Security News for the Week Ending January 27, 2023

Oh, Boy, Bad Day at Work – FAA NOTAM Failure Caused by Contractor Deleting Wrong Files

The FAA is now saying that the NOTAM failure earlier this month that shut down air traffic for around 90 minutes was caused by human error. A contractor was trying to fix a synchronization problem between the primary and backup system and deleted the wrong files. Human error is always the hardest to prevent. All takeoffs were halted for 90 minutes while they fixed the problem – a relatively painful but short outage. Credit: Fedscoop

AI Tools Are Great at … Creating Disinformation

While the software companies promote AI for writing fiction, fighting wildfires and other good things, there is one thing the developers are not promoting. AI poster child ChatGPT can write a blog post for any conspiracy theory and those posts are indistinguishable from those written by humans. Whether that is an anti-Covid vaccine article or propaganda in the style of Russia’s state media, the AI wunderkind can do it all. Credit: Security Week

Congressman ‘Coming for Answers’ After no-fly-list Hack

Politicians love to make a news cycle, whether it actually does anything or not. A Republican congressman on the House Homeland Security Committee wants to know how a formerly secret copy of the no-fly-list was left unprotected by an airline. Simple answers are usually best – they screwed up. The publication of the list is a civil liberties nightmare – mostly for the government. Historically, the courts have said that people don’t have standing to sue because they can’t prove they are on the no-fly-list, which, up until now, was not publicly available. Now they can. The airline also left a whole bunch of other very sensitive stuff unprotected. Historically, Republicans have not been willing to create significant penalties for businesses that have cyber breaches. Australia has a $50 million breach fine. GDPR in Europe has a maximum 4 percent of your global revenue fine; We don’t have anything like that. We will see if this is really just a PR stunt by this congressman. I suspect it is and all we will see is some sound bites at committee hearings and nothing else. But, I am willing to be wrong. We will see if the Republicans are willing to punish their donors. Given the news every day of new breaches, this is not an airline problem, this is a business problem and businesses will continue to under invest in security as long as that makes financial sense. Which makes more sense – spend a million dollars a year or more on security forever or risk a $500,000 fine (which Cafe Press did last year) once a decade? It doesn’t require a PhD in finance to answer that question. Credit: The Record

Princeton Student Invents AI to Detect AI

Ever since Chat GPT became popular, some folks have been wringing their hands worried that students will get it to write term papers for them, lawyers will get it to write briefs and many other things. A Princeton student has put an end to that because he spent his winter break building an AI app that detects if other text was written by an AI. Some much for that concern. Credit: Motherboard

Here is Who is Getting Rich in the Crypto Biz – Fugitive Cryptoqueen Bilked Investors Out of $4 Billion

Who said you can’t make money in cryptocurrency. Ruja Ignatova bilked investors out of $4 billion dollars. She was hawking a Bitcoin alternative called OneCoin. However, when the pyramid scheme fell apart, Ruja boarded a plane and has not been seen since 2016. She has the dubious honor of being the first cryptoqueen on the FBI’s 10 most wanted list. Credit: CNN

by