Join us for a crucial discussion on AI’s impact on U.S. elections and cybersecurity with insights from New York City Mayor Eric Adams and experts from Cloudflare and the Center for Internet Security. Discover how AI both threatens and protects our electoral integrity and what measures are being taken to combat misinformation and enhance security.

In another essential segment, explore the recent ransom payment by UnitedHealth following a cyberattack on Change Healthcare. Learn about the challenges in protecting sensitive patient data and the implications of the breach on healthcare operations and cybersecurity policies.

Finally, delve into the vulnerability of Apache Cordova App Harness in a dependency confusion attack as reported by Orca and Legit Security. Understand the risks of using outdated third-party projects in software development and the steps taken by the Apache security team to address these vulnerabilities.

For more detailed information:

• https://www.helpnetsecurity.com/2024/04/23/ai-election-misinformation/
• https://www.cybersecuritydive.com/news/unitedhealth-paid-ransom-change-cyberattack/714008/
• https://thehackernews.com/2024/04/apache-cordova-app-harness-targeted-in.html

Follow us on Instagram: https://www.instagram.com/the_daily_decrypt/

Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/

Logo Design by https://www.zackgraber.com/

Tags for the Episode

AI, U.S. elections, cybersecurity, misinformation, Eric Adams, Cloudflare, Center for Internet Security, ransomware, UnitedHealth, Change Healthcare, data breach, Apache Cordova, dependency confusion attack, software security, open-source vulnerabilities

Search Phrases for the Episode

• AI influence on US elections
• cybersecurity threats in 2024 elections
• Eric Adams on social media as environmental toxin
• UnitedHealth ransomware attack details
• handling sensitive patient data in healthcare cyberattacks
• Change Healthcare cyberattack impact
• dependency confusion attacks in software
• vulnerabilities in Apache Cordova App Harness
• combating misinformation with AI in elections
• protecting elections from cyber threats

Transcript:

Apr24 AI in Elections: Guarding Against Misinformation, UnitedHealth’s Ransomware Dilemma, and The Peril of Dependency Confusion in Apache Cordova

It’s official. UnitedHealthcare has confirmed that it paid a ransom to the cybercriminals that breached its subsidiary ChangeHealthcare. What additional measures are UnitedHealth taking to monitor and mitigate the fallout from this breach?

AI is swiftly becoming a double edged sword in U. S. elections, with over 60, 000 daily cyber threats being mitigated against election bodies as we approach the critical 2024 election cycle.

How can we balance the advancement of AI technology with the security and fairness of upcoming elections?

And finally, researchers have discovered a vulnerability in the discontinued Apache Cordova App Harness project, allowing attackers to inject malicious code into the software supply chain, impacting unsuspecting users worldwide.

So you may have heard that Change Healthcare was breached, it caused a lot of problems, well it just came out that the UnitedHealth Group who owns Change Healthcare has admitted to paying a ransom

during the cyber attack that occurred in February. Their aim was to prevent further exposure of sensitive patient data. A spokesperson for UnitedHealth revealed to Healthcare Dive that the breach involved protected health information and personally identifiable information which could potentially impact a vast number of Americans.

Further complicating the situation, it was discovered that 22 screenshots of what appear to be stolen files were posted on the dark web. These images, some containing detailed patient health information, were accessible online for approximately one week.

And anything that goes online, it’s really hard to get it off. But UnitedHealth has confirmed its ongoing efforts to monitor the internet and dark web for any signs of the compromised data. The ransom payment details remain undisclosed. However, a UnitedHealth spokesperson emphasized that the payment was crucial to the company’s strategy to safeguard patient information.

Reports have been circulating about the ransom, with Wired Magazine last month suggesting that a known cyber group, ALF or Black Cat, received a payment that looked Suspiciously like a ransom transaction.

Additionally, TechCrunch reported that another cyber group, RansomHub, has threatened further disclosures of sensitive records to extort money from UnitedHealth. So if you’re not tracking that situation, there is an episode, I don’t know, a month or so ago, that lays it out a little better. But BlackCat. is assumed to have performed an exit scam on the dark web and

a new ransomware group called Ransomhub acquired the data? and is double extorting UnitedHealthcare.

UnitedHealth reports that medical claims, processing, and payment systems are slowly returning to normal, with Change now handling about 86 percent of its pre incident payment volume.

UnitedHealth anticipates that the financial toll from the cyberattack could reach 1. 6 billion this year. It is also unlikely that Change will fully recover to its standard service levels before 2025. So in the wake of the incident, major healthcare associations have reached out to the HHS office for civil rights, seeking clarification on who is responsible for issuing data breach notifications to avoid redundancy and confusion among patients.

UnitedHealth is preparing to take on the breach reporting and notification responsibilities for all customers potentially affected by this incident, marking a critical phase in addressing the fallout from this significant data breach.

So it’s no secret that the introduction of artificial intelligence, or large language models, or machine learning, or whatever you want to call it, chat GPT, has really thrown a wrench into the content that’s on the internet, from your advertisements, to actual news articles, to podcasts, to anything you consume is now probably being touched by large language models in one way or another.

And this is going to have a huge effect. over the upcoming United States 2024 election cycle.

As this election looms, the balance of power hangs between defending our digital frontiers and ensuring fair electoral processes. Recent reports from Cloudflare highlight the intensity of this battle, revealing over 60, 000 daily cyber threats against U. S. election bodies, which is a staggering number that underscores the global stakes within 70 elections in 40 countries also on the line this year.

AI’s dual nature presents a formidable challenge. It’s a tool that can both safeguard and undermine the electoral process. The ease with which AI can fabricate convincing digital personas and disseminate misinformation across social platforms is alarming. This capability has turned social media into a double edged sword.

prompting New York City Mayor Eric Adams to label it an environmental toxin.

On the defense side, there is a pressing need for stringent AI regulation and robust cybersecurity measures.

The Biden administration has responded by establishing a task force aimed at combating AI generated misinformation and bolstering public awareness about the potential misuses of this technology.

The legislative landscape is also evolving, with states like Texas and California pioneering criminal penalties for the misuse of AI in political campaigns, several proposed bills in Congress seek to regulate AI more broadly. Check out the articles linked in our show notes for more information on that, it’s a very interesting topic.

tactic that these states are using against misuse of AI.

To fortify our elections, experts suggest that political parties and candidates should consider appointing dedicated AI and data protection officers. This strategy parallels traditional physical security measures and is complemented by initiatives from organizations like the Center for Internet Security, which continues to refine tools that enhance the cybersecurity of election systems.

Now, this isn’t breaking news, but it continues to evolve as we get closer to the election, and we’re not there yet. We’re not in a place that we can confidently identify artificially created content and label it as such, or as untrue, or misleading, etc. Accurately. and The only way we’ll ever be able to safeguard against this is with a foolproof method to do this labeling, remove the content from certain platforms,

and just have an understanding of what constituents are consuming. We don’t even have that. So we have a long way to go in the next coming months, and we’ll try to keep you posted here on the Daily Decrypt.

And finally, for our more technical folks, a concerning vulnerability has been uncovered in an archived Apache project known as Cordova App Harness. This vulnerability called a dependency confusion attack has researchers sounding the alarm. So dependency confusion attacks occur when package managers prioritize public repositories over private ones, allowing threat actors to sneak malicious packages into the mix.

As a result, unsuspecting users may inadvertently download these fraudulent packages instead of the intended ones. So according to a report by the cloud security company Orca, nearly half of organizations are vulnerable to such attacks. That’s a lot. While fixes have been implemented by NPM and other package managers to address this issue, the Cordova app harness project was found to have a vulnerability of its own.

The project, which was discontinued by the Apache Software Foundation in 2019, lacked proper internal dependency referencing, leaving it wide open to supply chain attacks. The security firm LegitSecurity, sounds legit, demonstrated how easy it was to upload a malicious version of the dependency, attracting over 100 downloads before being detected.

This incident serves as a stark reminder of the risks associated with using third party projects and dependencies, especially those that are no longer actively maintained. As security researcher Ofek Haviv points out, neglecting these projects can leave software systems vulnerable to exploitation. The Apache security team has since intervened by taking ownership of the vulnerable package.

That’s huge. But the episode underscores the importance of vigilance in software development practices.

So we’re going to continue to rely on open source projects, but it is crucial to prioritize security and regularly update dependencies to mitigate potential risks.

That’s all we got for you today. Thanks so much for listening.

If you’re a fan of the podcast, please turn to Instagram or YouTube or Twitter and give us a follow, a like, and Maybe a comment on one of the videos. We’d absolutely love to hear from you if you have any feedback, but until then, we will talk to you some more tomorrow.