Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label UK AI Leadership. Show all posts

June 2023 Review: MOVEit Exploit, UK Government’s AI Leadership Goals, NHS’ Controversial IT Project


June 2023 might have been the most thriving month for Cl0P ransomware group. Since March, the Russia-based hackers started exploiting a SQL injection vulnerability in the MOVEit file transfer service, frequently used by large organizations. However, it was not until June that Cl0p’s wreckage became apparent to organizations as cybersecurity firm Rapid7 revealed that some 2,500 incidents of data exposure had occurred online.

The incidents kept getting worse, with more and more organizations revealing that they were attacked by Cl0p. On June 5, a cyberattack on Zellis, a payroll business, affected British Airways (BA), the BBC, and Boots. The hack, which at the time was directly connected to the use of the MOVEit vulnerability, revealed the personal information of thousands of workers (two days later, BA and BBC received the standard ransomware demand from Cl0p.) As of June 15th, First National Bank, Putnam Investments, and 1st Source were among the financial services providers affected, in addition to the oil giant Shell. Though more would surface as the year went on, ransom demands seemed to crescendo at the end of the month, with Cl0p identifying and shaming Siemens Energy and Schneider Electric as the most recent victims of what now appeared to be one of the worst cyberattacks in history.

Also, June was a memorable month for the UK government’s AI goals. On June 8, the government announced their first AI summit, where it provided opportunity to world leaders to discuss regulations for a technology that many believed possessed a potential to either improve or destroy the global economy. 

As a conclusion, risk reduction in regards to AI emerged on top of the agenda. The UK government stated that risks related with “frontier systems, and discuss how they can be mitigated through internationally coordinated action,” were included in the summit’s discussions.

Furthermore, later that month, the government vouched its commitment towards shaping AI safety research by announcing around £50m in additional funding. On June 19, campaign groups Foxglove and the Doctor’s Association UK (DAUK) urged NHS to reevaluate its bid for the Federated Data Platform (FDP), a large IT project intended to connect the disparate data repositories of British health care into a single, cohesive entity.

While rationality in data analysis was a fair aspiration, according to Foxglove and DAUK, they noted that the government’s strategy for winning over the public to the data collecting that the project required was noticeably negligent. That mattered a lot more, they continued, since Palantir, a US tech startup started by an entrepreneur who had a dim view over the NHS, was the prospective winner of the FDP contract (the prediction that later turned out to be true).

Foxglove further notes that from the analysis they ran over the matter, it turned out that a huge chunk of the public would be against the project centred around the operations of healthcare services to be managed by a private organization. Therefore, making it unlikely for the FDP to be able to provide useful insight into the population's health, among other insights, claimed by its supporters.