmonds for Business Insider. Also Happening Today The Council on Foreign Relations holds a virtual discussion on 'National Security in the Age of Artificial Intelligence.' 11:30 a.m. Chat soon. Stay in touch with the whole team: Rosie Perper (rperper@ John Sakellariadis (jsakellariadis@ Maggie Miller (mmiller@ and Dana Nickel (dnickel@
