Les Bell
Blog entry by Les Bell
Welcome to today's daily briefing on security news relevant to our CISSP (and other) courses. Links within stories may lead to further details in the course notes of some of our courses, and will only be accessible if you are enrolled in the corresponding course - this is a shallow ploy to encourage ongoing study. However, each item ends with a link to the original source.
News Stories
AI-Generated Content Farms Proliferate
The field of information warfare - what the US Cybersecurity & Infrastructure Security Agency terms 'mis- , dis- and malinformation' - is not one of most readers' primary concerns, but it is something we need to be aware of. Similarly, we need to keep abreast of the rapid developments in artificial intelligence and machine learning - especially large language models, which are able to provide complex answers in response to sophisticated conversational queries (e.g. ChatGPT and Google Bard).
These two fields have inevitably formed a nexus in the creation of so-called content farms - low-quality websites which provide a never-ending stream of clickbait articles primarily intended to generated advertising revenue. In a new report by news-rating group NewsGuard, the authors identified 49 websites which appear to be almost completely automated with little to no human oversight.
Many articles contain clues that they are AI-generated, such as error messages common to chatbots: "I cannot complete this prompt", references to "my cutoff date in September 2021" and "as an AI language model". But occasionally, the unmonitored output reaches new levels of stupidity:
An AI-generated headline that appeared on
TNewsNetwork.com, an anonymously-run news site that was registered in
February 2023. (Screenshot via NewsGuard)
The sites use highly generic names like Biz Breaking News, NewsLive 79, Daily Business Post and Market News Reports, and their articles are generally bland and full of filler phrases but substantially accurate. However, some do veer into outright misinformation; for example, in April 2023, a site called CelebritiesDeaths.com, which posts generic obituaries, posted an article under the headline "Biden dead. Harris acting President, address 9am ET.", continuing, "BREAKING: The White House has reported that Joe Biden has passed away peacefully in his sleep…". Other articles contain fabricated information - so-called "AI hallucinations".
The sites promote themselves via social media, and are increasing in readership, with the largest claiming over 150,000 followers. As they continue to grow, we can expect people to be less well informed about important issues in politics, finance, health and technology, and trust for media generally to continue to decline. We can also expect state actors to use these techniques in foreign influence operations, promoting deliberate disinformation hidden among surrounding AI-generated content.
Sadeghi, McKenzie and Lorenzo Arvanitis, Rise of the Newsbots: AI-Generated News Websites Proliferating Online, special report, 1 May 2023. Available online at https://www.newsguardtech.com/special-reports/newsbots-ai-generated-news-websites-proliferating/.
Is There Honour Among Thieves?
One of the most prolific ransomware-as-a-service operators over the last year is LockBit, which first appeared around January 2020, and whose affiliates have been responsible for a number of high-profile extortions such as last year's release of patient data from the Centre Hospitalier Sud Francilien hospital in Corbeil-Essonne near Paris - all this despite the arrest of one the group's ringleaders.
Back in February, one of the LockBit affiliates hacked the Olympia Community Unit School District 16 in Illinois, exfiltrating student information which it threatened to release on the LockBit dark web site unless a ransom demand was met. Sure enough, a countdown timer appeared on the site, warning the school district their information would be released on 12 April.
However, it seems that the LockBit affiliate involved has somehow transgressed against the group, with the site admin expressing remorse over the attack and offering a free decryption key:
"Please forgive me for allowing the attack on small innocent children, the stolen data has been deleted, to get the decryptor please give me the decryption id. I am very ashamed, but I can not control all partners, anyone can join my affiliate program as well as break the rules, I have blocked this partner."
This is unusual among ransomware operators, who have been responsible for the release of vast quantities of sensitive information, from the healthcare industry in particular. However, it seems there is some kind of honour among thieves, after all.
Cluely, Graham, "Ashamed" LockBit ransomware gang apologises to hacked school, offers free decryption tool, blog post, 28 April 2023. Available online at https://www.bitdefender.com/blog/hotforsecurity/ashamed-lockbit-ransomware-gang-apologises-to-hacked-school-offers-free-decryption-tool/.
These news brief blog articles are collected at https://www.lesbell.com.au/blog/index.php?courseid=1. If you would prefer an RSS feed for your reader, the feed can be found at https://www.lesbell.com.au/rss/file.php/1/dd977d83ae51998b0b79799c822ac0a1/blog/user/3/rss.xml.
Copyright to linked articles is held by their individual authors or publishers. Our commentary is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License and is labeled TLP:CLEAR.