The U.S. government has unveiled new security guidelines aimed at bolstering critical infrastructure against artificial intelligence (AI)-related threats.

“These guidelines are informed by the whole-of-government effort to assess AI risks across all sixteen critical infrastructure sectors, and address threats both to and from, and involving AI systems,” the Department of Homeland Security (DHS) said.

In addition, the agency said it’s working to facilitate safe, responsible, and trustworthy use of the technology in a manner that does not infringe on individuals’ privacy, civil rights, and civil liberties.

The new guidance concerns the use of AI to augment and scale attacks on critical infrastructure, adversarial manipulation of AI systems, and shortcomings in such tools that could result in unintended consequences, necessitating the need for transparency and secure by design practices to evaluate and mitigate AI risks.

Specifically, this spans four different functions such as govern, map, measure, and manage all through the AI lifecycle –

  • Establish an organizational culture of AI risk management
  • Understand your individual AI use context and risk profile
  • Develop systems to assess, analyze, and track AI risks
  • Prioritize and act upon AI risks to safety and security

“Critical infrastructure owners and operators should account for their own sector-specific and context-specific use of AI when assessing AI risks and selecting appropriate mitigations,” the agency said.

“Critical infrastructure owners and operators should understand where these dependencies on AI vendors exist and work to share and delineate mitigation responsibilities accordingly.”

The development arrives weeks after the Five Eyes (FVEY) intelligence alliance comprising Australia, Canada, New Zealand, the U.K., and the U.S. released a cybersecurity information sheet noting the careful setup and configuration required for deploying AI systems.

“The rapid adoption, deployment, and use of AI capabilities can make them highly valuable targets for malicious cyber actors,” the governments said.

“Actors, who have historically used data theft of sensitive information and intellectual property to advance their interests, may seek to co-opt deployed AI systems and apply them to malicious ends.”

The recommended best practices include taking steps to secure the deployment environment, review the source of AI models and supply chain security, ensure a robust deployment environment architecture, harden deployment environment configurations, validate the AI system to ensure its integrity, protect model weights, enforce strict access controls, conduct external audits, and implement robust logging.

The briefing by the NSA can be found here – https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3741371/nsa-publishes-guidance-for-strengthening-ai-system-security/

The full report can be found here – https://media.defense.gov/2024/Apr/15/2003439257/-1/-1/0/CSI-DEPLOYING-AI-SYSTEMS-SECURELY.PDF

Read more

Hello All. I had the honor of speaking at the 2024 AtlSecCon Conference in Halifax this past week. What an amazing event. Shout out to the organizers, attendees and sponsors. I had a blast. I delivered a talk on Live Incident Response as part of DFIR. I promised attendees I would post my slides and cheat sheet. Please see below:

Please feel free to reach out if you have any questions.

Read more

Hello All. Like many people, I make use of Apple AirTags for a number of applications in my day-to-day life. Isn’t it great when the airline says, “We don’t know known where your luggage is.” and you say, “It is siting on the north side of Chicago O’Hare Airport.” Just recently, with the rash of car thefts in the Toronto area, many have been tracking their stolen vehicles using multiple hidden AirTags. Thinking back to the start of my career in technology, I would have never though this would be a thing. If you are curious how these work, it is quite simple. AirTags use ultra-wideband technology and Apple’s existing network of devices to help you track down lost or stolen items. So as long as an Apple device is in proximity to your AirTag, it will relay the location back to Apple, and on to the person tracking it. Great use of crowdsourcing via Apple users, huh? However, in order to track an AirTag, you must be running iOS 14.5 or above on your iPhone or iPadOS 14.5+ on your tablet. However, in order to use Precision Finding, which can guide you to your device via on-screen instructions, you need an iPhone 11 or 12. These models use the camera, ARKit, accelerometer, and gyroscope for a more “directionally aware finding experience,” according to Apple. AirTags do not include a GPS chip like your iPhone. Instead, Apple has used its proprietary U1 chip with ultra-wideband technology to create a peer-to-peer network that taps into the 1.65 billion Apple devices out in the wild to nail down the location of an AirTag.

Lots of creators on YouTube have done some cool things with AirTags. I truly enjoyed MegaLag’s series where he shipped them to Elon Musk as SpaceX, Tim Cook at Apple and one to North Korea. The video is below:

 

If you are like me and were curious about the engineering behind the AirTag, the actual printed circuit board (PCB) specifications, how it stores information, how it manages power or how it advertises itself, there is lots of details out there on the Internet after people have reversed engineered it.

The Apple AirTag has the Nordic nRF52832, whose die is built with a 90nm process node – an advancement over the 180nm process used in slightly older 2.4 GHz Noridc Transceiver ICs. The nRF52832 found in the AirTag is the WLCSP50 package which is 75% smaller than the larger 48-pin 6 mm x 6 mm QFN option. There may be multiple reasons for selecting the WLCSP50 instead of a QFN package, one of which could be as simple as requiring less PCB space to use the versatile Nordic chip. The nRF52832 Bluetooth SoC can support multiple radio types, including a 2.4 GHz proprietary radio if needed. The nRF52832 used in the Apple AirTag supports NFC tag, Bluetooth, and Bluetooth Mesh. It is the Bluetooth Mesh feature that enables the AirTag to connect to other Apple devices in the Apple Find My network.

For die size comparison to the nRF52832, the UWB transceiver die is produced on a TSMC’s 16nm process node, allowing for more transistors (and circuits) on a similar sized die like that in the nRF52832. All in all, the radio ICs of the Apple AirTag take up less than 30 mm2, or 6%, of the entire available PCB area. However, the performance of the AirTag, i.e., its success in staying connected to the Find My network, is not just in the radio ICs but also relies heavily on its antennas and antenna designs. But the AirTag’s small size does not allow for separate antenna parts as we see in other larger devices like mobile phones. Instead, the AirTag has a single frame with all three antennas designed on it. Apple also included a speaker in the AirTag, which ‘chirps’ for various scenarios. A Maxim Class-D audio amplifier also located on the PCB drives the speaker. It is not just the AirTag’s function and design that are noteworthy. The AirTag retails for less than USD 30 and has an estimated manufacturing cost of USD 10 (not including software costs and R&D).

A really amazing page that does a great job in reversing the AirTag can be found on Adam Catley’s page, Apple AirTag Reverse Engineering.

Read more