Has the US government lost its mind? In dealing with cybersecurity? Google Gemini collects your browser history to personalize service for you. When the FBI comes knocking and Captchas that spread malware, this is cybersecurity today. I'm your host, Jim Love. We've all been sneered at when proposing what we think is a realistic budget for cybersecurity by the same executives who will tell you later, cost is no object when you're under attack and it's too late.
But few of us have had to question the sanity of executives who would try to get us to actually stop monitoring threats, Yet in a move that has raised eyebrows across the cybersecurity community, US Defense Secretary, Pete Hegseth, recently ordered US Cyber Command to halt all offensive cyber operations against Russia.
This decision aligns with President Trump's efforts to reset diplomatic relations with Moscow, but has sparked a significant debate about its practicality as well as its potential risks. Cybersecurity experts question the feasibility of ceasing offensive cyber operations against Russia. Jacob Williams, a noted cybersecurity professional, argues that such a directive is both impractical and dangerous.
He points out that from a practical point of view, the actual location of an attacker is one of the last things to be validated. Cyber threat actors often operate through proxies and employ sophisticated obfuscation techniques, making it challenging to attribute attacks directly to any country, not just the Russian state.
Williams emphasized that without continuous monitoring and engagement, distinguishing between state-sponsored and independent cyber threats becomes nearly impossible, plus, if it became known that Russian attackers were not monitored. It wouldn't take long before all cyber attackers would spoof Russian identities. As Williams has noted in his various posts on LinkedIn and Blue Sky, he said, I try not to be a, our administration is obviously compromised, kind of guy.
I'm struggling though to come up with any other explanation because this is stupid. Even signaling it has already hurt US security. It's hard to disagree. The suspension of offensive cyber operations against Russia could have far reaching implications for US. National security experts warned that this pause might embolden Russian cyber actors leading to an increase in cyber attacks on US infrastructure.
Given Russia's history of cyber activities, including ransomware attacks and government hacking, the decision to halt operations raises concerns about the nation's preparedness to counter ongoing and future cyber threats. Google's AI assistant Gemini has introduced a feature that personalizes responses by accessing user search histories. This integration aims to provide more tailored and relevant answers based on individual user behavior.
When users grant permission and they have to Gemini analyzes past search queries to inform its responses. For instance, if you've recently searched Italian restaurants, Gemini might suggest new dining options or recipes that align with your interests. This personalization extends to other.
Google apps such as YouTube and in the near future Google Photos, allowing Gemini to offer insights based on your activity across all these platforms, recognizing privacy concerns, Google has made this feature optional. Users can choose to enable or disable Gemini's access to their search history and app data. Additionally, Gemini displays its reasoning process, offering transparency into how it formulates responses.
Users can review and manage their data through the Gemini app, ensuring control over their personalized experiences. the enhanced personalization features are currently available to Gemini and Gemini advanced subscribers on the web with a gradual rollout plan for mobile users in over 40 languages. Google says they continue to enhance Gemini integration with various services aiming to provide a seamless and intuitive user experience by leveraging search history and app activity.
Google offers to deliver more personalized and contextually relevant responses. True. I, however, would be more comfortable with a statement from Gemini that it anonymized my data, encrypted it, stored it only on my machine, and did not use it to train its overall model. We've seen this movie before with social media and with online advertising with AI, it's even more scary.
In November, 2023, Nick Lawler, general Manager of the Littleton Electric Light and Water Department in Massachusetts received an unexpected call from the FBI agents informed him that the department's network had been compromised by Volt Typhoon, a Chinese state-sponsored hacking group. Initially skeptical Lawler dismissed the call, suspecting it was a scam. Smart move actually. So he went back and did the proper thing and called the FBI directly and verified the agent's credentials.
And that's when he arranged a meeting with the real FBI agent and the Department of Homeland Security at his office. During the meeting, federal officials revealed that the department was among approximately 200 utilities targeted by Volt Typhoon. , the attackers had infiltrated the utilities network, potentially positioning themselves to disrupt critical infrastructure. This incident highlighted the vulnerability of smaller utilities, which despite their size, are still integral.
Components of the national power grid Lawler's experience underscores the evolving nature of cyber threats, where even modestly sized utilities are not immune to sophisticated attacks. It also emphasizes the importance of vigilance and collaboration between local utilities and federal agencies to safeguard critical infrastructure. Now, congratulations to the publication, the register that featured this story and put a human face on a growing problem.
our infrastructure in the US and Canada is exceptionally vulnerable. And if the bad guys haven't done something yet, it's not because they can't, it's because they are still rehearsing. And to those who want to cut government services like the FBI or cisa, or law enforcement and security agents everywhere, this is why we should be investing, not cutting. Finally, cyber criminals are deploying fake capture tests to trick users into installing malware, and we've all seen them.
You click on the pictures, you try to read some type, you can't read it, you type it in It doesn't work. You do something else to prove you're not a robot. You know what I mean? Forget the fact that these are painful. They're also mostly useless. AI routines have beat most Captcha in common use, but now they have another function introducing malware to your computer and here's how the scam works.
While browsing, you're prompted to complete a Captcha to prove your human, unlike legitimate Captchas, these fakes include a few extra instructions. You don't type the letters, they say or pick the picture. You've heard that these Captchas don't work, so you're willing to try something new. You'll see that this one is clever. You have to hit some keys on your keyboard. You hit win plus RTR plus V, and then just finally enter and it pastes in the phrase, I am not a robot.
And maybe by now a light went on that said. Isn't this the Windows control panel that I just put that text into, but there's more, there's just enough of that phrase. I am not a robot to block your view, so you can't see the extra part that contains the malicious script, that adds the malware to your system. But now you've installed malware like Information Steelers or Remote Access Trojans, Some examples include Luma Steeler.
This malware distributed via fake capture pages can extract passwords, cookies and cryptocurrency, wallet details or Safe Copy Trojan, which is disguised as a useful app, and the malware subscribes users to unwanted paid services, charging fees directly to their mobile bills. Sometimes the simple scams are the best. You might not be fooled by this, but lots of people are. We need to up our game on training for this one. And that's our show for today.
This weekend we have some great new research on the Psychology of Phishing with one of my co-host David Shipley. I hope you'll join us and thank you for your efforts. We're about 60% of our monthly goal on fundraising in a single week, and you can still contribute at buy me a coffee.com/tech podcast. That's buy me a coffee.com/tech podcast. And thanks to you that are doing a monthly contribution, it'll make this less annoying as we go on to those of you who have contributed, thank you.
We're on our way to having a sustainable future for the podcasts, and if you can join us on Saturday, bring your coffee or whatever you want and whenever you wanna listen. If not, I'll be back in this chair Monday morning with the cybersecurity news. I'm your host, Jim Love. Thanks for listening.