China’s People’s Liberation Army (PLA) has adapted Meta’s open-source AI model, Llama, to create a military-focused tool named ChatBIT. Developed by researchers from PLA-linked institutions, including the Academy of Military Science, ChatBIT leverages an earlier version of Llama, fine-tuned for military decision-making and intelligence processing tasks. The tool reportedly performs better than some alternative AI models, though it falls short of OpenAI’s ChatGPT-4.
Meta, which supports open innovation, has restrictions against military uses of its models. However, the open-source nature of Llama limits Meta’s ability to prevent unauthorised adaptations, such as ChatBIT. In response, Meta affirmed its commitment to ethical AI use and noted the need for US innovation to stay competitive as China intensifies its AI research investments.
China’s approach reflects a broader trend, as its institutions reportedly employ Western AI technologies for areas like airborne warfare and domestic security. With increasing US scrutiny over the national security implications of open-source AI, the Biden administration has moved to regulate AI’s development, balancing its potential benefits with growing risks of misuse.
Canada’s signals intelligence agency has identified China’s hacking activities as the most significant state-sponsored cyber threat facing the country, according to a new threat assessment. The Communications Security Establishment (CSE) highlighted China’s advanced and aggressive cyber campaigns, describing them as highly sophisticated and primarily targeting political and commercial objectives, including espionage, intellectual property theft, and influence operations. This announcement comes amid strained relations between Ottawa and Beijing, fueled by past allegations of Chinese interference in Canada’s electoral process.
The CSE report also noted that Russia’s cyber operations are active in attempts to destabilise Canada and its allies, while Iran poses an additional cyber threat. These findings underscore the ongoing cyber challenges Canada faces from multiple state actors seeking influence and intelligence. The Chinese embassy in Ottawa has not yet commented on the CSE report, and Beijing has historically rejected similar accusations.
Canadian authorities have grown increasingly vocal about foreign interference, with Prime Minister Justin Trudeau previously accusing China of election meddling. Security experts warn that Canada will need to strengthen defenses as geopolitical tensions continue to heighten cyber risks.
China’s Ministry of State Security announced the discovery of foreign spying devices in its waters, including underwater ‘lighthouses’ that could potentially guide foreign submarines. The ministry revealed on its official WeChat account that it had retrieved several types of devices hidden on the ocean floor, gathering real-time data from within China’s claimed territorial waters.
This revelation comes amid rising tensions in the South China Sea, where China and the Philippines dispute territory, increasing the risk of a broader confrontation potentially involving the US. China’s recent military drills around Taiwan have also heightened concerns, as the US and Taiwan have condemned Beijing’s actions.
China claims nearly all of the South China Sea, overlapping areas claimed by other Southeast Asian nations, and has maintained it will not renounce using force over Taiwan. A new phase in the submarine arms race between China and the US and its allies is underway, with Beijing projected to field nuclear-armed submarines by the decade’s end. The ministry affirmed its commitment to defending China’s maritime sovereignty and addressing threats of foreign espionage in its waters.
Linux creator Linus Torvalds has expressed support for removing several Russian maintainers from the Linux kernel project. This decision, announced by prominent developer Greg Kroah-Hartman, has sparked debate within the Linux community. The removals affect 11 Russian developers, largely due to compliance with new sanctions, though specific details of the removals still need to be fully clarified.
Responding to the concerns, Torvalds stated, “If you haven’t heard of Russian sanctions yet, you should try reading the news sometime,” emphasising that the changes will not be reversed.
The Linux kernel, the operating system’s core, is managed by maintainers who oversee code submissions and updates. Kroah-Hartman noted that those removed may return if they provide documentation proving independence from sanctioned entities, especially organisations associated with the Russian government.
This action has stirred reactions among developers, with some accusing the decision-makers of acting contrary to Linux’s open-source principles. Others warned that the decision could lead to future uncertainties about the participation of maintainers in sanctioned regions.
Responding to criticism, Torvalds dismissed the objections as originating from “Russian troll factories” and reaffirmed his stance, citing his opposition to Russian aggression. The move follows broader trends in the tech industry, where major US companies, like Docker Hub and GitHub, have imposed restrictions on Russian users, reflecting the impact of international sanctions on open-source software projects.
Chinese hackers infiltrated Verizon’s phone systems to target devices used by individuals connected to Kamala Harris’s campaign, according to a source. Reports also indicated attempts to breach phones linked to Donald Trump and JD Vance, although Reuters could not confirm this.
Investigators are working to establish whether any communications from Trump or Vance were compromised. While the Trump campaign did not verify the targeting, it acknowledged the issue and criticised Harris, claiming her leadership emboldened cyberattacks from China and Iran.
The Chinese embassy in Washington denied involvement, asserting that China does not interfere in US elections and opposes cyberattacks in any form. The Harris campaign did not provide an immediate response to requests for comment.
The FBI and the US Cybersecurity and Infrastructure Security Agency are currently investigating the incident. Verizon confirmed it was aware of a sophisticated cyberattack aimed at US telecommunications and said it is cooperating with law enforcement.
Georgia‘s secretary of state’s office recently thwarted a cyberattack aimed at crashing the website used by voters to request absentee ballots. The attack, believed to have originated from a foreign entity, involved hundreds of thousands of IP addresses flooding the system with fake traffic. Despite briefly slowing the site, the attack did not disrupt the ability of voters to request ballots, thanks in part to support from cybersecurity firm Cloudflare.
Officials have yet to confirm the foreign origin, though Gabe Sterling, an election official in Georgia, suggested the attack had “the hallmarks of a foreign power.” The FBI and the US Cybersecurity and Infrastructure Security Agency are involved in the investigation. This incident highlights ongoing attempts by hackers, including foreign-linked groups, to interfere with the democratic process as the US presidential election approaches.
Georgia has previously dealt with cyber threats, including a cyberattack in Coffee County earlier this year, underscoring the continuous risk to election infrastructure. However, no cyber activity has affected the actual casting or counting of votes so far.
These artificial avatars would operate on social media and online platforms, featuring realistic expressions and high-quality images akin to government IDs. JSOC also seeks technologies to produce convincing facial and background videos, including ‘selfie videos’, to avoid detection by social media algorithms.
US state agencies have previously announced frameworks to combat foreign information manipulation, citing national security threats from these technologies. Despite recognising the global dangers posed by deepfakes, SOCOM’s initiative underscores a willingness to engage with the technology for potential military advantage.
Experts expressed concern over the ethical implications and potential for increased misinformation, warning of the entirely deceptive nature of deepfakes, with no legitimate applications beyond deceit, possibly encouraging further global misuse. Furthermore, such practices pose the risk of diminished public trust in government communications, exacerbated by perceived hypocrisy in deploying such technology.
Why does it matter?
This plan reflects an ongoing interest in leveraging digital manipulation for military purposes, despite previous incidents where platforms like Meta dismantled similar US-linked networks. It further shows a contradiction in the US’s stance on deepfake use, as it simultaneously condemns similar actions by countries like Russia and China.
The Mekong-US Partnership (MUSP) recently hosted a policy dialogue on online scams, bringing together government representatives from Thailand, the US, and Vietnam. The seminar, held in Bangkok, focused on addressing cybersecurity issues and fostering cooperation to combat online crime across the Mekong region. The event was organised by the Ministry of Foreign Affairs and the Stimson Center, with support from the US Department of State.
Discussions centred around strategies to prevent online scams, enhance risk management, and ensure the security of digital financial systems. Thai officials, including Ekapong Harimcharoen from the Ministry of Digital Economy and Society, highlighted national policies and shared insights with international partners. Participants explored collaborative efforts to build a secure online environment and promote regional connectivity under the MUSP framework.
Thailand is taking significant steps to expand its digital economy, projected to contribute 11% to GDP by 2027. Several laws and initiatives are already in place, such as the Personal Data Protection Act (PDPA) and the Cyber Security Act. These measures aim to protect data, promote responsible AI development, and safeguard critical infrastructure sectors including healthcare, banking, and telecommunications.
With remote work and cloud technologies becoming more prominent, the demand for cybersecurity solutions is growing. Thailand aims to position itself as a regional leader in information and communications technology while tackling the evolving challenges of cybercrime. Cooperation under the MUSP framework is expected to enhance resilience in the digital landscape of the Mekong sub-region.
Russia is using generative AI to ramp up disinformation campaigns against Ukraine, warned Ukraine’s Deputy Foreign Minister, Anton Demokhin, during a cyber conference in Singapore. He explained that AI is enabling Russia to spread false narratives on a larger and more complex scale, making it increasingly difficult to detect and counter. The spread of disinformation is a growing focus for Russia, alongside ongoing cyberattacks targeting Ukraine.
Ukrainian officials have previously reported that Russia’s FSB and military intelligence agencies are behind many of these efforts, with the goal of undermining public trust and spreading confusion. Demokhin stressed that Russia’s disinformation efforts are global, calling for international cooperation to tackle this emerging threat. He also mentioned that Ukraine is using AI to track these campaigns but declined to comment on any offensive cyber operations.
Meanwhile, other Russian cyberattacks are targeting Ukraine’s critical infrastructure and supply chains, seeking to disrupt essential services. Ukraine continues to collaborate with the International Criminal Court on investigating Russian cyber activities as potential war crimes.
A recent Microsoft report claims that Russia, China, and Iran are increasingly collaborating with cybercriminals to conduct cyber espionage and hacking operations. This partnership blurs the lines between state-directed activities and the illicit financial pursuits typical of criminal networks. National security experts emphasise that this collaboration allows governments to amplify their cyber capabilities without incurring additional costs while offering criminals new profit avenues and the security of government protection.
The report, which analyses cyber threats from July 2023 to June 2024, highlights the significant increase in cyber incidents, with Microsoft reporting over 600 million attacks daily. Russia has focused its efforts primarily on Ukraine, attempting to infiltrate military and governmental systems while spreading disinformation to weaken international support. Meanwhile, as the US election approaches, both Russia and Iran are expected to intensify their cyber operations aimed at American voters.
Despite allegations, countries like China, Russia, and Iran have denied collaborating with cybercriminals. China’s embassy in Washington dismissed these claims as unfounded, asserting that the country actively opposes cyberattacks. Efforts to combat foreign disinformation are increasing, yet the fluid nature of the internet complicates these initiatives, as demonstrated by the rapid resurgence of websites previously seized by US authorities.
Overall, the evolving landscape of cyber threats underscores the growing interdependence between state actors and cybercriminals, posing significant risks to national security and public trust.
