Cyber Week in Review: March 17, 2023
from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: March 17, 2023

TikTok explores separating from ByteDance; OpenAI releases GPT-4; SEC proposes tighter rules on financial system cybersecurity; CISA establishes ransomware warning system; Samsung announces $228 billion hub in South Korea. 
Samsung employees are displayed on screens as they gesture during U.S. President Joe Biden's visit to a semiconductor factory at the Samsung Electronics Pyeongtaek Campus in Pyeongtaek, South Korea in May 2022.
Samsung employees are displayed on screens as they gesture during U.S. President Joe Biden's visit to a semiconductor factory at the Samsung Electronics Pyeongtaek Campus in Pyeongtaek, South Korea in May 2022. Jonathan Ernst/Reuters

TikTok explores possible separation from parent company ByteDance 

On Tuesday, Bloomberg reported that TikTok’s leadership would consider a potential split from its Chinese parent company ByteDance in what would be a “last resort” effort to address U.S. national security concerns. Last year, TikTok proposed a plan called Project Texas—which would see TikTok’s data hosted on servers run by American company Oracle and the appointment of a government-approved oversight board—to wall off its operations from ByteDance’s influence in order to remain operational in the United States. Despite extended discussions with the Committee of Foreign Investment in the United States (CFIUS), TikTok faces bipartisan calls for an outright ban of the social media platform. On Wednesday, the U.S. government demanded ByteDance sell its stake in TikTok or risk being banned in the United States. 

OpenAI begins release of GPT-4 

On Tuesday OpenAI announced the release of GPT-4, the latest version of artificial intelligence chatbot sensation, ChatGPT. GPT-4 is in the early stages of release and will initially be available to ChatGPT Plus subscribers and software developers. The chatbot’s newest technology will accept image and text inputs, though the image-input feature is presently only a research preview. In a blog post, the company said GPT-4 responses to requests for disallowed content, such as its use for crimes, the generation of malware, or political campaigning, are down 82 percent from its predecessor (GPT-3.5) and scores on tests of factuality are 40 percent higher. OpenAI has said [PDF] the new version maintains similar fact and reasoning limitations to its predecessor, which can lead it to produce problematic outputs and spread false information. Analyst Rishi Jaluria said that Microsoft is slated to benefit from the adoption of GPT-4, and the company has already started integrating OpenAI's earlier creations into its products, including a test version of Microsoft’s Bing search engine supplemented by ChatGPT. 

SEC proposes policy package aimed at hacking, data and market resiliency  

More on:

Cybersecurity

China

Artificial Intelligence (AI)

On Wednesday, the U.S. Securities and Exchange Commission (SEC) voted in favor of a package of policies aimed at bolstering the financial system against hacking, data theft, and system failure. The proposals will require broker-dealers and money managers to maintain programs to detect, respond, and notify customers of unauthorized data access. SEC Chairman Gary Gensler said these parties would also be obligated to develop cybersecurity risk policies and immediately notify the SEC of significant incidents. The SEC also proposed expanding the number of stock exchanges and clearing agencies covered by a 2014 regulation [PDF] designed to increase system robustness. The two Republican SEC commissioners, who voted in favor of the proposal, expressed reservations about how it could create confusion and redundancies with state regulations. 

CISA Establishes Ransomware Warning Pilot Program 

On Monday, the Cybersecurity and Infrastructure Security Agency (CISA) announced a new program, the Ransomware Vulnerability Warning Pilot (RVWP), which will help critical infrastructure entities protect their systems from ransomware attacks. According to CISA, RVWP will be used to identify vulnerabilities associated with ransomware targeting on the networks of critical infrastructure entities, and help organizations patch vulnerabilities before they can be exploited. The program will use CISA’s Cyber Hygiene Vulnerability Scanning service to identify organizations’ vulnerabilities. CISA’s pilot program was created in response to last year’s Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which required CISA to develop and implement reporting on cyber incidents and ransomware payments.  

Samsung announces new $228 billion investment in microchip manufacturing 

The Korean semiconductor manufacturer Samsung announced a new $228 billion investment in a 20 year plan to develop five new factories as part of a massive manufacturing hub in Yongin, South Korea. Both Samsung and SK Hynix, another major South Korean microchip manufacturer, have existing fabrication plants in the area around Yongin. Experts said the plan appeared to be modeled around the large industrial parks created by Taiwan Semiconductor Manufacturing Company (TSMC) in Taiwan. The South Korean government will be closely involved with the plan, providing additional support by speeding up the construction permitting process, subsidizing research and development for critical technologies, and providing tax breaks for the construction of the hub. Last year, Samsung unveiled plans to expand its manufacturing of advanced semiconductors, with the goal of competing with TSMC on 2 and 1.4 nanometer microchips processes.  

More on:

Cybersecurity

China

Artificial Intelligence (AI)

Creative Commons
Creative Commons: Some rights reserved.
Close
This work is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) License.
View License Detail