As investigations continue, researchers find confirmation in their suspicions of a sprawling attack affecting multiple organizations.

Just a month after the North Korea-linked APT hacker group known as Lazarus targeted 3CX in a supply chain attack, Symantec's researchers have found that two infrastructure organizations as well as two businesses involved in financial trading were affected in the same attack.

The initial compromise that affected 3CX — also known as the X-Trader software supply chain attack and first discovered by Mandiant researchers — was a supply chain compromise that "spread malware via a Trojanized version of 3CX's legitimate software that was available to download from their website." This breach caused customers to download malicious versions of the company's video-calling software.

As the investigation unfolds with new information, the names of the two critical infrastructure organizations affected have not been revealed, but they are in the power and energy sector, in the US and Europe, respectively. The attack seems to be financially motivated; while North Korea-sponsored threat actors engage in cyber espionage, they also go after funds for the regime. 

If important organizations are being targeted now, it could lead to further exploitation in the future, researchers are warning.

"The impact from these infections is unknown at this time — more investigation is required and is on-going," said Eric Chien, director of security response at Symantec, after stating that the attacks occurred between September and November last year.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Critical Infrastructure Organizations Further Affected in 3CX Breach

Getting a handle on the new risks facing AppSec by low-code/no-code development patterns

As low-code and no-code application development platforms gain more currency among business groups seeking speedy workarounds to long development backlogs, concerns about application security loom.

The low-code movement increases software engineering agility by speeding up the work of developers and enabling nontechnical business users to create their own applications and add new features to existing tools without needing to engage the engineering team. Low-code development offers the kind of elegant simplicity that’s irresistible to executives with big digital transformation aspirations.

But that kind of "it just works" opacity sends shudders down the spines of cybersecurity veterans. Any security professional with experience with emerging tech cycles instinctually understands that there be dragons in the waters that lie ahead for low-code/no-code — even if they’ve not yet mapped out exactly what kind of monsters they’re dealing with or where they are just yet.

Michael Bargury, author of the Low-Code/No-Code OWASP Top 10, will explain the exact nature of some of low-code/no-code's biggest security risks at the RSA Conference in San Francisco. Chief among them are patterns of permissioning that could throw many of the investments that organizations have made in role-based access control and identity management right out the window.

**Low-Code's Expected Explosion**

Low-code and no-code technologies provide graphical user interface (GUI) environments that make it possible to design and deploy applications and new features for fast-evolving business use cases without intensive hand-coding. These technologies include low-code application platforms (LCAP), robotic process automation (RPA), and business process automation (BPA), among others. Recent forecasting by Gartner shows that by next year the LCAP market will have doubled its revenue from 2021 and the broader low-code segment will reach nearly $32 billion.

These low-code technologies are being used by development teams to speed up and scale their work, by teams of developers and business stakeholders to improve collaboration on fast-moving digital initiatives, and by a new class of citizen developers who create their own apps without waiting for development resources.

It's that last group that’s fueling the explosion of low-code and no-code platforms and the use of low-code functionality within broader software-as-a-service (SaaS) application ecosystems. Gartner predicts that the overall low-code market will increase by 19.6% in 2023, with the fastest-growing segment being citizen automation development platforms, which are set to increase by over 30%. Analysts with the firm say that developers outside of formal IT departments already make up well over 60% of the low-code user base, and by 2026 citizen developers and other nontraditional application designers are going to make up 80% low-code users.

"Business technologists and citizen technologist personas are developing lightweight solutions to meet business unit needs for enhanced productivity, efficiency, and agility — often as fusion teams," said Jason Wong, distinguished VP analyst for Gartner in a recent low-code forecast by the firm.

**Low-Code's IAM Bombshell**

In the face of all this growth in low-code technology, Bargury is on a mission to warn security executives of the risks it poses to application security and cybersecurity postures in the near- and long-term. One of the biggest risks is the fact that these platforms are rampantly sharing credentials in order to work around strict access controls built by organizations over the years, says Bargury, co-founder and CTO of Zenity, a startup focused on low-code/no-code security.

"Let's say that you already have a SaaS platform and you've built this low-code platform on top of SaaS. Now business users can create their own applications and share those applications with their teams and other employees to use as well. So what would be the number one thing that would stop them from being able to do that in the enterprise?" Bargury says. "The answer is permissions."

As he explains, if a business user wants to create their own app, they need to get permissions granted to that app to give it access to data stores and to get it to integrate with other systems. And to get that, these citizen developers would traditionally need to wait for somebody from IT to grant that. Not only would these app designers probably hear a lot of "nos" from these teams, but just waiting for the provisioning process to run its course would essentially neutralize the whole agility value proposition of using low-code in the first place.

So, to get around this problem, many low-code/no-code platforms allow business users to build applications using their own credentials and identities. When they share those applications to other users for broader use, those credentials are shared by everyone.

"Let's say I work in finance. I build an application, and I implicitly embed my own identity within that application, and now I'm sharing that application with you," Bargury says. "You are using the app and everything works, and it's fine, you have access to data. But the underlying application is actually still using my identity to provide that access. I call this credential-sharing-as-a-service."

And as he puts it, this is a feature that low-code development platforms are proud of and actively marketing because they enable productivity. But obviously from a security perspective it can quickly turn into a nightmare. It could undermine the integrity of role-based access controls, throw off user and entity behavioral analytics, and create huge compliance risks in the future, says Morey Haber, CSO for privileged access management firm BeyondTrust

"Credential-sharing-as-a-service would impact an organization's ability to accurately provide attestation reporting for all identities utilizing the service," Haber says. "Accounts present from a low-code development platform environment would provide an unknown for accurately who has access, including foreign identities."

Chris Hughes, CISO and co-founder of Aquia, says he has a hard time seeing how low-code platforms that handle permissions in this way could possibly be used in secure coding environments.

"They are just not compatible," he says. "In fairness, this is a new risk that is now being exposed for these solutions, and now that this information is public, it needs to be amplified for all organizations to measure the risk and determine if they are violating any laws by using this type of software."

**Yet Another BYOD Scenario**

For his part, Bargury doesn't believe that blocking low-code development is the answer to these risks.

Security professionals who were around during the advent of the iPhone and other consumer-class devices and cloud services will understand that this wave of low-code development will mirror the same challenges they faced in the first days of bring-your-own-device hype. While AppSec pros have to seek ways to effectively manage these risks, there is no way that they're going to do that by stopping the low-code freight train.

"It's like when people started using mobile, and security teams were like, 'Yeah, nobody will ever use mobile with our company data.' We tried to block it, but it didn't work," says Bargury.

Low-code/no-code technology is already more pervasive in the enterprise than many security professionals even realize, he adds

"There are multiple vendors that are pushing this space forward, but some of them are the SaaS vendors, which are building low-code/no-code into their existing offerings," explains Bargury, pointing to vendors like ServiceNow, Salesforce, Microsoft, and many others that have already pushed these features into their enterprise offerings. "This is a crucial point because it means that nobody gets to choose if they will have low-code/no-code or not because it's already there."

Not to mention the fact that business users and executive sponsors love low-code technologies. Low-code platforms are helping them overcome lengthy application feature request backlogs that have plagued their digital transformation efforts for years. The agility and ROI of low-code is something that security practitioners cannot discount. Just like with BYOD, this is a political battle they can't win, Bargury says.

Much of Bargury's talk at RSA Conference will focus on helping AppSec practitioners understand the kinds of security guardrails they can institute around low-code platforms to make them more compatible with broader security and compliance needs of the business.

This includes better vetting of which low-code technologies are in use within the organization, more scrupulous development of policies and configuration around how low-code platforms orchestrate the provisioning of access within the applications they produce, and more robust black-box testing of applications produced by low-code technology.

"I think the worst approach would be to try and block low code because people will just use something else," he says. "The best approach would be to say, 'Here's a few approved platforms. You can do whatever you want in them. There are automated guidelines to help protect you. We got your back. Don't think about security. You are in finance, you are in sales, do your thing.' That's something that we as security practitioners need to be proactive about."

Are Low-Code Apps a Ticking Access Control Time Bomb?

Two federal indictments were unsealed today in the District of Columbia charging a North Korean Foreign Trade Bank (FTB) representative for his role in separate money laundering conspiracies designed to generate revenue for the Democratic People’s Republic of Korea through the use of cryptocurrency.

“The charges announced today respond to innovative attempts by North Korean operatives to evade sanctions by exploiting the technological features of virtual assets to facilitate payments and profits, and targeting virtual currency companies for theft,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division. “We will continue to work to disrupt and deter North Korean actors and those who aid them by following the money on the blockchain and shining a light on their conduct.”

According to court documents, Sim Hyon Sop (Sim), 39, is charged with allegedly conspiring with over-the-counter (OTC) cryptocurrency traders to use stolen funds to buy goods for North Korea and for conspiring with North Korean IT workers to generate revenue through illegal employment at blockchain development companies in the United States.

The first indictment involves a conspiracy between Sim and three OTC traders to launder stolen funds from virtual currency exchange hacks to make payments in U.S. dollars for goods on behalf of the North Korean government. The second involves a conspiracy between Sim and various North Korean IT workers to launder proceeds of illegal IT development work, where the IT workers gained employment at U.S. blockchain development companies using fake identities, and then laundered their ill-gotten gains through Sim for the benefit of the North Korean regime, and in contravention of sanctions imposed against North Korea by the Department of the Treasury’s Office of Foreign Assets Control (OFAC) and the United Nations. Those sanctions were imposed to impede the development of North Korea’s ballistic missiles, weapons production, and research and development programs.

“Today’s indictments reveal North Korea’s continued use of various means to circumvent U.S. sanctions,” said U.S. Attorney Matthew M. Graves for the District of Columbia. “We can and will ‘follow the money,’ be it through cryptocurrency or the traditional banking system, to bring appropriate charges against those who would help to fund this corrupt regime.” 

According to court documents, North Korean national Sim, Chinese national Wu Huihu (Wu), Hong Kong British National (Overseas) Cheng Hung Man (Cheng), and the user of the online moniker live:jammychen0150 (“Jammy Chen”) conspired to launder stolen cryptocurrency and then used those funds to purchase goods through Hong Kong-based front companies on behalf of North Korea. Sim directed these payments, which were made in U.S. dollars, through “Jammy Chen.” “Jammy Chen” then recruited Wu and Cheng, both of whom were OTC traders, to find sham front companies and facilitate the payments to avoid U.S. sanctions against North Korea.

Sim also allegedly conspired to launder funds generated by North Korean IT workers who obtained illegal employment in the tech and crypto industry. These IT workers used fake personas to get jobs, including jobs at U.S.-based companies, and then asked to be paid in cryptocurrencies, such as stablecoins like USD Tether (USDT) and USD Coin (USDC), which are pegged to the U.S. dollar. After receiving payment, they funneled their earnings back to North Korea through Sim.

According to court documents, the Reconnaissance General Bureau (RGB) is North Korea’s primary intelligence and clandestine operations unit, known to have a cyber capability that has come to be known within the cybersecurity community as both Lazarus Group and Advanced Persistent Threat 38 (APT38). APT38 is a financially motivated North Korean regime-backed group responsible for conducting destructive cyber-attacks since at least 2014 to generate revenue for its ballistic missile and WMD programs. Specifically, these North Korean hackers have worked in concert to conduct cyber-attacks against victims located in the United States and around the world, including hacks against financial institutions and virtual asset service providers. North Korean actors have gained unauthorized access to these victim networks as part of their fraudulent scheme through a variety of means, including through spear-phishing messages designed to induce victims to download and execute malicious software developed by the hackers.  

Since 2017, as part of its cyber campaign, North Korean hackers have also executed virtual currency-related thefts to generate revenue for the regime, including through the hacking of virtual asset services providers, such as virtual currency exchanges. A portion of the proceeds from those virtual currency theft and fraud schemes was sent to virtual currency address 1G3Qj4Y4trA8S64zHFsaD5GtiSwX19qwFv, which Sim and his OTC trader coconspirators used to fund payments for goods for North Korea.

To generate revenue for the regime, North Korea also deploys IT workers to obtain illegal employment in the cryptocurrency industry. According to court documents, North Koreans apply for jobs in remote IT development work without disclosing that they are North Korean. These IT workers bypass security and due diligence checks through the false or fraudulent use of identity documents and other obfuscation strategies, such as virtual private networks to hide their true location from online payment facilitators and hiring platforms. The IT workers request payment for their services in virtual currency and then send their earnings back to North Korea via, among other methods, FTB representatives such as Sim.

A third indictment also unsealed today in the District of Columbia separately charges Wu with operating an unlicensed money transmitting business. According to court documents, Wu operated as an OTC trader on a U.S.-based virtual currency exchange and conducted over 1,500 trades for U.S. customers without obtaining the necessary licenses.

The FBI Chicago Field Office and FBI’s Virtual Assets Unit (VAU) are investigating the cases.

The charge of conspiring to launder monetary instruments is punishable by a maximum of 20 years in prison. The charge of operating an unlicensed money transmitting business is punishable by a maximum of five years in prison.

Trial Attorney Jessica Peck of the Justice Department’s National Cryptocurrency Enforcement Team (NCET) and Computer Crime and Intellectual Property Section, Assistant U.S. Attorneys Steven Wasserman and Christopher Tortorice for the District of Columbia, and Trial Attorney Emma Ellenrieder of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the cases. Paralegal Specialists Brian Rickers and Angela De Falco and Legal Assistant Jessica McCormick provided valuable assistance. Significant assistance was also provided by the U.S. Attorney’s Office for the Central District of California, FBI Los Angeles Field Office, Criminal Division’s Money Laundering and Asset Recovery Section, former Special Agent Chris Janczewski of the IRS Criminal Investigation, and former FBI analyst Nick Carlsen.

The NCET was created in October 2021 to combat the growing illicit use of cryptocurrencies and digital assets. Under the supervision of the Criminal Division, the NCET conducts and supports investigations into individuals and entities that enable the use of digital assets to commit and facilitate a variety of crimes, with a particular focus on virtual currency exchanges, mixing and tumbling services, and infrastructure providers. The NCET also sets strategic priorities regarding digital asset technologies, identifies areas for increased investigative and prosecutorial focus, and leads the department’s efforts to collaborate with domestic and foreign government agencies as well as the private sector to aggressively investigate and prosecute crimes involving cryptocurrency and digital assets.

_An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law._

North Korean Foreign Trade Bank Representative Charged in Crypto Laundering Conspiracies

Businesses can now standardize their end-to-end cybersecurity programs on the industry's most secure infrastructure, while retaining choice and vendor optionality.

**SUNNYVALE, Calif.****,** **April 24, 2023** **/PRNewswire/ --** Announced today at RSA Conference, Google Cloud and Mandiant are combining their cybersecurity partner ecosystems to offer the industry's most open, comprehensive, and intelligent platform for customers' end-to-end cybersecurity needs.

The combined ecosystem brings together expertise and technology from Google Cloud, Mandiant, and integrations with more than 100 leading cybersecurity vendors. From incident response through proactive defense, Google Cloud gives organizations the choice and breadth to stay ahead of security threats and eliminate common gaps that plague legacy networks, infrastructure, and tools. Google Cloud is expanding these capabilities even further with new partner integrations that help customers better protect against breaches across cloud environments, and respond more quickly to cybersecurity events when they occur.

"Google Cloud remains fundamentally committed to growing its open cloud ecosystem, ensuring that customers on any cloud platform can protect their businesses with the industry's most advanced security tools," said Sunil Potti, VP and GM of security, Google Cloud. "With Mandiant, we can now build end-to-end security programs that unify our leading threat intelligence and technology with the capabilities of our partners, providing customers with comprehensive solutions that are tailored to their security needs."

"As an organization that's been on the frontlines of some of the most impactful breaches, we recognize that the fight against persistent, global adversaries requires a united defense," said Kevin Mandia, CEO of Mandiant, Google Cloud. "Working alongside our combined, growing network of elite security partners accelerates our ability to help customers around the world to strengthen their security posture and proactively defend against emerging threats."  

**Extending generative AI to partners with Google Cloud Security AI Workbench**  
Google Cloud today announced Security AI Workbench, an industry-first platform that enables security partners to extend generative AI to their products. The platform combines a new, security-specific large language model (LLM) from Google Cloud, Sec-PaLM, with Mandiant's leading frontline intelligence and encompasses vulnerabilities, malware, threat indicators, and more. Partners can easily integrate with the platform via an API (application programming interface) to bring threat intelligence, workflows, and other critical functionality to customers, while retaining enterprise-grade data protections and sovereignty. Security AI Workbench will power new partner offerings that help customers address key security challenges across threats, toilsome tools, and the talent gap.

Learn more about Google Cloud Security AI Workbench here.

**Announcing Accenture managed security services for enterprises**

Google Cloud's ecosystem of global consulting partners provide implementation and managed cybersecurity services for enterprise customers. At RSA, **Accenture** announced that its managed detection and response (MxDR) security service will be enhanced by technologies from Google Cloud, bringing customers a comprehensive security service inclusive of Chronicle security operations and Mandiant Intelligence and Consulting offerings, delivered by thousands of Accenture specialists with expertise building end-to-end security programs for enterprise customers. Accenture will also be the first partner to utilize Security AI Workbench.

**Enhancing incident response and detection with Mandiant and partners**

Mandiant offers the world's most advanced threat intelligence, with industry-leading expertise to help businesses and governments quickly detect, understand, and address security breaches. Now, customers can easily accompany Mandiant's capabilities with purpose-built security solutions from partners including **Crowdstrike**, **SentinelOne**, and**Trellix**, which are fully integrated with Google Cloud. As a result, organizations can deploy the right technology for their needs to proactively protect critical assets after a cybersecurity event.

**Strengthening threat-informed defense across the Mandiant partner ecosystem**

Today, Mandiant also introduced the next phase of its Cyber Alliance program. **Corelight, Nozomi Networks**, **SentinelOne**, and **SnapAttack** are all expanding their capabilities through deeper integrations and unified offerings, enabling Mandiant's security experts to offer the most comprehensive security solutions to customers and help them proactively defend against threats critical to their organization. **Crowdstrike** also announced the general availability of CrowdStrike Falcon for Mandiant Incident Response, which will operationalize endpoint detection to help customers stop and defend against breaches.

**Bringing enterprise-grade identity and device management to Google Workspace**

Google Workspace enables organizations to securely collaborate with embedded, invisible security through client-side encryption, data privacy controls, and integrations with BeyondCorp Enterprise and Chronicle SecOps that automatically block the vast majority of cyber threats. Now, Google Workspace is adding new identity and device management support from **Okta** and **VMware**, enabling large-scale and public sector organizations to adopt FedRAMP-authorized collaboration solutions in a single offering. **JumpCloud** is also offering customers an alternative to Microsoft Active Directory, with centralized identity, access, and device management.

**About Google Cloud**

Google Cloud accelerates every organization's ability to digitally transform its business. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

SOURCE Google Cloud

Google Cloud Announces New Security AI Workbench and Ecosystem Expansion at RSAC 2023

Code property graphs and a threat feed powered by artificial narrow intelligence help developers incorporate AppSec into DevOps.

RSA CONFERENCE 2023 – San Francisco – Application security company Qwiet AI has announced a new threat intelligence feed for its real-time code security analysis tool PreZero to help security teams focus on remediating the fixes that will have the most impact on application security.

The data feed, called Blacklight, analyzes information about exploits that are deployed in the wild. Developers can use the data to see which vulnerabilities to address right away and which ones can wait. Just like a physical black light can reveal where that smell is coming from, Blacklight "exposes what you can't see visually," says Qwiet AI CEO Stuart McClure.

Narrowing the scope of patching is vital, considering the sheer volume of vulnerabilities reported. There were 3,239 high-severity vulnerabilities found in 2022, according to NIST's National Vulnerability Database, putting security teams in the position of having to remediate about 10 a day, every calendar day, to fix just the most serious vulnerabilities. But past research has shown that not all vulnerabilities need to be fixed right away. Only 15% of vulnerabilities get loaded into memory, which suggests 85% aren't reachable by an attacker, according to Sysdig. And of those reachable vulnerabilities, even less are exploitable in practice. In 2022 Qwiet AI, then called ShiftLeft, announced that only 3% of open source vulnerabilities were attackable.

The trick, of course, lies in identifying the 3%. PreZero asks a series of questions to whittle down vulnerabilities to a shorter list of those requiring immediate action: Does the application load the package containing the CVE? Is that package in use by the application? Can an attacker reach that package? And how can the developer mitigate the vulnerability?

A survey of PreZero users found that the new threat feed reduces the average cost per finding by nearly 25%, according to the company.

**Putting Artificial Narrow Intelligence to Work**

PreZero builds a deep neural net out of code property graphs (CPGs), which analyze JavaScript — 58 billion lines of it so far, according to McClure. The CPG is made up of three kinds of data graphs: abstract syntax trees that classify code according to syntax, data flow graphs that map variables from input through to the outputs to see how the data changes, and control flow graphs that track who controls the data and what changes are made.

The artificial narrow intelligence system uses those CPGs to build a model of what good code looks like versus vulnerable code, which it then can apply to new code that's entered into the tool.

"We're gonna go through the typical path, which is the code property graph based on these human-written policies, but we're also going to send that same code sample through our AI model and be able to determine if there's an additional vulnerability in there that the humans didn't catch or the signatures didn't catch," McClure says. "And so that's what really differentiates us."

Qwiet AI shared with Dark Reading a screenshot of a report Blacklight generated on Log4j 2.9.1, one of many versions of the logging utility affected by the Log4Shell vulnerability, to demonstrate the kind of information the feed provides. Potentially the most useful section is remediation advice, which counsels, "Users who want to avoid attacker-controlled JNDI lookups but cannot upgrade to 2.16.0 must ensure that no such lookups resolve to attacker-provided data and ensure that the JndiLookup class is not loaded."

"I've spent my time in the trenches," says Bruce Snell, Qwiet AI director of technical and product marketing. "There's something more visceral about attaching an actual exploit or a threat actor to a vulnerability."

Another interesting feature in PreZero is security insights, which flags code that would open the door to vulnerabilities if it were deployed. That's clearly useful for developers trying to write more secure code, but McClure says the security side also benefits from PreZero.

"The AppSec, cybersecurity, and CISOs would use \[PreZero\] to understand the current state of risk to the business, but then developers use it to actually get the line of code that they need to go fix," he says.

**AI Is Good Business**

Competition does abound. For example, Snyk uses AI in vulnerability scanning, as does GitHub — although the Spider Artificial Intelligence Vulnerability Scanner (SAIVS) falls into the machine learning category.

"We've had this skill shortage for as long as I can remember now, and I think it's actually worse on the AppSec side than it is in the InfoSec side," Snell says. "So having this AI that can, instead of trying to find the needle in a haystack, just produce a stack of needles and say, 'Here's the things that you need to deal with' is going to be huge. And it's really going to be the only way I think that the industry can keep up."

Getting away from signatures is something McClure has been working on since he co-founded Cylance, which he sold to BlackBerry for $1.4 billion in 2018; he's been planning out his vision of the future of AI since at least 2016. To demonstrate his hacking philosophy in action, McClure is co-presenting a technical session "Hacking Exposed — Hacking the Sec into DevOps" with Qwiet AI CTO Chetan Conikee on Wednesday April 26 at 1:15 p.m.

Qwiet AI Builds a Neural Net to Catch Coding Vulnerabilities

Deal strengthens ZeroFox's External Cybersecurity Platform with attack surface management (EASM) and threat intelligence capabilities.

**WASHINGTON, April 17, 2023 (GLOBE NEWSWIRE) --** Today, ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity announced a definitive agreement to acquire LookingGlass Cyber Solutions, Inc., a leader in external attack surface management and global threat intelligence. In today's digital-first world, the rapidly expanding external attack surface has become a veritable playground for cybercriminals and nation-state actors alike, posing an ever-growing threat to enterprise and public sector organizations worldwide. Integrating LookingGlass’s industry-leading attack surface and threat intelligence capabilities into the ZeroFox External Cybersecurity Platform will enable our customers to build a robust security posture by providing world-class visibility into external attack surface assets and vulnerabilities, including improved actionable intelligence to disrupt emergent threats.

As organizations embrace digital transformation, the same externally-available digital platforms these organizations use to do business are equally available to malicious actors, creating new opportunities for exploitation. This escalating threat landscape underscores the urgent need for organizations to adopt comprehensive security strategies emphasizing proactive monitoring, continuous assessment, and remediation of their public attack surface vulnerabilities to defend against the mounting challenges of persistent cyber adversaries.

“The acquisition of LookingGlass is a natural extension of our strategy to provide our customers with a single end-to-end platform for protecting their external attack surface from increasingly sophisticated cyberattacks,” said James C. Foster, Chairman and CEO of ZeroFox. “We are bringing together passionate teams that have been partners for years, and proven world-class capabilities across attack surface management, digital risk protection, threat intelligence and breach response to continue our leadership in external cybersecurity.”

With one of the most comprehensive internet-facing attack surface intelligence data lakes, LookingGlass empowers public sector organizations, large enterprises, and industry security alliances at scale by providing extensive discovery, intelligence and cyber defense capabilities. These unique capabilities allow organizations to identify and assess threats in support of remediation strategies against the most sophisticated cyberattacks. The combination of intelligence and action enables some of the world’s largest organizations to inform their security teams about cyber risks ahead of full-fledged attacks.

“The mission at LookingGlass is to protect our customers by providing unmatched attack surface intelligence for global threat visibility and cyberattack disruption,” said Bryan Ware, CEO of LookingGlass. “Joining ZeroFox allows us to expand the capabilities we provide security teams to defend against cybercriminals and nation-state actors.” Ware, a cybersecurity industry veteran, former Assistant Director of CISA at the Department of Homeland Security, the Nation’s cyber defense operations lead, will join the ZeroFox executive team as part of the transaction.

**Transaction Details**

Under the terms of the agreement, ZeroFox will acquire LookingGlass for approximately $26 million, primarily in stock (9.4 million shares), combined with convertible debt and cash, subject to purchase price adjustments and performance earnouts. The acquisition is expected to close within the next 30 days. ZeroFox will provide additional guidance during the Q1 FY24 earnings call.

Stifel Financial Corp. served as exclusive financial advisor to ZeroFox on the transaction.

**Investor Conference Call Information**

ZeroFox will host a conference call to discuss the acquisition today April 17, 2023 at 8:30 a.m. Eastern Time. To access this call via webcast, please use this link: 

**Learn More**

To learn more about ZeroFox solutions, visit our website. Bookmark the ZeroFox Blog to keep up with our expert coverage on the latest in External Cybersecurity.

**About ZeroFox**

ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, has redefined security outside the corporate perimeter on the internet, where businesses operate, and threat actors thrive. The ZeroFox platform combines advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target your brands, domains, people, and assets. Join thousands of customers, including some of the largest public sector organizations as well as finance, media, technology and retail companies to stay ahead of adversaries and address the entire lifecycle of external cyber risks. ZeroFox and the ZeroFox logo are trademarks or registered trademarks of ZeroFox, Inc. and/or its affiliates in the U.S. and other countries. Visit www.zerofox.com for more information.

**About LookingGlass Cyber Solutions, Inc.**

LookingGlass is the global cybersecurity leader enabling national, industrial, and enterprise-scale decisions with unparalleled, curated intelligence on critical assets, risks, and sectors. For more than a decade, the most advanced organizations in the world have trusted LookingGlass to help them protect their economic and national security interests. Find out how we can help your organization at https://lookingglasscyber.com. 

**Forward-Looking Statements**

Certain statements in this press release are “forward-looking statements” under the Private Securities Litigation Reform Act of 1995. All statements, other than statements of historical fact, that address activities, events or developments that we expect, believe or anticipate will or may occur in the future, including statements related to benefits from the transaction, including expected from revenues and accretiveness of the transaction, and the ability of ZeroFox to achieve its objectives and plans with the acquisition of LookingGlass are forward-looking statements. Forward-looking statements involve risks and uncertainties that could cause actual results to differ materially from those anticipated by these forward-looking statements. The inclusion of any statement in this press release does not constitute an admission by ZeroFox or any other person that the events or circumstances described in such statement are material. These risks and uncertainties include, but are not limited to, the following: our ability to recognize the anticipated benefits of the transaction; the ability of ZeroFox and LookingGlass to consummate the transaction as expected; defects, errors, or vulnerabilities in the ZeroFox platform, the failure of the ZeroFox platform to block malware or prevent a security breach, misuse of the ZeroFox platform, or risks of product liability claims that would harm our reputation and adversely impact our business, operating results, and financial condition; if our enterprise platform offerings do not interoperate with our customers’ network and security infrastructure, or with third-party products, websites or services, our results of operations may be harmed; we may not timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements; our ability to introduce new products and solutions and features is dependent on adequate research and development resources and our ability to successfully complete acquisitions; our success depends, in part, on the integrity and scalability of our systems and infrastructure; we rely on third-party cloud providers to host and operate our platform, and any disruption of or interference with our use of these offerings may negatively affect our ability to maintain the performance and reliability of our platform which could cause our business to suffer; we rely on software and services from other parties; we have a history of losses, and we may not be able to achieve or sustain profitability in the future; if organizations do not adopt cloud, and/or SaaS-delivered external cybersecurity solutions that may be based on new and untested security concepts, our ability to grow our business and our results of operations may be adversely affected; we have experienced rapid growth in recent periods, and if we do not manage our future growth, our business and results of operations will be adversely affected; we face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition, and results of operations; competitive pricing pressure may reduce revenue, gross profits, and adversely affect our financial results; adverse general and industry-specific economic and market conditions and reductions in customer spending, in either the private or public sector, including as a result of inflation and geopolitical uncertainty such as the ongoing conflict between Russia and Ukraine, may reduce demand for our platform or products and solutions, which could harm our business, financial condition and results of operations; the COVID-19 pandemic could adversely affect our business, operating results, and financial condition; if we fail to adapt to rapid technological change, evolving industry standards and changing customer needs, requirements or preferences, our ability to remain competitive could be impaired; one U.S. government customer accounts for a substantial portion of our revenues; and we rely heavily on the services of our senior management team.

Additional information concerning these, and other risks, is described under the “Risk Factors,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations of ZeroFox”, and “Management’s Discussion and Analysis of Financial Condition and Results of Operations of IDX” sections of our final prospectus filed with the Securities and Exchange Commission (the “SEC”) pursuant to Rule 424(b) under the Securities Act of 1933 on April 12, 2023, in connection with our registration statement on Form S-1 and in subsequent reports that we file with the SEC. We expressly disclaim any obligation to update any of these forward-looking statements, except to the extent required by applicable law.

ZeroFox to Acquire LookingGlass, Broadening Global Attack Surface Intelligence Capabilities

**SAN FRANCISCO****,** **April 24, 2023** **/PRNewswire/ --** **RSA CONFERENCE 2023 --** Cisco (NASDAQ: CSCO), the leader in enterprise networking and security, unveiled the latest progress towards its vision of the Cisco Security Cloud, a unified, AI-driven, cross-domain security platform. Cisco's new XDR solution and the release of advanced features for Duo MFA will help organizations better protect the integrity of their entire IT ecosystem.

**Threat Detection and Response****

Cisco's XDR strategy converges its deep expertise and visibility across the network and endpoints into one turnkey, risk-based solution. Now in Beta with General Availability coming in July 2023, Cisco XDR simplifies investigating incidents and enables security operations centers (SOCs) to immediately remediate threats. The cloud-first solution applies analytics to prioritize detections and moves the focus from endless investigations to remediating the highest priority incidents with evidence-backed automation.

"The threat landscape is complex and evolving. Detection without response is insufficient, while response without detection is impossible. With Cisco XDR, security operations teams can respond and remediate threats before they have a chance to cause significant damage," said Jeetu Patel**, Executive Vice President and General Manager of Security and Collaboration at Cisco.** "Cisco continues to ensure that 'if it's connected, you're also protected.' We are uniquely positioned to deliver integrated solutions that simplify securing today's increasingly complex, hybrid multi-cloud environments without compromising user experience."

While traditional Security Information and Event Management (SIEM) technology provides management for log-centric data and measures outcomes in days, Cisco XDR focuses on telemetry-centric data and delivers outcomes in minutes. It natively analyzes and correlates the six telemetry sources that Security Operations Center (SOC) operators say are critical for an XDR solution: endpoint, network, firewall, email, identity, and DNS. On the endpoint specifically, Cisco XDR leverages insight from 200 million endpoints with Cisco Secure Client, formerly AnyConnect, to provide process-level visibility of where the endpoint meets the network.

"The true measure of XDR is its ability to deliver actual security outcomes, real and measurable benefit to organizations — early detection, impact prioritization, and effective and efficient response," said Frank Dickson**, Group Vice President, Security & Trust, IDC.** "True results need to be quantifiable numerically and not just qualitatively described with words. Cisco XDR delivers a clear framework for enabling organizations to achieve such tangible outcomes."

In addition to Cisco's native telemetry, Cisco XDR integrates with leading third-party vendors to share telemetry, increase interoperability, and deliver consistent outcomes regardless of vendor or technology. The initial set of out-of-the-box integrations at general availability include:

*   **Endpoint Detection and Response (EDR)**: CrowdStrike Falcon Insight XDR, Cybereason Endpoint Detection and Response, Microsoft Defender for Endpoint, Palo Alto Networks Cortex XDR, SentinelOne Singularity, Trend Vision One
*   **Email Threat Defense:** Microsoft Defender for Office, Proofpoint Email Protection
*   **Next-Generation Firewall (NGFW):** Check Point Quantum, Palo Alto Networks Next-Generation Firewall
*   **Network Detection and Response (NDR):** Darktrace DETECT™ and Darktrace RESPOND™,  ExtraHop Reveal(x)
*   **Security Information and Event Management (SIEM):** Microsoft Sentinel

"Throughout Logicalis' decades-long pursuit to becoming a world class integrator; we have recognized the impact extensibility can have on the viability and efficacy of any solution," said Brad Davenport**, Vice President of Technical Architecture, Logicalis**. "With the launch of Cisco XDR, we can finally provide our customers with XDR outcomes as a solution or managed offering. We see this as a natural progression for us along the security maturity journey. Logicalis is very excited to put our combined expertise to work for our clients and offer Cisco XDR to help them achieve their business outcomes."

**Zero Trust and Access Management**

As attackers increasingly target gaps in weaker multi-factor authentication (MFA) implementations, Cisco is redefining what is essential for access management. Every business needs three key pillars for its access management strategy: enforcing strong authentication, verifying devices, and reducing the number of passwords in use. This is why, beginning on May 1st, Cisco is adding Trusted Endpoints to all its paid Duo Editions. Previously just available in Duo's highest tier, Trusted Endpoints allows only registered or managed devices to access resources. By delivering Trusted Endpoints alongside Single Sign On, MFA, Passwordless, and Verified Push within the entry-level Duo Essentials edition, Cisco is delivering the most secure, cost-effective, and user-friendly access management solution on the market.

To learn more, visit Cisco.com/go/security.   

**Supporting Quotes**

"Darktrace DETECT and RESPOND, parts of the Darktrace Cyber AI Loop, can quickly contain and disarm threats, whether known or unknown, and with a high degree of fidelity. Our collaboration with Cisco will provide our mutual customers with added visibility into security incidents and actions across cloud, network and OT," said Mattheus Bovbjerg**, Vice President of Integrations, Darktrace.** We look forward to expanding this collaboration to additional coverage areas including email and SaaS applications in the future."

"As organizations embrace the network as the essential source for cybertruth, our partnership with Cisco offers enterprises the ability to integrate ExtraHop with best-of-breed products for a more comprehensive view of their IT environments," said Jesse Rothstein**, Chief Technology Officer and Co-Founder, ExtraHop**. "Joint customers will benefit from ExtraHop's enterprise-grade, high–fidelity detections with network decryption and support for more than 80+ protocols, while also seamlessly integrating with log and endpoint solutions to achieve more streamlined investigations."

"SentinelOne is excited to team with Cisco to deliver market-leading solutions that allow our joint customers to push the boundaries of security," said Akhil Kapoor**, Vice President of Technology Partnerships and Business Development, SentinelOne**. "We look forward to integrating our EDR and Cloud Workload Protection (CWPP) solutions with Cisco to help organizations of all sizes secure tomorrow today."

"Our vision for XDR is to provide customers with a comprehensive, consolidated view of their security posture, enabling them to respond to threats quickly and effectively," said Mike Gibson**, Senior Vice President of Global Services and Customer Success, Trend Micro**. "The integration with Cisco XDR is a significant step forward in the evolution of cybersecurity. By leveraging the strength of both solutions, we are able to offer our customers a unified solution that expands telemetry insights to gain a greater perspective of their security environment enabling them to detect threats faster and respond more effectively."

**Additional Resources**

*   **Blog**: XDR and the Importance of Cross-Domain Correlated Telemetry
*   **Blog**: Simplify Your Security Operations with Cisco XDR, Launching at RSAC
*   **Blog**: Raising the Bar: Duo Redefines What is Essential for Access Management 

**About Cisco** 

Cisco (NASDAQ: CSCO) is the worldwide leader in technology that powers the Internet. Cisco inspires new possibilities by reimagining your applications, securing your data, transforming your infrastructure, and empowering your teams for a global and inclusive future. Discover more on The Newsroom and follow us on Twitter at @Cisco. 

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. 

SOURCE Cisco Systems, Inc.

**

Cisco Unveils Solution to Rapidly Detect Advanced Cyber Threats and Automate Response

Consider adding some security-through-obscurity tactics to your organization's protection arsenal to boost protection. Mask your attack surface behind additional zero-trust layers to remove AI's predictive advantage.

If you read articles about how threat actors can use artificial intelligence (AI), you've probably noticed they fall into two categories: improving deception capabilities and automating malicious coding.

The first case argues that generative AI using large language models (LLMs) can create phishing and smishing lures that are more believable (registration required). Given that 90% of successful cyberattacks begin with phishing, AI improving deceptive lures is cause for major concern. Imagine the convincing communications the new GPT-4 model, which hired people to solve Captcha challenges for it, might write.

The second topic, AI writing malware (which it has done), strikes me as less disturbing. In this case, experts argue that LLMs may write polymorphic malware or make it easier for less-skilled adversaries to create malicious code. However, we live in a world where over 450,000 new variants of malware and potentially unwanted applications (PUAs) are registered every day. It's hard to see how low-skilled users adding to that number would significantly change the threatscape. Simply creating more malware is an easily automated task. AI must create better malware to pose a greater threat.

**Adversarial AI Threat Potential**

I think the threat potential of adversarial AI is far greater than today's double whammy of _better phishing_ and _more malware_. Take a moment to put on your threat actor hat and envision what malicious AI might soon achieve. What tools do adversaries typically use, and can well-trained AI improve their effectiveness?

**Training AI to Hack**

Consider the untapped AI training potential of vulnerability scanning tools such as Acunetix or exploitation frameworks such as Metasploit. These tools automate the reconnaissance and exploitation stages of the cyber kill chain. Today, these tools require human guidance and direction. Advanced persistent threats (APTs) using them to target organizations are focused on the environment of a single victim. The tools do much of the lifting, but people must interpret the results and react accordingly. What if these programs simply supplied their information to a larger data lake for AI to ingest?

We can see how LLMs use massive data sets to create effective, generative AI. The GPT-3 model is advanced enough to predict syllable and word combinations, then construct seemingly intelligent responses to queries. AI can write an essay, haiku, or report on any topic with a simple prompt. Of course, the model doesn't actually know what it's saying. It has simply trained on language data long enough to accurately predict which word should come next in a response.

Imagine an AI that trains on security exploitation as deeply as LLMs train on language. Picture an AI training on all known CVEs, the NIST Cybersecurity Framework, and the OWASP Top 10 as part of its core data set. To truly make this AI dangerous, it should also train on data lakes generated by popular hacking tools. For example, use Nmap for a few million networks and train the AI to recognize correlations between open ports, OS versions, and domains. Run Nessus vulnerability scans in thousands of environments and feed the results to the AI to "learn" patterns of enterprise security flaws. This approach may be beyond the reach of small-time hackers but is certainly within the grasp of state-sponsored threat groups and governments.

Once this malicious AI is well-trained, it may predict vulnerable software and hardware combinations as accurately as ChatGPT chooses words. It may scan an environment, detect several problems, and return a ranked list of possible exploitation techniques. Or it could compromise the environment, then hand access over to threat actors. While better phishing and more malware present immediate problems, they are negligible compared with the potential dangers of a fully weaponized AI.

**Security Through Obscurity**

Fortunately, organizations can mitigate much of the threat posed by malicious AIs by hiding business infrastructure. As defined by Gartner, zero-trust network access (ZTNA) solutions offer a resilient defense. Think of a cloud-based zero-trust environment as a proxy between users and business resources. Using this configuration, apps, data, and services are hosted on a network separate from users. To access business resources, users must go through an app connector that performs extensive identity analysis. Once a user passes identity and context verifications, the proxy architecture connects them directly to the resource in the cloud.

It's important to note that users are never granted access to the network that hosts the apps, data, and services. They're only connected to the single resource requested in the verified transaction. This approach hides the rest of the network infrastructure and available resources from the secured session. There is no opportunity for an initiator to perform lateral movement, or larger reconnaissance of the environment.

This approach hamstrings adversarial AI trained to discover vulnerabilities in an enterprise environment. With business infrastructure hidden behind a secure cloud-proxy service, the AI cannot see the environment, or know what is exploitable. The AIs ability to find exploitation opportunities relies upon it having an extensive overview of the hardware and software running the business infrastructure.

What about users? An adversarial AI may crack an individual endpoint, such as a laptop or home router. However, controlling these devices does little to offer AI access to the larger business environment. Compromised devices and identities must still pass context analysis before connecting to resources. Access requests will be denied if they come at an odd time or display other suspicious features. If the AI can reasonably mimic a legitimate request from a compromised identity, it is limited to accessing the handful of resources available to that user.

This identity-level ZTNA approach to access eliminates much of an organization's attack surface and minimizes the danger of what remains — moving organizational infrastructure behind a cloud-based zero trust exchange strips adversarial AI of its predictive and knowledge-based advantage. Organizations can achieve security through obscurity by hiding everything malicious AI knows how to exploit.

Cybersecurity Survival: Hide From Adversarial AI

As email attackers move to more targeted and sophisticated attacks, email security needs to understand the organization, not past attacks, to keep up with attacker innovation and stop novel threats on the first encounter.

In an evolving threat landscape email remains the primary target for cyberattacks, and traditional methods of email security are no longer adequate. Solutions that rely on historical attack data can only catch what they've seen before and remain inevitably on the back foot, racing to match the pace of innovation of cybercriminals — in fact, they take an average of 13 days to recognize novel attacks.\*

**An Escalating Threat Landscape**

Phishing attacks are advancing in frequency and sophistication as attackers experiment with two key ingredients: malware delivery and social engineering. Regarding delivery, there is a surge in cybercriminals "hitching a ride" off legitimate infrastructure like OneDrive and SharePoint to conceal malware, exploiting their trusted reputations to bypass security tools. On the human side, attackers are using generative AI technologies to impersonate trusted contacts — including damaging business email compromises and realistic spear-phishing. Worryingly, Darktrace found that the average linguistic complexity of phishing emails has increased by 17% since the release of ChatGPT.  

These trends demonstrate a shift in the attack landscape: from high-frequency, low-impact, generic phishing tactics to more targeted, sophisticated, and higher-impact attacks that can evade security tools relying on rules and signatures.

    

Figure 1: The progression of attacks and relative coverage of email security tools.

What's more, email security for the digital age needs to stretch beyond the inbox, for a full picture of every user across their email, account, and apps. Effectively, tools that only focus on blocking known threats from the inbox are no longer enough.

**The Industry Picture**

Traditional gateways and many modern integrated cloud email security (ICES) providers have something in common: They look to previous threat intelligence in order to predict the next attack. Some newer vendors apply AI to this flawed approach, looking for direct matches and using "data augmentation" to identify similar-looking emails. Despite leveraging AI, this approach is still historically focused and therefore blind to novel threats.

These tools are also resource-intensive, requiring continuous policy maintenance and manual triage of held-but-legitimate emails. The stage is set for email security that autonomously separates bad from good and continuously adapts to every organization — technology that fits the definition of "set and forget".

**The Shift Toward Behavioral AI**

The industry is experiencing a seismic shift from "secure" email gateways to intelligent AI-driven approaches.

Only a complex understanding of each employee's everyday interactions can accurately determine whether or not an email belongs in their inbox. This approach understands behaviors — how each person uses their inbox and what constitutes 'normal' for each user — in order to detect what's not normal.

Within the threat landscape, this approach builds on native email security to tackle the high-level attacks that use novel or seemingly legitimate infrastructure.

    

Figure 2: Native email security plus AI covers more types of attacks.

Full confidence in detection allows for a precise and targeted response — action that removes only the riskiest parts of an email rather than taking a blanket ban out of caution — to minimize risk without disrupting normal business operations.

**A Full Picture for Every User**

Existing email tools focus solely on inbound email, which doesn't take into consideration the significant potential damage of an account compromise. Today's email security can't be limited to the inbox alone — it needs to comprise a full understanding of a user's behavior across email and beyond.

To have complete context of a single user, it's crucial to understand their activity on apps, networks, and devices for a full-picture view of identity-based attacks. Understanding a user in the context of their organization — including network, cloud, and endpoint data — connects email security with the enterprise and external attack surface for a richer picture of potential attacks.

**Bringing the End User Into the Loop**

In the digital age, security is everyone's responsibility. Email security needs to educate and engage employees at the right level, giving them the context they need to make the right decisions, without overwhelming them or giving them too much control.

The tools that succeed best will be those that can leverage AI to improve employees' security consciousness — with contextual banners, explainable digests, and bespoke actions to neutralize risky elements — bringing the end user into the loop to harden defenses. By empowering employees with information, while still leaving critical decisions to the security team, organizations can further strengthen their security posture, while lifting security teams out of firefighting mode towards higher-level more strategic decision-making .

The new frontline of email security fights cybercrime with intelligent AI, and organizations that fail to get ahead of the curve may end up paying the price. For CISOs, the question is not if they should upgrade their email protections, but when – how much longer can they risk depending on email security that's stuck in the past?

**About the Author**

    

As VP of Product at Darktrace, Dan Fein has helped customers quickly achieve a complete and granular understanding of Darktrace's product suite. Dan has a particular focus on Darktrace email, ensuring that it is effectively deployed in complex digital environments, and works closely with the development, marketing, sales, and technical teams. Dan holds a bachelor's degree in computer science from New York University.

\*Thirteeen days mean average of phishing payloads active in the wild between the response of Darktrace/email compared to the earliest of 16 independent feeds submitted by other email security technologies. (https://darktrace.com/news/darktrace-email-defends-organizations-against-evolving-cyber-threat-landscape)

The New Frontier in Email Security: Goodbye, Gateways; Hello, Behavioral AI

Is Elon Musk's "maximum truth-seeking AI" achievable? Overcoming bias in artificial technologies is crucial for cybersecurity, but doing it could be a challenge.

Concerns over bias in emerging artificial intelligence (AI) tools received a fresh airing recently when billionaire Elon Musk talked about his plans to create a "maximum truth-seeking AI" as an alternative to OpenAI's Microsoft-backed ChatGPT and Google's Bard technologies. 

In an interview with Fox News' Tucker Carlson earlier this month, Musk expressed concern over what he described as ChatGPT being trained to lie and to be politically correct, among other things. He described a so-called "TruthGPT" as a third option that would be unlikely "annihilate humans," and would offer the "best path to safety" compared with the other generative AI tools.

Musk has offered no timetable for his planned chatbot. But he has already established a new AI firm called X.AI, and has reportedly begun hiring AI staff from ChatGPT creator OpenAI as well as from Google and its parent, Alphabet.

Meanwhile, of course, AI bias affects cybersecurity risk as well. 

**Surfacing a Familiar Concern**

Musk's comments to Carlson echoed some of the sentiments that he and hundreds of other tech leaders, ethicists, and academicians expressed in an open letter to AI companies in March. The letter urged organizations involved in AI research and development to pause their work for at least six months, so policymakers have an opportunity to put some guardrails around the use of the technology. In making their argument, Musk and the others pointed to the potential for biased AI tools flooding "our information channels with propaganda and untruth" as one of their main concerns.

Suzannah Hicks, data strategist and scientist at the International Association of Privacy Professionals (IAPP) says the fundamental problem with bias in AI and machine learning is that it stems from human decision-making. All AI models learn from extremely large data sets and are not programmed explicitly to respond in specific ways. Typically, bias happens in the data that humans choose to input into the model.

"If biased data is entered into the model, then the output will likely contain bias as well," Hicks says. "Bias can also be introduced through data omission or by data scientists choosing a variable as a proxy for something other than what the data element is," she says. As an example, Hicks points to a machine learning algorithm that might take the number of "clicks" a user makes when browsing Netflix as a proxy for a positive indicator. "I may be clicking on movies to read their description and decide I don’t like it, but the model may misinterpret the click as an indicator of a 'like,'" she says.

Similarly, a lending service that uses AI to determine credit eligibility might end up denying a disproportionately high number of loans to people in a high-crime ZIP code if the ZIP code was part of the data set in the AI tool's learning model. "In this case, the ZIP code is being used as a proxy for human behavior, and by doing so produces a biased result," Hicks says.

Andrew Barratt, vice president at Coalfire, says his own testing of a text-to-image generation tool provided one example of the bias that exists in emerging AI technologies. When he asked the tool to generate a photorealistic image of a happy man enjoying the sun, the tool only generated Caucasian skin tones and features, though the input he provided contained no racial context. He says one concern going forward is that providers of AI platforms seeking to monetize their technologies could introduce bias into their models in a way that is favorable to advertisers or platform providers.

Whenever you monetize a service, you typically want to maximize the monetization potential with any further evolution of that service, says Krishna Vishnubhotla, vice president of product strategy at Zimperium. Often that evolution can start deviating from the original goals or evolution path — a concern that Musk vocalized about ChatGPT in his interview with Carlson. "Herein lies the issue that Elon talks about," Vishnubhotla says.

**Cybersecurity Bias in Artificial Intelligence**

While Musk et al didn't specifically call out the implications of AI bias on cybersecurity, that's been a topic for some time, and it's worth revisiting in the era of ChatGPT. As Aarti Borkar, a former IBM and Microsoft executive and now with a venture capital fund, noted in a groundbreaking column for Fast Company in 2019, with AI becoming a prime security tool, bias is a form of risk.

"When AI models are based on false security assumptions or unconscious biases, they do more than threaten a company’s security posture," Borkar wrote. "AI that is tuned to qualify benign or malicious network traffic based on non-security factors can miss threats, allowing them to waltz into an organization’s network. It can also over-block network traffic, barring what might be business-critical communications."

With ChatGPT being enthusiastically introduced into cybersecurity products, the risk of faulty hidden bias could contribute even more to false positives, abuse of privacy, and cyber defense that has gaping holes. And to boot, cybercriminals could also poison the AI to influence security outcomes.

"If the AI were to be hacked and manipulated to provide information that’s seemingly objective but is actually well-cloaked biased information or a distorted perspective, then the AI could become a dangerous … machine," according to the Harvard Business Review.

So the question becomes whether there really can be completely unbiased AI, and what it would take to get there.

**Eliminating Bias in AI**

The first step to eliminating data bias is to understand the potential for it in AI and machine learning, Hicks says. This means understanding how and what data variables get included in a model.

Many so-called "black-box" models, such as neural networks and decision trees, are designed to independently learn patterns and make decisions based on their data sets. They don't require the user or even the developer to fully understand how it might have arrived at a particular conclusion, she says. 

"AI and machine leaning rely on black-box models a great deal, because they can handle vast amounts of data and produce very accurate results," Hicks notes. "But it’s important to remember they are exactly that — black boxes — and we have no understanding of how they come to the result provided."

The authors of a World Economic Forum blog post last October argued that open source data science (OSDS) — where stakeholders collaborate in a transparent way — might be one way to counter bias in AI. Just as open source software transformed software, OSDS can open up the data and models that AI tools use, the authors said. When data and AI models are open, data scientists would have an opportunity to "identify bugs and inefficiencies, and create alternate models that prioritize various metrics for different use cases," they wrote.

**The EU's Proposed AI Risk Classification Path**

The European Union's proposed Artificial Intelligence Act is taking another approach. It calls for an AI classification system in which AI tools are classified based on the level of risk they present to health, safety, and an individual's fundamental rights. AI technologies that present an unacceptably high risk, such as real-time biometrics ID systems, would be banned. Those deemed as presenting limited or minimal risk, such as video games and spam filters, would be subject to some basic oversight. High-risk AI projects, such as autonomous vehicles, would be subject to rigorous testing requirements and show evidence of adherence to specific data quality standards. Generative AI tools such as ChatGPT would be subject to some of these requirements as well.

**The NIST Approach**

In the US, the National Institute of Standards and Technology (NIST) has recommended that stakeholders broaden the scope of where they look when searching for sources of bias in AI. In addition to machine learning processes and the data used in training AI tools, the industry should consider the societal and human factors, NIST said in a special publication on the need for standards to identify and manage bias in AI. 

"Bias is neither new nor unique to AI and it is not possible to achieve zero risk of bias in an AI system," NIST noted. To mitigate some of the risk, NIST will develop standards for "identifying, understanding, measuring, managing, and reducing bias."

Source

DARKReading