ChatGPT update: Legal claims and bans; AI-powered security copilot

Concern over the use of advanced AI technology has been growing. Thousands of tech leaders came together to sign an open letter outlining concerns over using and developing AI systems that are capable of spreading misinformation and bias.

At the start of the month Italy became one of the first countries in the West to ban ChatGPT over privacy concerns. It is also investigating whether it complied with the General Data Protection Regulation (GDPR). Since then, Italy has been open to a reversal of the ban if OpenAI is willing to improve transparency and make changes to comply with EU regulations. 

An Australian mayor has formally notified OpenAI of concerns over false claims by ChatGPT that he was imprisoned for bribery while working for a subsidiary of Australia’s national bank. The mayor was in fact a whistleblower and has not been charged with a crime. This case demonstrates a key weakness of many language learning models (LLMs) coined as ‘hallucinations’, which are outputs that may sound plausible but are factually incorrect. If the legal claim is pursued further, it will be the first public defamation suit on ChatGPT.

Last month’s cyber round-up explored the growing impact of ChatGPT and other LLMs on cyber security. Now Microsoft has launched a new AI-powered security copilot, which aims to assist companies with identifying and responding to cyber threats by providing guidance informed by internal and external data collected on threats. It also addresses the gap in the market for specialised cyber security experts by providing businesses with a tool that can provide detailed instructions and guidance on mitigating risks and allow teams to perform and adopt tasks usually performed by security experts. 

Cybercrime, hacks and phishing during tax season

There has been an increase in phishing attacks, specifically targeting professional services, accounting and tax preparation firms in the run-up to tax season. Microsoft has noted that phishing attacks are increasingly being used to deliver a remote control and surveillance trojan, which is used by threat actors to gain administrator privileges on Windows systems remotely. Cybercriminals and hacking groups often take advantage of key events during the year, such as tax season when professionals are more likely to be distracted and susceptible to falling for phishing campaigns. It is important to stay vigilant during these times. 

One of the world’s largest online criminal marketplaces, Genesis Market, was shut down in an international operation in early April. Genesis Market allowed cybercriminals to sell and purchase bots that contained stolen login details, IP addresses and other personal data from victims’ devices. The criminal marketplace also provided users with a custom browser mimicking the victim’s location and operating systems, allowing criminals to bypass further security measures. It is estimated that around 80m sets of credentials and digital fingertips were up for sale, some costing as little as $1. In response to this threat, it is worth being aware of the National Crime Agency (NCA) and National Cyber Security Centre's (NCSC) five-step action to check if your data has been compromised and to protect your devices and online accounts. 

3CX’s desktop app version of a voice and video-conferencing system was targeted in a supply chain attack this month. The trojanised installers of the desktop app installed malware inside corporate networks capable of harvesting system information and stealing data, and stored credentials from web-browser user profiles. The system is used by more than 60,000 organisations worldwide including the National Health Service (NHS). It is suspected that a North Korean-based hacking group was responsible for this attack. Users from both Windows and MacOS were targeted in this breach. 3CX has advised customers running affected versions to uninstall the software and use the browser-based web app until an updated version is available. 

Capita, one of the UK’s largest outsourcing companies that provides services to the NHS and local councils, and enforces the BBC’s licence fee, was hit by an IT failure that left staff unable to access systems and disrupted services. This disruption was later confirmed to have been caused by a suspected ransomware attack. Black Basta, a Russian-based hacking group, released documents it claimed were stolen from this breach. An investigation into whether sensitive data was stolen from Capita’s systems due to this cyber attack is ongoing. 

Acro Criminal Records Office, which manages criminal records in the UK, was also the target of a hack last month that led the organisation to take its website and application portal offline. A month on from this cyber attack, the organisation and staff are still facing delays and disruption. An investigation into the incident and whether personal data was compromised is still ongoing. These incidents are not isolated events and cyber attacks are expected to continue to increase in scale. The NCSC has guidance on actions to take when cyber threat is heightened. 

Cyber security guidance updates: Toolkit for boards; CYBERUK 2023

The NCSC refreshed the Cyber Security Toolkit for Boards at the start of this month with new content and case studies to help organisations improve cyber risk management and security. The toolkit is aimed at board members in medium to large organisations in any sector.

The NCSC’s flagship cyber security event, CYBERUK, took place in Belfast this month. Event sessions focused on the theme of securing an open and resilient digital future. 

Got an interesting cyber story for us? Email bani.lamba@icaew.com