Russian operatives are intensifying efforts to discredit the upcoming Paris Summer Olympics and undermine support for Ukraine, utilizing both online and offline tactics, according to experts and officials.
Efforts include using AI to create fake videos featuring actor Tom Cruise criticizing the International Olympic Committee and placing symbolic coffins near the Eiffel Tower, suggesting French soldiers in Ukraine.
Analysts note a sense of desperation among Russian propagandists, which aim to tarnish the Olympics and thwart Ukraine’s momentum in procuring Western weapons against Russia.
Not limited to online disinformation, recent stunts include the placement of symbolic coffins near the Eiffel Tower, fueling suspicions of Russian involvement, amidst French President Macron’s consideration of deploying troops to Ukraine, further angering Russia.
With the Paris Olympics approaching, concerns are mounting over potential cyber threats, given Russia’s history of disruptive actions during major events, highlighting the need for heightened vigilance and cybersecurity measures.
Denmark has raised its threat level for destructive cyber attacks from ‘low’ to ‘middle’ due to growing threats from Russia, the Danish Centre for Cyber Security (CFCS) announced on Tuesday. The new level, three on a five-level scale, indicates that while there are actors with the intention and capacity to carry out attacks, there are no specific indications of planned activity.
Defense Minister Troels Lund Poulsen highlighted the increased willingness of Russia to challenge NATO countries through various means, including sabotage and cyber attacks. Despite the heightened cyber threat, Poulsen emphasised that there is no direct military threat to Denmark, based on Danish Defence Intelligence Service assessments.
Smith highlighted that while AI-generated fakes have been increasingly used in elections in countries like India, the United States, Pakistan, and Indonesia, the European context appears less affected. For instance, in India, deepfake videos of Bollywood actors criticising Prime Minister Narendra Modi and supporting the opposition went viral. In the EU, a Russian-language video falsely claimed that citizens were fleeing Poland for Belarus, but the EU’s disinformation team debunked it.
Ahead of the European Parliament elections from June 6-9, Microsoft’s training for candidates to monitor AI-related disinformation seems to be paying off. Despite not declaring victory prematurely, Smith emphasised that current threats focus more on events like the Olympics than the elections. This development follows the International Olympic Committee’s ban on the Russian Olympic Committee for recognising councils in Russian-occupied regions of Ukraine. Microsoft plans to release a detailed report on this issue soon.
Poland has announced plans to allocate over 3 billion zlotys ($760 million) towards strengthening its cybersecurity measures following a suspected Russian cyberattack on the state news agency PAP. The attack, which authorities believe originated from Russia, has raised concerns ahead of the European Parliament elections in Poland. These fears escalated after a false article about military mobilisation appeared on PAP, prompting heightened vigilance against potential interference from Moscow.
Krzysztof Gawkowski, Poland’s digitalisation minister, emphasised the country’s commitment to defending against cyber threats, describing Poland as being on the frontline of the cyber fight against Russia. Gawkowski revealed that Poland had thwarted several cyber attacks on critical infrastructure over the weekend, underscoring the urgency of bolstering cybersecurity measures in the face of ongoing threats.
Amid accusations of Russian attempts to destabilise Poland, the Russian embassy in Warsaw has denied knowledge of the cyberattack on PAP and dismissed allegations of Russian interference. However, Poland has cited incidents of sabotage and arson on its soil, linking them to Russia. Additionally, Polish authorities assert that Russian secret services are actively gathering information on weapons deliveries to Ukraine following Russia’s invasion in February 2022. In response, Poland has announced the re-establishment of a commission to investigate Russian influence, highlighting the country’s efforts to address security concerns and safeguard against external threats.
Cyber-attack can be the act of war. According to the chair of NATO’s military committee, Admiral Rob Bauer,
‘In NATO, we have agreed amongst all allies that, in principle, a cyberattack can be the start of an Article 5 procedure’,
which is a collective defence clause of the North Atlantic Treaty, stating that an armed attack against one or more of the member states is considered an attack against all.’
Admiral Bauer emphasized in his statement at the Shangri-La Dialogue, an annual security conference run by the International Institute for Strategic Studies (IISS) in Singapore, that
‘you come close to the point where you will act upon it in a way that is close to acting on a physical attack.’
It is the major development in ongoing legal and policy debate if countries can take military self-defence actions in the case of cyber-attacks.
In the UN Cybersecurity debates, this discussion is centred around the use of self-defence, according to Article 51 of the UN Charter.
Cyberattacks as triggers for real-life war will open entirely new dynamics in the digital field with far-reaching consequences of applying existing law, protecting critical infrastructure, assuming the responsibility of states for cyber activities on their territory, and regulating tech platforms and other digital actors.
Taiwanese authorities have accused Luxshare Precision Industry, a Chinese Apple supplier, of illegally operating in Taiwan and attempting to poach tech talent. The Ministry of Justice Investigation Bureau identified Luxshare as one of eight companies from China engaging in these illegal activities but provided no further details. The crackdown is part of Taiwan’s broader efforts to protect its high-tech industry from Chinese firms trying to steal expertise and talent.
Additionally, the investigation bureau named Zhejiang Dahua Technology, a video surveillance equipment maker blacklisted by the US in 2019 for its role in the treatment of Muslim minorities in Xinjiang. Zhejiang Dahua allegedly set up covert operations in Taiwan and attempted to obscure its activities by listing employees under a different company name. Both Luxshare and Zhejiang Dahua have not responded to these accusations.
Taiwan, home to semiconductor giant TSMC and a leader in advanced chip manufacturing views these Chinese efforts as a significant threat to its technological edge. The bureau emphasised its commitment to cracking down on illegal operations and talent poaching, warning that it will enforce the law resolutely. This announcement follows a sweep conducted earlier this month targeting suspected illegal activities by Chinese tech firms.
OpenAI, led by Sam Altman, announced it had disrupted five covert influence operations that misused its AI models for deceptive activities online. Over the past three months, actors from Russia, China, Iran, and Israel used AI to generate fake comments, articles, and social media profiles. These operations targeted issues such as Russia’s invasion of Ukraine, the Gaza conflict, Indian elections, and politics in Europe and the US, aiming to manipulate public opinion and influence political outcomes.
Despite these efforts, OpenAI stated that the deceptive campaigns did not see increased audience engagement. The company emphasised that these operations included both AI-generated and manually-created content. OpenAI’s announcement highlights ongoing concerns about using AI technology to spread misinformation.
Meta reported finding likely AI-generated content used deceptively on Facebook and Instagram, praising Israel’s handling of the Gaza conflict in comments under posts from global news organisations and US lawmakers. This campaign, linked to the Tel Aviv-based political marketing firm STOIC, targeted audiences in the US and Canada by posing as various concerned citizens. STOIC has not commented on the allegations.
Meta’s quarterly security report marks the first disclosure of text-based generative AI technology used in influence operations since its emergence in late 2022. While AI-generated profile photos have been identified in past operations, the use of text-based AI raises concerns about more effective disinformation campaigns. Despite this, Meta’s security team successfully disrupted the Israeli campaign early and maintained confidence in their ability to detect such networks.
The report detailed six covert influence operations disrupted in the first quarter, including an Iran-based network focused on the Israel-Hamas conflict, which did not use generative AI. As Meta and other tech giants continue to address potential AI misuse, upcoming elections in the EU and the US will test their defences against AI-generated disinformation.
This potential measure follow broader US restrictions over export of AI chips and manufacturing tools to China. In the same context the US proposed a “know your customer” rule that would require national cloud companies to inform the government when their services are used by foreign entities to train AI models that could potentially be deployed for cyberattacks. The new area of restriction aims to cover AI models and their core software.
The Biden administration’s proposal involves establishing regulatory controls over the export of proprietary or closed source AI models , which are developed and kept confidential by companies like OpenAI and Google DeepMind. Currently, nothing is stopping US AI giants, which have developed some of the most powerful closed source AI models, from selling them to almost anyone in the world without government oversight.
The Commerce Department is reportedly discussing the use of a computing power threshold, which was outlined in a recent AI executive order, to determine which AI models would be subject to export controls. This move is part of a broader effort to maintain technological superiority and manage the risks associated with AI advancements. The proposed controls would primarily target new models that have not yet been released, as existing technologies have not reached the defined thresholds.
These considerations come in response to the rapid development and potential misuse of AI technologies that could be used to enhance cyber and biological warfare capabilities. Recent discussions highlighted by researchers from Gryphon Scientific and the Rand Corporation emphasize that advanced AI models could assist in the development of biological weapons. Additionally, the Department of Homeland Security’s 2024 threat assessment warns that cyber actors are likely to leverage AI to conduct more sophisticated cyberattacks. The U.S. aims to establish a regulatory framework that can keep pace with technological advancements while addressing the complex challenges of effectively implementing export controls. The Commerce Department has yet to finalize any rules, indicating that the discussions are ongoing and that feedback from industry stakeholders will be essential in shaping the final regulatory approach.
Following a major cyberattack last year that saw China-linked hackers infiltrate the US Department of State’s network, the agency has expanded its cybersecurity efforts beyond its reliance on Microsoft. This reinforcement of the defence strategy comes after the breach compromised around 60,000 State Department emails, including those of high-profile officials like Commerce Secretary Gina Raimondo. Criticism was directed at Microsoft, with the Cyber Safety Review Board questioning the company’s transparency regarding the incident.
Kelly Fletcher, the department’s chief information officer, highlighted concerns about the security of corporate networks, emphasising the importance of all vendors ensuring secure systems. The hacking group, identified by Microsoft as Storm-558, obtained access to a digital key, allowing them to breach government inboxes. Despite tensions, the embassy of China in Washington denied any involvement of Chinese government-linked hackers in the attack.
In response to the breach, the US State Department has diversified its vendor portfolio, incorporating companies like Palo Alto, Zscaler, and Cisco alongside Microsoft. While Microsoft managed to revoke the hackers’ access, Fletcher expressed concerns over the potential broader impact of the breach. The department has since bolstered its security measures, including multifactor authentication and data encryption, significantly increasing cybersecurity fundamentals across its systems.
Despite criticism, Microsoft remains a key player in the State Department’s cybersecurity framework. The agency thoroughly analysed its communications with Microsoft following a separate breach linked to Russian hackers, concluding that sensitive information was not compromised. With ongoing efforts to fortify its cybersecurity posture, the State Department aims to mitigate future threats and maintain the integrity of its digital infrastructure.
