G7 Monitoring Chinese Telecom Investment, Biden Cyber Official Says
Group of Seven members are focused on Chinese investment in Western telecommunications networks because they're concerned with Beijing’s access to company data, Anne Neuberger, White House deputy national security adviser-cyber and emerging technology, said Tuesday.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
She noted Friday’s G7 joint statement calling attention to Chinese investment in critical infrastructure, “notably” telecom networks, Neuberger told a Semafor event. The EU is particularly concerned “because the nations’ secrets, the nations’ intellectual property rides on telecom,” she said. The Chinese government has explicit authority to request data, and “that’s why there’s a real concern on telecom.”
The G7 statement urges China to “uphold its commitment to act responsibly in cyberspace.” G7 members will continue to “disrupt and deter persistent, malicious cyber activity stemming from China, which threatens our citizens’ safety and privacy, undermines innovation, and puts our critical infrastructure at risk,” the statement said. There’s a need to protect certain advanced technologies “without unduly limiting trade and investment,” it said. A Chinese Foreign Ministry spokesperson on Monday said the G7 statement is "full of arrogance, prejudice and lies.”
The evolution of AI technology is playing a role in cyberattacks, but evidence suggests it’s mostly being used to carry out scams against individuals, Neuberger said. The focus of attackers has largely been spear-phishing emails targeting individuals, but the White House expects the AI threat to “grow.”
Verizon’s research suggests generative AI isn’t yet widely used for mass cyberattacks, said Chris Novak, a cyber consultant with Verizon Business. Everyone is talking about the role of generative AI, but the numbers don’t show it’s being used in a “meaningful” way on the cyber front, he said, which “surprised” Verizon. The company’s 2024 data breach report analyzed AI's impact but said “nothing materialized in the incident data we collected globally.” Generative AI remains a “concern, and it will continue to scale,” but threat actors are consistently using “traditional” methods of cyber warfare rooted in “operational science,” he said. Novak noted, however, that nation states have the resources to train large language models, so it’s important to monitor such activity.
Neuberger said China is focused on critical infrastructure, while Russia is concentrating on ransomware and attacking hospitals and schools. The two are collaborating as “hacktivists” to disrupt elections, a particular concern for Europe, she said. Meanwhile, North Korea is consistently using cryptocurrency schemes to circumvent sanctions, and Iran is focused on political misinformation, Neuberger said.
The Cybersecurity and Infrastructure Security Agency doesn’t believe generative AI is going to “fundamentally introduce new risk” to the 2024 election cycle, but it’s going to amplify existing risks, CISA Senior Adviser Cait Conley said. The technology lowers the bar for people to become attackers, she said: Individuals no longer need to be able to code to leverage malware. CISA is confident the U.S. is more secure in the 2024 election than any other previous cycle, she said.