The One Where Electrical Grids and High End Law Firms Get Breached

Oh and GPT5 is announced ..

Author

Jan Verhulst
November 17, 2023

BEFORE WE START : CAN WE ASK YOU A QUICK FAVOR? IF YOU DERIVE ANY VALUE FROM THIS NEWSLETTER PLEASE PAY IT FORWARD AND SEND IT TO A FRIEND OR A COLLEAGUE. THANK YOU !!

In 1906, Alfred Henry Lewis stated, “There are only nine meals between mankind and anarchy.”

Imagine what would happen if the lights went out.

Not just for a few hours but for days at at time … with no end in sight.

Your fridge … dead. A puddle of water emerges from under it. Cellphones? Useless. No more information coming in or out. No heating. Hospitals in chaos. Food distribution gone.

It would be utterly terrifying.

On the positive: it would transform communities. You and your neighbors would come together to perhaps pool resources. But you’ll need that .. as the food runs out and the rioting starts.

It’s the absolute nightmare scenario for our modern society.

Russian hacking group Sandworm (believed to be the Russian FSB) is focusing on compromising the electrical grids of other nations. Notoriously in 2014 they took down Ukraine’s power grid for a number of hours in what was later called the ‘sending of a message’.

This week - almost by accident, the Danish CERT discovered that Sandworm had penetrated 22 companies related to the Danish power grid (story below).

The question now is : how many other nations’ power grids are already compromised?

Still don’t think cybersecurity is important and “relevant” to your life? Think again.

Anyway, I like playing the prophet of doom at times and while the incident wasn’t as serious as the situation painted above - it invites you to think things over.

In some more positive news this week both GPT5 and GTA6 (finally!) were announced this week. Find out more below !

[CYBER]
Denmark’s Power Grid Attacked by Russia’s Sandworm

In Denmark, a major cyber attack targeted the country's power grid, affecting 22 companies that provide electricity and heating to about 100,000 people. This attack, believed to be carried out by Sandworm - Russian hackers linked to their military, is considered Denmark's largest cyber-attack to date.

By the way - there is an EXCELLENT book on Sandworm. Interesting read.

The attack took place over several instances in May, with the hackers gaining access through several vulnerabilities in the Zyxel firewalls.

After discovering the breach, the affected companies had to disconnect from the internet to investigate and deal with the attack. Fortunately, this did not disrupt their operations, and it seems the attackers were more interested in gathering information rather than causing immediate harm.

This incident occurred just days after Denmark raised its alert level for cyber threats to very high. It was detected by Denmark's cybersecurity team, who monitor critical infrastructure like electricity and water plants.

There are some key takeaways from this incident. It's important for companies to keep a detailed record of their security systems and regularly check for updates. Sometimes, new security devices might already need updates when they're installed. It's also crucial to continuously monitor for any signs of a cyber attack and to have a plan for quick response. Companies don't always need to manage this alone; they can seek external help and services.

Remember, investing in good cybersecurity is less costly than dealing with the consequences of a breach.

[AI]
GPT5 Announced

GPT5?

OpenAI CEO Sam Altman acknowledged that the company is currently working on sophisticated autonomous software agents as well as GPT-5, which require more data and computer capacity.

Their goal is clear : to develop AGI or “Superintelligence” ahead of everyone else.

The startup is seeking further funding from Microsoft due to the high price of training increasingly complicated AI models.

Altman claims that training will necessitate the collection of additional data, both public and private, in order to enhance the model.

Sam Altman indicated last week at DevDay that this year's announcements would be 'quaint' in comparison to next year's. If GPT-5 is an option... We could be in for an exciting trip.

[Cyber]
Ransomware is getting out of control

Allen & Overy ransomware attack: A ransomware attack has disrupted the activities of Allen & Overy, one of the largest law firms in the world. The company confirmed the incident after members of the Lockbit ransomware gang took credit for the attack. In a post on their dark web leak site, Lockbit has given the company until the 28th of November to pay its ransom demand.

Tunstall cyber-attack: Dutch company Tunstall has advised customers to keep their phones at hand after a cyber-attack has disrupted its personal medical alarm system. The attack took place on Saturday and seems to have lasted few days. Tunstall says the incident is blocking alarms from reaching its control room. Primarily used by the elderly, these are buttons that trigger alerts in the company's control room whenever a customer is facing a healthcare emergency.

ICBC ransomware incident: The LockBit ransomware group claims the US branch of the Industrial and Commercial Bank of China has paid its ransom after LockBit encrypted its systems at the end of last week, shutting down the Chinese bank's ability to honor transactions on the US market.

TSTT ransomware incident: The Telecommunications Services of Trinidad and Tobago, the largest telco in the country, has confirmed it got hacked by the RansomExx ransomware gang at the start of October.

McLaren breach: US healthcare provider McLaren Health says hackers gained access to the private and health data of almost 2.2 million customers after the company suffered a ransomware attack in July. The alleged culprits are the AlphV (BlackCat) gang. The lawsuits against McLaren are piling up.

Australian ports down after cyberattack: Port operator DP World Australia has suspended operations at multiple ports across after a cyber-attack crippled its IT systems. The company says it expects the outage to last for "a number of days." The port terminals in Sydney, Melbourne, Brisbane, and Fremantle are impacted. Ship movements are not affected, but trucks can't load or unload cargo in some of the affected ports. Australian officials say the government's cybersecurity agency is assisting the company's investigation. The incident is suspected of being yet another ransomware attack.

Dragos ransomware claim: The AlphV (BlackCat) ransomware gang (that we just met regarding the McLaren breach) claims it breached the IT systems of cybersecurity firm Dragos through one of its third-party vendors. The gang has listed the company on its dark web leak site in an attempt to force the company to pay a ransom. If confirmed, this would be Dragos' second security breach this year after a similar incident in May.

Dragos denies the hack.

To bring it all together - in the book on Sandworm we talked about - one of the main protagonists is Robert M. Lee - the CEO of Dragos. Dragos is a cybersecurity firm that focus primarily on the security of Industrial Control Systems (ICS) like used on electrical grids. They are high-end and high-profile and therefore a juicy target.

Interesting …

[AI]
The week in AI

A lot of developments again - mostly in the realm of generative AI - but instead of listing them wanted to highlight the developments that are being made on the crossroads of AI and video games.

Games have long been used to train artificial intelligence systems. Think of DeepBlue in Chess and AlphaGo. Later on Google’s DeepMind was using Starcraft II to train AI systems to become vastly better as humans.

Researchers have developed an AI agent called Jarvis-1 that can complete a wide variety of tasks and improve itself within the game of Minecraft.

Like a new player the AI bot is released into the game (Survival mode) without prior knowledge. Things are happening within the game and the bot learns to identify the patterns (sun going down - monsters appearing at night) and adapts to it. Gradually becoming an expert within the game.

The goal of these researchers is not to have a bot “winning” minecraft and slaying the Ender Dragon , but rather Minecraft is the playground where AI’s that can navigate complex environments are being developed and tested.

Same kind of experiments are being held in other games. There is a mod that adds ChatGPT to the vastly popular RPG game Skyrim

Very interesting times ahead.

[Curated Content]
Interesting Stuff We Came Across

[Closing Thoughts]
What We Learned

I know Halloween is past but this was a bit of a scary edition : ransomware on the rise , electrical grids being probed and that weird Skyrim mod that will haunt your dreams.

Until next week,

Signing off.

Reply

or to participate.