Cyber Week in Review: November 17, 2023

There will be no Cyber Week in Review next Friday, November 24. The Week in Review will return on Friday, December 1. 

Nvidia testing new chip that meets U.S. export controls 

Microchip firm Nvidia has begun work on testing and developing a new artificial-intelligence chip aimed at the Chinese market amid changing United States export regulations. The United States announced last month that it was expanding its export controls to govern Nvidia’s A800 and H800 chips, which the company had previously developed to get around the original U.S. export control released in October 2022. Nvidia announced this week that three new chips which will comply with the revised U.S. export controls have entered testing for export to China before the end of the year. Nvidia’s graphical processing units (GPUs) are commonly used to train AI models, because of their ability to perform many simple calculations in parallel, rather than sequentially, as in other microprocessors. 

Department of Defense and OECD release AI toolkits 

On Tuesday, the Department of Defense (DoD) Chief Digital and Artificial Intelligence Office (CDAO) shared the Responsible Artificial Intelligence (RAI) Toolkit as part of the Responsible Artificial Intelligence Strategy and Implementation Pathway. The toolkit was released to aid in the identification, tracking, and alignment of AI projects with RAI guidelines and DoD AI Ethical Principles. The toolkit offers guidance in adhering to RAI standards for future and current DoD partners and expands on the earlier Responsible AI (RAI) Guidelines and Worksheets. The Organization for Economic Cooperation and Development (OECD) also released its own tool for reporting negative AI incidents, the AI Incidents Monitor. The monitor will integrate over 150,000 worldwide news sources in order to create a repository of AI incidents for use in future research or policymaking. 

ByteDance and Meta appeal Digital Services Act gatekeeper designation 

On Wednesday, Meta and ByteDance announced they were appealing the designation of some of their platforms as “gatekeepers” under the EU Digital Services Act (DSA). Meta did not appeal the status of Facebook, Instagram, or WhatsApp as gatekeepers, but said that its Messenger and Marketplace services did not qualify under the DSA, because both are functionalities of Facebook and because Marketplace is used for consumer-to-consumer transactions, exempting it from the DSA. ByteDance said that its platform TikTok should be exempted from the DSA because it is relatively newer and does not hold an entrenched position in the market. The DSA will require gatekeepers to make more data available regarding their platforms, submit to audits, and give users the right to opt out of recommendation systems. Apple is also expected to file an appeal regarding the gatekeeper status of its products, but it was unclear if it had done so by Thursday, the deadline to file an appeal. 

Kemba Walden steps down as acting National Cyber Director 

Kemba Walden, the acting National Cyber Director (NCD), officially stepped down from her post today. The Office of the National Cyber Director (ONCD) was created in 2021 following debilitating hacks on federal networks, and the office has struggled to maintain leadership throughout the past two years. Turnover in the director role has proven to be rapid, as Walden took on the role in an interim capacity beginning February 2023 when Chris Inglis, the former NCD, stepped down. While Walden announced she would be stepping down in a prior statement, her formal resignation date comes just after the Senate Homeland Security and Governmental Affairs Committee (HSGAC) moved forward with nominating a permanent director, Harry Coker. President Biden nominated Coker to the post in July, and the HSGAC moved Coker’s nomination process forward to be presented in front of the full Senate for consideration. Coker has had a long career in national security, and the Director of National Intelligence, Avril D. Haines, said in a statement that Coker is “an absolutely excellent choice for National Cyber Director.” 

Ransomware attack halts some trades at Industrial and Commercial Bank of China 

A ransomware attack hit the New York financial services arm of the Industrial and Commercial Bank of China (ICBC) last week, forcing the group to stop trading until it could isolate the breach. The New York financial services group functions separately of ICBC’s main operations in China, but the attack reportedly forced the main branch in China to inject capital into its New York branch to settle trades left outstanding by the attack. ICBC’s financial services arm said it was working with a cybersecurity company to set up a secure system to resume trading, and that process appeared to have been completed by Monday. The Russian ransomware gang behind the attack, LockBit, said that ICBC had paid a ransom to settle the attack, while ICBC didn’t respond to a request for comment.  

Eva Schwartz is the intern for the CFR Independent Task Force Program.