Select Page
Here’s How Violent Extremists Are Exploiting Generative AI Tools

Here’s How Violent Extremists Are Exploiting Generative AI Tools

“We’re going to partner with Microsoft to figure out if there are ways using our archive of material to create a sort of gen AI detection system in order to counter the emerging threat that gen AI will be used for terrorist content at scale,” Hadley says. “We’re confident that gen AI can be used to defend against hostile uses of gen AI.”

The partnership was announced today, on the eve of the Christchurch Call Leaders’ Summit, a movement designed to eradicate terrorism and extremist content from the internet, to be held in Paris.

“The use of digital platforms to spread violent extremist content is an urgent issue with real-world consequences,” Brad Smith, vice chair and president at Microsoft said in a statement. “By combining Tech Against Terrorism’s capabilities with AI, we hope to help create a safer world both online and off.”

While companies like Microsoft, Google, and Facebook all have their own AI research divisions and are likely already deploying their own resources to combat this issue, the new initiative will ultimately aid those companies that can’t combat these efforts on their own.

“This will be particularly important for smaller platforms that don’t have their own AI research centers,” Hadley says. “Even now, with the hashing databases, smaller platforms can just become overwhelmed by this content.”

The threat of AI generative content is not limited to extremist groups. Last month, the Internet Watch Foundation, a UK-based nonprofit that works to eradicate child exploitation content from the internet, published a report that detailed the growing presence of child sexual abuse material (CSAM) created by AI tools on the dark web.

The researchers found over 20,000 AI-generated images posted to one dark web CSAM forum over the course of just one month, with 11,108 of these images judged most likely to be criminal by the IWF researchers. As the IWF researchers wrote in their report, “These AI images can be so convincing that they are indistinguishable from real images.”

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

In 1763, the radical journalist and colonial sympathizer John Wilkes published issue no. 45 of North Briton, a periodical of anonymous essays known for its virulent anti-Scottish drivel—and for viciously satirizing a British prime minister until he quit his job. The fallout from the subsequent plan of the British king, George III, to see Wilkes put in irons for the crime of being too good at lambasting his own government reverberates today, particularly in the nation whose founders once held Wilkes up as an idol, plotting a revolt of their own.

Wilkes’ arrest boiled the Americans’ blood. Reportedly, the politician-cum-fugitive had invited the king’s men into his home to read the warrant for his arrest aloud. He quickly tossed it aside. At trial, Wilkes explained its most insidious feature: “It named nobody,” he said, “in violation of the laws of my country.” This so-called general warrant, which subsequent lawsuits by Wilkes would see permanently banned, vaguely described some criminal allegations, but not a single place to be searched nor suspect to be arrested was named. This ambiguity granted the king’s men near blanket authority to arrest anyone they wanted, raid their homes, and ransack and destroy their possessions and heirlooms, confiscating large bundles of private letters and correspondence. When the Americans later passed an amendment to ban vague legal warrants describing neither “the place to be searched” nor “persons or things to be seized,” it was Wilkes’s home, historians say, that they pictured.

This morning, a group of United States lawmakers introduced bicameral legislation aimed, once again, at reining in a government accused of arbitrarily snatching up the private messages of its own citizens—not by breaking down doors and seizing handwritten notes, but by tapping into the power of internet directly to collect an endless ocean of emails, calls, and texts. The Government Surveillance Reform Act of 2023 (GSRA)—introduced in the US House by representatives Zoe Lofgren and Warren Davidson, and in the US Senate by Ron Wyden and Mike Lee—is a Frankenstein bill more than 200 pages long, combining the choicest parts of a stack of cannibalized privacy bills that rarely made it past committee. The patchwork effect helps form a comprehensive package, targeting various surveillance loopholes and tricks at all levels of government—from executive orders signed by the president, to contracts secured between obscure security firms and single-deputy police departments in rural areas.

“Americans know that it is possible to confront our country’s adversaries ferociously without throwing our constitutional rights in the trash can,” Wyden tells WIRED, adding that for too long surveillance laws have failed to keep up with the growing threats to people’s rights. The GSRA, he says, would not strip US intelligence agencies of their broad mandate to monitor threats at home or abroad, but rather restore warrant protections long recognized as core to democracy’s functioning.

The GSRA is a Christmas list for privacy hawks and a nightmare for authorities who rely on secrecy and circumventing judicial review to gather data on Americans without their knowledge or consent. A US Justice Department requirement that federal agents obtain warrants before deploying cell-site simulators would be codified into law and extended to cover state and local authorities. Police in the US would need warrants to access data stored on people’s vehicles, certain categories of which should already require one when the information is stored on a phone. The government could also no longer buy sensitive information about people that would require a judge’s consent, had they asked for it instead.

What’s more, the bill will end a grandfather clause that’s keeping alive expired portions of the USA Patriot Act that’s allowed the FBI to continue employing surveillance techniques that have technically been illegal for two years. Petitioners in federal court seeking relief due to privacy violations will also no longer be shown the door for having no more than a “reasonable basis” to believe they’ve been wrongfully searched or surveilled.

This Cryptomining Tool Is Stealing Secrets

This Cryptomining Tool Is Stealing Secrets

As the Israel-Hamas war raged on this week and Israel expanded its ground invasion of the Gaza Strip, the territory’s compromised internet infrastructure and access to connectivity went fully dark on Friday, leaving Palestinians without access to ground or mobile data connections. Meanwhile, researchers are bracing for the fallout if Hamas makes good on its threats to distribute hostage execution videos online. And TikTokkers are using a niche livestreaming feature and exploiting the Israeli-Hamas conflict to collect virtual gifts from viewers, a portion of which goes to the social media company as a fee.

As the worst mass shooting in Maine’s history unfolded this week and the gunman remained at large, disinformation about the situation and the suspect flooded social media, adding to the already chaotic and horrific situation. Elon Musk, the owner of X (formerly Twitter) posted remarks earlier this month mocking Ukrainian president Vlodymr Zelensky that were met with a flood of support and enthusiasm from Russian trolls and accounts distributing pro-Russia propaganda.

The US federal foreign intelligence collection tool—a frequently abused surveillance authority—known as Section 702 is facing its demise at the end of the year despite being viewed as the “crown jewel” of US surveillance powers. So far, no members of Congress have introduced a bill to prevent its January 1 sunset. And the identity-management platform Okta suffered a breach that had implications for nearly 200 of its corporate clients and brought up memories of a similar hack the company suffered last year that also had knock-on effects for customers.

An EU government body has been pushing a controversial proposal with far-reaching privacy implications in an attempt to combat child sexual abuse material, but its most outspoken advocates recently added to the drama significantly by essentially launching an influence campaign to support its passage. The long-foreseen nightmare of using generative AI to create digital child abuse materials has arrived with a flood of images, some of which are completely fabricated while others depict real victims generated from old datasets.

We also went deep this week on a situation in which hackers say they can crack a locked USB drive that contains a massive 7,002 bitcoins, worth about $235 million—but the drive’s owner hasn’t let them try.

And there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories, and stay safe out there.

A cryptominer that never seemed to generate very much cryptocurrency for its creators is part of a larger digital espionage campaign, according to researchers from security firm Kaspersky Lab. The platform, which they call StripedFly, has infected more than 1 million Windows and Linux targets globally since 2017. StripedFly is modular and has multiple components for compromising targets’ devices and collecting different types of data, indicating that it was likely created as part of a well-funded state espionage program, not a cybercriminal enterprise. It also includes an update mechanism so attackers can distribute improvements and new functionality to the malware.

StripedFly can, among other things, steal access credentials from compromised devices; take screenshots; grab databases, sensitive files, videos, or other information of interest; and record live audio by compromising a target’s microphone. Notably, StripedFly uses an innovative, custom Tor client to mask communication and exfiltration between the malware and its command-and-control servers. It also has a ransomware component that attackers have occasionally deployed. It infects targets initially using a customized version of the notorious EternalBlue exploit leaked from the US National Security Agency.

Documents reviewed by 404 Media shed new light on US Immigration and Customs Enforcement’s scanning and database tool for identifying “derogatory” online speech about the US. Dubbed Giant Oak Search Technology (GOST), it assists ICE agents in scanning social media posts. According to the documents, they then use the findings in immigration enforcement actions.

One of the documents shows a GOST catchphrase, “We see the people behind the data,” and a user guide from the documents says GOST is “capable of providing behavioral-based internet search capabilities.” ICE agents can search the system for specific names, addresses, email addresses, and countries of citizenship. The documents say that “potentially derogatory social media can be reviewed within the interface.”

The world’s telephony networks have often been built on legacy infrastructure and with a convoluted maze of interconnections. The system enables mobile data access across much of the world, but its complexity and the collision of new and archaic technologies can lead to vulnerabilities. This week, University of Toronto’s Citizen Lab published extensive research on the degree to which roaming arrangements between mobile providers contain security issues that can be exploited to track devices, and by extension the people who own them. The flaw comes from a lack of protection on the communications between cell towers as you, for instance, travel on a train, ride a motorcycle, or walk around town. The concern is that governments, criminals, or other snoops can manipulate the weaknesses in these handoff communications to track device locations. “These vulnerabilities are most often tied to the signaling messages that are sent between telecommunications networks which expose the phones to different modes of location disclosure,” Citizen Lab researchers wrote.

The Destruction of Gaza’s Internet Is Complete

The Destruction of Gaza’s Internet Is Complete

For more than three weeks, Gaza has faced an almost total internet blackout. The cables, cell towers, and infrastructure needed to keep people online have been damaged or destroyed as Israel launched thousands of missiles in response to Hamas attacking Israel and taking hundreds of hostages on October 7. Then, this evening, amid reports of heavy bombing in Gaza, some of the last remaining connectivity disappeared.

In the days after October 7, people living in Gaza have been unable to communicate with family or friends, leaving them unsure whether loved ones are alive. Finding reliable news about events has become harder. Rescue workers have not been able to connect to mobile networks, hampering recovery efforts. And information flowing out of Gaza, showing the conditions on the ground, has been stymied.

As the Israel Defense Forces said it was expanding its ground operations in Gaza this evening, internet connectivity fell further. Paltel, the main Palestinian communications company, has been able to keep some of its services online during Israel’s military response to Hamas’ attack. However, at around 7:30 pm local time today, internet monitoring firm NetBlocks confirmed a “collapse” in connectivity in the Gaza Strip, mostly impacting remaining Paltel services.

“We regret to announce a complete interruption of all communications and internet services within the Gaza Strip,” Paltel posted in a post on its Facebook page. The company claimed that bombing had “caused the destruction of all remaining international routes.” An identical post was made on the Facebook page of Jawwal, the region’s biggest mobile provider, which is owned by Paltel. Separately, Palestinian Red Crescent, a humanitarian organization, said on X (formerly Twitter) that it had lost contact with its operation room in Gaza and is “deeply concerned” about its ability to keep caring for people, with landline, cell, and internet connections being inaccessible.

“This is a terrifying development,” Marwa Fatafta, a policy manager focusing on the Middle East and North Africa at the digital rights group Access Now, tells WIRED. “Taking Gaza completely off the grid while launching an unprecedented bombardment campaign only means something atrocious is about to happen.”

A WIRED review of internet analysis data, social media posts, and Palestinian internet and telecom company statements shows how connectivity in the Gaza Strip drastically plummeted after October 7 and how some buildings linked to internet firms have been damaged in attacks. Photos and videos show sites that house various internet and telecom firms have been damaged, while reports from official organizations, including the United Nations, describe the impact of people being offline.

Damaged Lines

Around the world, the internet and telecoms networks that typically give web users access to international video calls, online banking, and endless social media are a complicated, sprawling mix of hardware and software. Networks of networks, combining data centers, servers, switches, and reams of cables, communicate with each other and send data globally. Local internet access is provided by a mix of companies with no clear public documentation of their infrastructure, making it difficult to monitor the overall status of the system as a whole. In Gaza, experts say, internet connectivity is heavily reliant on Israeli infrastructure to connect to the outside world.

Amid Israel’s intense bombing of Gaza, physical systems powering the internet have been destroyed. On October 10, the United Nations’ Office for the Coordination of Humanitarian Affairs (OCHA), which oversees emergency responses, said air strikes “targeted several telecommunication installations” and had destroyed two of the three main lines of communications going into Gaza.

Israel’s Failure to Stop the Hamas Attack Shows the Danger of Too Much Surveillance

Israel’s Failure to Stop the Hamas Attack Shows the Danger of Too Much Surveillance

Though details of exactly how the attack happened are still emerging, it seems that oversights related to grappling with this signal-and-noise conundrum played a role.

“In retrospect, there was some information, but, like happens in all intelligence failures, it wasn’t given sufficient consideration. It was misunderstood,” says Chuck Freilich, a former Israeli deputy national security adviser. “I think in the last days, from my understanding, there were some warning signs. And actually, the intelligence establishment had been warning for the past about half-year that there was going to be a significant conflict with Hamas, that they were bent on escalating the situation. But then they misread the signs.”

Colin Clarke, the director of research at the Soufan Group, an intelligence and security consultancy, says the Hamas attack would have “required months of preparation” and intelligence failures likely happened with both human intelligence and signals intelligence, where electronic and communications data is collected. “I’m still astonished that a breakdown in intelligence occurred at this level,” Clarke says. “I don’t think anybody, including the Israelis, were prepared for an operation this complex and multi-pronged.”

Crucial intelligence oversights could have happened as the result of numerous intersecting failures, says King’s College London’s Marcus. The Israeli intelligence apparatus may have misunderstood Hamas’s intentions, misread the context of crucial leads, been distracted by Israel’s political efforts with Saudi Arabia, or been grappling with domestic challenges. Israeli forces have complained, for example, of a brain drain from the IDF as individuals get pulled toward the private sector.

“I think that this wasn’t just a military failure—I think that this was a dramatic failure of national leadership,” says Freilich, who authored Israel and the Cyber Threat: How the Startup Nation Became a Global Cyber Power. The ambush calls to mind the outbreak of fighting during Ramadan in October 1973 in which an Arab bloc targeted Israel with a surprise attack on the Jewish holy day Yom Kippur to set off nearly 20 days of fighting.

Palestinians in occupied territories, including the West Bank and Gaza Strip, have faced surveillance and controls for years, with many calling the conditions an apartheid. In September 2021, Israeli forces announced the completion of a 40-mile-long barrier around the Gaza Strip—the sliver of land between Israel, Egypt, and the Mediterranean Sea—that is essentially a “smart wall” equipped with radar, cameras, underground sensors, and an array of other surveillance instruments.