Black Hat Europe 2023: Should we regulate AI?

The accelerated pace in the advancement of technology is challenging for any of us to keep up with, especially for public sector policymakers who traditionally follow rather than lead. Last week, the Black Hat Europe conference held in London, provided an opportunity to hear directly from several UK government employees and others, held responsible for advising the UK Government on cybersecurity policy.
All governments seem to suffer from being reactive - to close the stable door after the horse has bolted is a good expression to describe most policy making.
Take as an example the current conversations about artificial intelligence; politicians are being vocal on the need to regulate and legislate to ensure that AI is used ethically and for the benefit of society.
This comes after AI has already been around for many years and used in many technologies in some form.
Another, and maybe better, example is the legislation surrounding consumer-focused Internet of Things devices.
The UK government published a regulation in 2023 that sets out specific cybersecurity requirements for device manufacturers to adhere to, similar laws have emerged from the European Union, and California implemented requirements on manufacturers back in 2020.
Setting out standards and guidance for manufacturers of IoT devices to follow should probably have happened in 2010 when there were fewer than a billion IoT-connected devices - to wait until there were 10 billion devices in 2020, or even worse, when there are close to 20 billion devices in 2023, makes enforcement on what is already in market impossible.
The discussion by the UK government team at Black Hat included that they are now focusing on the standards needed for enterprise IoT devices.
I am certain most enterprises have already made significant investments into connected devices classed as IoT, and that any standard now adopted is impossible to impose retrospectively and will have little to no effect on the billions of devices already in use.
Standards and policy do serve a purpose and one important element is the education of the population on the correct use and adoption of technology.
Using the earlier example of consumer IoT, I am sure most consumers now understand that you need to set a unique password on each device and that it may need frequent software updates to ensure security.
Imagine if policymakers started to legislate on IoT or connected devices back in 2008, before most of us had even considered that we might fill our homes with devices that are connected in real-time.
The media and the voters would have considered the legislators as wasting taxpayer dollars on something we had never even heard of.
In a perfect world though, 2008 would have been a great time to set out standards for IoT devices.
In the same way, the ethical use of AI should have been discussed when tech companies started the development of solutions that take advantage of the technology, not once they started releasing products and services to the market.
This conference session was split into two parts; the first half was used to explain what policies and areas the UK government is focusing on, while the second half was an open question-and-answer session with the attendees.
This latter half was deemed to be 'in the room', allowing the policymakers to have open discussions with attendees without the threat of what was discussed entering the public domain.
In accordance with the wishes of the speakers and the other attendees I will refrain from commenting on what was discussed after the 'in the room' statement was made.
For the record though, and as I did not voice this in the room, I disagree with the implementation of an encryption backdoor.
Before you go: RSA Conference 2023 - How AI will infiltrate the world.


This Cyber News was published on www.welivesecurity.com. Publication date: Tue, 12 Dec 2023 18:43:18 +0000


Cyber News related to Black Hat Europe 2023: Should we regulate AI?

Black Hat Europe 2023 Closes on Record-Breaking Event in London - PRESS RELEASE. LONDON, Dec. 20, 2023 - Black Hat, the cybersecurity industry's most established and in-depth security event series, today announced the successful completion of the in-person component of Black Hat Europe 2023. The event welcomed more ...
11 months ago Darkreading.com
More than $100 million in ransom paid to Black Basta gang over nearly 2 years - The Black Basta cybercrime gang has raked in at least $107 million in ransom payments since early 2022, according to research from blockchain security company Elliptic and Corvus Insurance. The group has infected more than 329 victim organizations ...
11 months ago Therecord.media
Broadcom Merging Carbon Black, Symantec to Create Security Unit - Carbon Black's uncertain future following the closing of Broadcom's $69 billion acquisition of VMware in November is now settled, with the security software business merging with Symantec to form Broadcom's new Enterprise Security Group. The creation ...
8 months ago Securityboulevard.com
Black Basta's ransom haul tops $100M in less than 2 years - The Black Basta ransomware gang has raked in more than $100 million from victims of its double-extortion attacks since its emergence early last year, according to researchers. The haul - which included grabbing $9 million from one victim and more ...
11 months ago Packetstormsecurity.com
Black Basta ransomware made over $100 million from extortion - Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. Over 329 victims ...
11 months ago Bleepingcomputer.com
Black Basta Buster Utilizes Ransomware Flaw to Recover Files - Security research and consulting firm SRLabs exploited a vulnerability in the encryption algorithm of a specific strain of Black Basta ransomware to develop and release a decryptor tool named Black Basta Buster. This tool, released in response to the ...
10 months ago Heimdalsecurity.com
Black Hat Europe 2023: Should we regulate AI? - The accelerated pace in the advancement of technology is challenging for any of us to keep up with, especially for public sector policymakers who traditionally follow rather than lead. Last week, the Black Hat Europe conference held in London, ...
11 months ago Welivesecurity.com
Hyundai Motor Europe hit by Black Basta ransomware attack - Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data. BleepingComputer first learned of the attack in early January, but when we contacted Hyundai, ...
9 months ago Bleepingcomputer.com
Hyundai Motor Europe Grapples with Cyber Threat as Black Basta Ransomware Strikes - A California union and Hyundai Motor Europe both announced separately this week that they had suffered cyberattacks in the past month, resulting in the loss of their data. According to Black Basta, a group that first emerged in 2022 as a ...
9 months ago Cysecurity.news
New Black Basta decryptor exploits ransomware flaw to recover files - Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free. The decryptor allows Black Basta victims from November 2022 to this month to potentially recover their files for ...
10 months ago Bleepingcomputer.com
'Black Basta Buster' Exploits Ransomware Bug for File Recovery - Researchers have exploited a weakness in a particular strain of the Black Basta ransomware to release a decryptor for the malware, but it doesn't recover all of the files encrypted by the prolific cybercriminal gang. Security research and consulting ...
10 months ago Darkreading.com
Increased Cyber Regulation in the Offing As Attacks Mount - BLACK HAT EUROPE 2023 - London - Expect governments to impose greater levels of cybersecurity regulation if businesses cannot defend against major attacks and stop breaches from happening. That's a prediction from Black Hat founder Jeff Moss, ...
11 months ago Darkreading.com
Black Basta Ransomware Group Makes $100m Since 2022 - A prolific Russian-speaking ransomware group has made over $100m from dozens of victims since April 2022, new analysis has revealed. Corvus Insurance used the Elliptic Investigator blockchain forensics tool to lift the lid on the Black Basta group. ...
11 months ago Infosecurity-magazine.com
Black Kite Unveils Monthly Ransomware Dashboards - PRESS RELEASE. Boston, MA - January 24, 2023 - Black Kite, the leader in third-party cyber risk intelligence, today unveiled the industry's first monthly ransomware dashboard, featuring crucial insights for security teams, media, analysts, and other ...
9 months ago Darkreading.com
New Ransomware Threat Hits Hundreds of Organisations Worldwide - Until November 2023, this group with suspected ties to Russia has accumulated ransom payments totaling a minimum of $100 million from over 90 victims. In a recent joint report by the Cybersecurity and Infrastructure Security Agency and the Federal ...
6 months ago Cysecurity.news
Learn How to Decrypt Black Basta Ransomware Attack Without Paying Ransom - Researchers have created a tool designed to exploit a vulnerability in the Black Basta ransomware, allowing victims to recover their files without succumbing to ransom demands. This decryption tool potentially provides a remedy for individuals who ...
10 months ago Cysecurity.news
Red Hat OpenShift Service on AWS obtains FedRAMP "Ready" designation - This means that Red Hat is now listed on the FedRAMP Marketplace as actively pursuing JAB authorization, with additional updates showing our progress and achievements across the two paths for authorization: The existing Agency Authority to Operate ...
8 months ago Redhat.com
Windows Quick Assist abused in Black Basta ransomware attacks - Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks. Microsoft has been investigating this campaign since at least mid-April 2024, ...
6 months ago Bleepingcomputer.com
Toronto Public Library outages caused by Black Basta ransomware attack - The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack. The Toronto Public Library is Canada's largest public library system, giving access to 12 million books through 100 branch libraries across ...
11 months ago Bleepingcomputer.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
6 months ago Bleepingcomputer.com
Microsoft Quick Assist Tool Abused for Ransomware Delivery - Cybercriminals who have been using the Black Basta ransomware have been observed abusing the remote management tool Quick Assist in vishing attacks, Microsoft reports. Active since 2022 and believed to have hit over 500 organizations globally, Black ...
6 months ago Packetstormsecurity.com
CISA: Black Basta ransomware breached over 500 orgs worldwide - CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024. In a joint report published in collaboration with the Department of Health and Human Services and the Multi-State ...
6 months ago Bleepingcomputer.com
Malware botnet bricked 600,000 routers in mysterious 2023 event - A malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that destroyed 600,000 office/home office internet routers offline, disrupting customers' internet access. According to researchers at Lumen's Black Lotus Labs, ...
5 months ago Bleepingcomputer.com
Malware botnet bricked 600,000 routers in mysterious 2023 attack - A malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that destroyed 600,000 office/home office internet routers offline, disrupting customers' internet access. According to researchers at Lumen's Black Lotus Labs, ...
5 months ago Bleepingcomputer.com
Paraguay warns of Black Hunt ransomware attacks after Tigo Business breach - The Paraguay military is warning of Black Hunt ransomware attacks after Tigo Business suffered a cyberattack last week impacting cloud and hosting services in the company's business division. Tigo is the largest mobile carrier in Paraguay, with its ...
10 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)