Vibe Hacking and Nation State Cyber Threats

Show Notes

Your router may not be your router. It could be a Russian surveillance device. In Episode 5 of The GIST of Govt IT, Brian and Sean unpack a stunning two weeks in cybersecurity: the FBI's court-authorized takedown of a Russian GRU operation that silently hijacked thousands of TP-Link routers across 23 American states, an Iranian-linked APT group actively disrupting U.S. water and energy systems through Allen-Bradley PLCs, and Anthropic's release of Claude Mythos — a frontier model so capable at finding zero-day vulnerabilities that the company chose not to release it publicly. They break down what Project Glasswing means for industry, how AI is becoming both the most dangerous offensive weapon and the most powerful defensive tool a CISO has ever had, why "vibe hacking" is democratizing cyber attacks (one low-skill actor compromised 600 FortiGate firewalls across 55 countries), and why the old playbook for SOC operations needs to be blown up entirely. What the unresolved tension between Anthropic and the DoD over supply chain risk designation means for federal agencies trying to defend critical infrastructure while CISA operates at 38% capacity. Plus Sean shares his hacker name (maybe) if he wasn't a CTO and instead worked in a windowless office in Pyongyang. 

----------
RESOURCES MENTIONED IN THIS EPISODE

The Russian GRU Router Operation

- DOJ announcement: Operation Masquerade — court-authorized disruption of DNS hijacking network
- FBI Public Service Announcement on GRU exploitation of TP-Link routers

 - NSA statement on Russian GRU router threats
- CVE-2023-50224 (the TP-Link vulnerability exploited) 

Iranian-Linked Attacks on U.S. Critical Infrastructure

- CISA Joint Advisory AA26-097A — Iranian-Affiliated Cyber Actors Exploit PLCs Across US Critical Infrastructure
- Rockwell Automation security guidance

Anthropic, Claude Mythos & Project Glasswing

- Anthropic on Project Glasswing
- Anthropic's statement on the DoD supply chain risk designation
- Cloud Security Alliance whitepaper on Mythos vulnerability discovery

Recommended Consumer Protections
- Cloudflare's free 1.1.1.1 DNS resolver
- Cloudflare DNS family options (malware and adult content filtering)

Cybersecurity Frameworks & Government Resources
- CISA Edge Device Security
- CISA Cross-Sector Cybersecurity Performance Goals (CPGs 2.0)
- MITRE ATT&CK Framework
- CISA Industrial Control Systems advisories

Related Episodes
- Episode 2: Fighting Fire with Fire: Federal AI Security - Securing Agentic AI with Elad Schulman, CEO of Lasso Security
- Episode 3: Chaos, Change, and Opportunity in Federal IT - $50B in Q4 federal IT contracting, Golden Dome, and the Anthropic supply chain risk designation

The Hosts & Show

- Swish
- GIST360

CONNECT WITH US

Got an idea for a future episode? Want to be a guest? Let us know.

Brian Lake - blake@swishdata.com

Sean Applegate - sapplegate@swishdata.com

Subscribe wherever you get your podcasts: Apple Podcasts, Spotify, or gist360.com.

Chapters

• 0:00: Routers Turned Into Spy Gear
• 3:10: How The GRU Hijacked DNS
• 6:09: Iranian Attacks On Water And Power
• 7:08: Small Town OT Security Reality
• 9:29: AI Supply Chain Breach Explained
• 14:11: Mythos And Autonomous Zero Days
• 19:19: Rebuilding The SOC With Agents
• 25:38: Project Glasswing And Guardrails Fight
• 31:43: Next Steps And Listener Challenge

Transcript

Routers Turned Into Spy Gear

Brian Lake 0:00

Recently, your router may not have been your router. It could have been a Russian surveillance device. A few weeks ago, the FBI disrupted a GRU operation that silently hijacked thousands of home routers across 23 American states. No malware, no warning, just your internet traffic quietly being rerouted to adversaries overseas. That same week, Iranian-linked hackers started actively disrupting the industrial systems that manage American water supplies and power grids. And on April 8th, a DC Appeals Court ruled that Anthropic, the company behind one of the most powerful AI models ever built, Mythos, can remain blacklisted by the Pentagon and the United States government. A model that Anthropic's own researchers say can autonomously find zero-day vulnerabilities across every major operating system and every major browser. Let that sink in for a moment. The most capable cyber offensive tool ever created is sitting in the legal limbo. The agency responsible for defending the American infrastructure is operating at 38% capacity. And right now, nation states are actively probing the systems that keep your water clean and your lights on. This isn't theoretical. This is today, and it could escalate faster than government agencies are prepared to handle it. So what do we do about it? Let's get down to the gist of it. And as always, I'm joined by my co-host, Mike Compadre, the CTO Extraordinaire and the old Marine himself, Mr. Sean Applegate. Welcome to the show, Sean. How are we doing today? What's exciting, Brian? Another day, man, another show. Man, I gotta be honest with you, these hackers just they got the coolest names. It's uh, man, I as a marketer, I I just kind of like thrive off the ability of what these what these these you know organizations can pull off for names. I mean, uh, Lazy Bear, Salt Typhoon, Vault Typhoon, Bronze Silhouette, The Vanguard. I mean, it's it's really great stuff. I know what they're doing is terrible things, but like, gosh, what a cool name. But uh, I mean, it's obviously we're not here to talk about marketing names. I mean, but let me ask you, what would you uh if you had your own hacker group? What would your name be? Well, I'm putting you on the spot here, I know.

SPEAKER_01 2:44

I'd have to come with something marine related, right? So it's uh your head's taken. I'd have to figure out something on this theme.

Brian Lake 2:50

That's that's uh that's that's a hacker group.

SPEAKER_01 2:52

That's just the name of the names.

Brian Lake 2:54

Yeah. Oh, yeah, of course, right. I don't know, Brian. You you hit me up. I'm sorry, I should have to think of that one on the show notes here before we started the show. So I mean, uh we'll we'll get back to it. Like let's let's let that percolate here before we get into it. But that's obviously not what we're here to

How The GRU Hijacked DNS

Brian Lake 3:10

talk about. I mean, listen, it feels like I know that we're in a we're in a I would call a uh ceasefire at this stage with the armed conflict that's going on in Iran, but obviously there's a lot of things happening from the state-sponsored packing and uh terrorist uh situation. You know, uh 18,000 routers worldwide, including devices in in the United States, um targeting military, government, and critical critical infrastructure personnel. I mean, uh on April 7th, uh the FBI, you know, they court authorized remote remediation uh to kick these Russians out of out of American home networks. Uh, you know, I guess for me, like, and and I really want to know what you think about this, they never really touched the computers. It was really just hijacking DNS settings. And so that all of a sudden, you know, you got these attacker in the middle kind of situations and they're intercepting credentials and they're and they're sending sensitive data out, and it doesn't feel like anything's wrong to the end user, right? I think you I think when you were telling me it's pop-up shows up and it says, Do you trust this token? And most average Americans probably just don't even know what they're being asked and click trust, right? I mean Right.

SPEAKER_01 4:22

It's it's really deceptive. So the the Russian GRU effectively sent a specially crafted packet to TP link routers, which are spread all over the US and the world. But in this case, they were a little more targeted here at the US. And that packet basically told the TP router link to change the domain name server so they could redirect certain domains like your office Outlook Mail website to a compromised server that could be in the middle, that could get the application security token, see some content, um, interact with that thing on your behalf eventually. Basically, I suppose it was collect data and surveillance data, right? So they're trying to hoover a bunch of information up and and and take activities there. So uh in this case, the FBI worked with the justice and uh sealed court case, and they eventually unsealed it when, which is when we saw things on the 7th, and the FBI went out and crafted a new packet, hit those compromised routers, and corrected the DNS server to their local carrier, which is what you would normally have by default. So they just set it back to the carrier's default setting. And then they sent an advisory to you know to the US people that said, hey, go upgrade your TP link routers so you don't get compromised again. And ideally, make sure you set your DNS servers to something like your carrier, or in our case, we normally recommend using something like Cloudflare's free DNS servers, which has a couple different settings. The default one they use for most people is 1.1.1.1. And uh, if you go to DNS's website, you can, or Cloudflare's website, you can find another list that have progressively more strict security around content and malware. And so as a parent, that's a it's a great resource to use, not just for yourselves, but for your children, if you want to protect them from say adult content. And it's free, so it's a great resource.

Iranian Attacks On Water And Power

SPEAKER_01 6:09

But you know, separate of that, we had the the Iranian-linked groups in this case that compromised process logic controllers. So those things were Rockwell Automation and Alan Bradley controllers. And effectively what they did was they allowed them to get access to things like the U.S. water systems at some local governments or smaller cities, um, and potentially energy in some government facilities. And so that that's been they've been in there doing things since March 26th. And we're really moving from uh confirm we had confirmed disruption, operational disruption, and confirmed financial loss. And so those are those are not good activities, but that's what happens when you're at war. Think of all domain operations. The Iranians were attacking them, they're turnaround and attacking us. And one of the ways they could do that is asymmetrically through operate, attacking industrial control systems, water, energy, ports of security to impact our society. And we have to be resilient. We got to be focused on protecting ourselves from those activities, and there's lots of ways to do that.

Small Town OT Security Reality

Brian Lake 7:08

I mean, I we were having a conversation yesterday with some of our colleagues over at Armist about this very issue around OT security and critical infrastructure. A lot of these organizations, they're, I mean, are they really truly capable to handle this scale or this type of attack? You're talking about small town water systems, right? I think the one that was the one I was reading about with the Iranians was in up, you know, a small town in Pennsylvania, right? I I mean, are they prepared to handle this kind of threat out there?

SPEAKER_01 7:42

Well, so I've spent a number a number of years working with with people in the federal government and decades. And in the last year and a half, we did some work with the state local government. And uh Michael Dent's a great resource. He just retired out of Fairfax County as their CISO, but he sits on a number of local county boards. And what I continuously heard from him, and we heard working with local customers, is their security teams and their IT teams at what the especially these rural counties is is often one to three people. Right. They're not well staffed, but they do try to use all the resources to the fullest extent. And um, you know, the basic things, if you're if you're at a local county, you have a lot of budget either. So you gotta follow and do the basics. And so my biggest piece of advice is do the basics if you're at the local level. And if you can put something between your devices and the internet, or keep them air gapped if you can on private networks. I mean, keeping them away from the bad guys, putting them out around there's a big benefit. The other common things are change your password, change default certificates, and put good zero trust controls in place and then back up and archive your configuration. So when you do get compromised, you can restore them pretty fast because that typically means a truck roll to go rebuild something. The last thing you want to have is not have the backed up golden configuration.

Brian Lake 8:57

Right. I know you're gonna talk later in the show about getting back to basic principles. It still astounds me how many times some these penetrations or these hacks occur because they don't have good multi-factor authentication in place, or they're still using password for password, or something maybe not so simplified as that, but something that's easily hackable. So, but talk to us a little bit. I mean, this again, this this was these are two major issues that occurred or were announced the same time around April 7th, April 8th time frame. But that wasn't the only thing that just happened recently as well.

AI Supply Chain Breach Explained

Brian Lake 9:29

Uh talk to us a little bit about this supply chain attack, this AI supply chain attack that happened as well uh in late March into early April.

SPEAKER_01 9:38

Absolutely. So when you think of AI, there's a group called Team PCP. They attacked their or are attacking the UCI CD pipeline. But effectively, they're they're attacking the software supply chain. And so where Iranians were attacking the, let's say, physical world, these guys are attacking the environment that we build our applications with and the open source code that we glue together to make those applications. And so a lot of open source code gets used to build either enterprise capabilities or it gets embedded into commercial off-the-shelf vendor solutions that get purchased by customers. And in this case, they compromised uh through a GitHub token uh compromise back in February, Aqua Securities environment that allowed them to get access to things like GitHub Actions, Docker Hub, um, and a couple different environments. And that gives them access to other other things. But if but effectively, they were able to push malicious code to 76 of 77 version tags in their Aqua Securities trivi vulnerability scanner in GitHub, right? So basically you're building this thing in GitHub. They compromise that repo, and then they're able to go modify a few things, and then that kind of grows from there, it scales out. And so a lot of CI CD pipelines are running this trivi scanner to scan their software to make sure it's secure, uh, but now to them it can compromise. Um, so it allows them to do things uh like steal tokens or get other information. And in this case, that eventually led to compromising the light LLM AI gateway library, which had 95 million monthly downloads and it compromised their their own their own pipeline. Long story short, that led to compromising Crew AI, Microsoft's RAG, a Graph Rag, Google ADK, and a number of other libraries. And so you can see how these, if if you get certain key beach heads as a hacker, they can grow and scale pretty rapidly. Luckily, it was discovered relatively quickly. And so it didn't have a, it had a pretty big impact, but it could have been a lot worse. Let's put it that way.

Brian Lake 11:48

Make sure that we our audience really understands the implication of this. When hackers are able to hack into the very tools that either organizations are using to protect their pipelines, how can how can government agencies think about this? Or do they need to be working more closely with industry on ensuring that these supply chain pipelines, especially when it comes to AI tools, because I imagine the proliferation of of what AI can do with maybe a malicious code in that supply chain could be absolutely terrifying. I mean, how do agencies think about this or think about these types of attacks moving forward?

SPEAKER_01 12:24

Yeah, one of the simplest things is make sure that when you make a software upgrade to your your CI, your platform engineering package or your CICE pipeline, those things that you're trusting to be accurate, that you've verified they're they're a long-term stable build, they're not compromised. So don't maybe you don't be the first person to upgrade to the hottest and newest version of code without verifying it. And most federal agencies do a really good job of checking before they put a new thing in production that it's pretty secure, it's stable, it's kind of baked. And so I think that's a place in most large enterprises where in pretty good shape. And enterprises that maybe lean in hard on innovation and speed are the ones that are typically culturally most exposed to those situations. Um second, if you're if you haven't already audited Trivi or Trivi or check marks, kicks, or if you're using light LM, just go make sure you're using a secure version of code. Again, most good scanning tools, once the vulnerability is identified and out, you've got the ability to scan it and go patch it through your mitigation strategies pretty quick. And so most tools are finding those things again, once they're known. When they're not known, that's where having good zero trust practices. So setting up micro and macro segmentation, not letting certain systems phone home out to the internet, limiting what they can reach. So if they are compromised, we can limit the bomb blast and limit their east-west or north-south movement within the organization. And so those are things I think um, you know, fairly mature zero trust environments are in decent shape with, and ones that feel better, maybe more open and less concerned with security, often on the commercial side, aren't as aren't as well uh prepared for. And then the last item, Brian, is probably pin your GitHub actions to specific commit um shock keys or hashes to make sure they're not mutable tags. This will give you a lot better security inside your GitHub environment.

Mythos And Autonomous Zero Days

Brian Lake 14:11

So let me ask you this. If we're starting to now see adversaries inside the AI pipeline, let's talk a little bit about like the AI models themselves could be both a tar, not just a target, but an actual weapon. I think there's been a lot of talk over the last two weeks about anthropic releasing Claude Mythos, their unreleased frontier model that they have decided to not make publicly available. I think I just saw today that they just they just released a new version of Opus, which they've said is not as capable as Mythos. But the reason they're not making it available is that it is so powerful that it can autonomously find thousands of or is going out there and finding thousands of zero-day vulnerabilities across every major operating system and every major web browser. Um, it's not been helped by humans. It's autonomously doing this. And essentially what's been happening is they've been going to uh they they formed this organization. I know you're gonna talk about a project um Glasswing, which is essentially trying to get this model in front of organizations like financial institutions, the the United States' biggest banks, the United States uh critical infrastructure organizations, energy organizations, to essentially use it to start to identify vulnerabilities, but it's so powerful and it's so sophisticated and it's so adaptive in the way that it can attack and be creative, the way that they can attack and avoid detection. You know, how does government agency think about this? What should they be thinking about? Obviously, I know that there's a lot of we haven't uh we haven't really discussed, but right now anthropic is technically on is is is a supply chain threat, according to the Department of Defense, the United States government. Government agencies were instructed to stop using it. So, you know, what is what is the CISO, what does CISO se need to be thinking about if now that in such a short period of time, now we're having models that are more capable than every hacker out there. And if they fell into the wrong hands, it could be disastrous for the United States government. So talk us a little bit about some of the some of the details around mythos, explain it, you know, to our audience. They haven't heard about it, they have been living under a rock and not heard about it. But you know, let's dig into that a little bit here today.

unknown 16:19

Sure.

SPEAKER_01 16:20

All right, so in the mythos front, again, it's just a new large language model. It just happens to be really good at finding security vulnerabilities and crafting the ability to break those or crash the system. So take advantage of those weaknesses it found to do nefarious things. And that at the basic level, it was something, it was over a hundred times more effective at crafting vulnerability attacks, so real exploits, than Opus 4.6. So just put that in context. And they have tiers of attacks, so they they grade the attacks. And Opus had like two tier one attacks successful. And with Mythos, it had multiple, you know, again, hundreds of attacks successful, not just at tier one, but tier two, three, and four as well. And those are progressively more impactful. But the the simplest way to think about this is open BSD, which has been around for 27 years. They found the ability to craft some unique attacks and crash the system. This is a system that runs some of the most secure, hardened operating systems and workloads in the world. So that's not good. Second, 16-year-old FF MPEG, they missed a flaw, and it was basically memory handling flaws, which a lot of these things already are written in C or C. And that allowed them to crash one of the most popular video encoding libraries very predictably. Again, humans had never found these things. They've been over millions of times looking at them. Humans didn't find it. A new larger language model found um thousand, over a thousand of these use cases where it found vulnerabilities, and then it was able to craft attacks successfully in hundreds of those use cases. So just put that in context.

Brian Lake 17:54

A vulnerability that's been around for decades was found finally by mythos, right? I mean, uh and humans haven't been able to find it, haven't been able to identify it, and then all of a sudden this this LOM comes around and finds it out of thin air. Terrify.

SPEAKER_01 18:08

Yeah, so you know, you think of if if I'm fixing, if I want to scan my software with a powerful LLM, the opportunity in the future is hey, if mythos eventually gets released to some limited set of people, which we'll talk more about later, we could use it for a lot of good things to harden systems, do better application layer security. Traditionally, we've used a bunch of fuzz testing and other QA tools to do that, and then some other security tools, which are very deterministic, right? They're kind of pre-programmed, they have patterns, they have attack vectors, they do hundreds or thousands of attacks, but they're not as creative as a large language model could be, and they don't reason like a like a large language, large language model could in this case. Separate of that, I mean, the the biggest thing is AI isn't new, but the ability of the large language model to think in complex manners and reason and iterate through things very efficiently is an amplifier for an attacker. It can also be an amplifier for federal CISO. And so I think as you as you go down this path, CISOs, whether you're federal or commercial, really need to sit back and go, how do how do I go back to first principles? And how do I maybe rethink how I operate? Because their attackers certainly are.

Rebuilding The SOC With Agents

Brian Lake 19:19

Talk a little bit about that first principle concept, right? You should be theoretically adding a new first principle to the first principles, is which is you know, have some really good standards and processes and governance, and then maybe have a like a layer of really strong AI defense. I mean, what what are we talking about?

SPEAKER_01 19:35

Yeah, at a simplest level, we have to go back and blow up how we operate. This is really this isn't just process optimization, it is process completely rebooted. Right. So in this case, right, you know, is the most efficient thing to have a SOC operator or a hunt hunt detection team does a detect and response team, humans looking through piles of data and you know, thousands of alerts a day and then doing manual research trying to connect the dots manually? Or should they use an AI assistant, an agent that's specialized at connecting those dots using graph models or dependency algorithms to connect the dots between things, using indicators of compromise very efficiently. And they use some of that with machine learning today. But they also have to do a lot of writing, for example. Could we use a SOC agent to go connect the dots, write the Intel response report, make recommended actions potentially, and then the human clicks a button in those actions go go get implemented. It really gets back to is how fast couldn't we navigate the OODA loop at the simplest level? And then how do we measure those, that, that capability set in a SOC? So can I have a team of five or 10 analysts manage a lot more incidents, a lot more research, and do it in a way that's much more thorough with some AI assistance? The answer is looks uh looks very promising. And there's some small startups starting to do those things now. But again, this is not a it's not a chat bot model, right? A lot of our leaders think of terms of chat. This is really about agentic workloads where it takes work off the human, it augments the human, and it can think a lot more complexly now with more advanced LLMs than we could a year or two years ago.

Brian Lake 21:09

They're gonna have to do something, right? I mean, this is to me, if you think you've got an if you've got a lot of, let's say, alerts or um uh penetrations that are happening currently, now this AI is almost democratizing cyber attacking. Uh, that all of a sudden attackers can now use these tools, and you think that you've you've been you've been under siege now with your current small CISO team or the tools that you have available, you have you're not ready for the deluge that's coming. This it feels like this wall is approaching, and if they don't figure out a way to like leverage AI to augment their own first principles and their own kind of zero trust approaches, that they are going to just be overwhelmed in in a way that never happened before. And I mean, like, listen, the offense is getting is going to get much more aggressive, and your defense has to. get even more aggressive than it already is. And it's and it's not just nation states, too. I mean, I think I was reading the story about uh the Fortigate firewall hack that happened in January. What they said was is that it was done, it was executed by what they're calling a single low to medium skill threat actor. So basically someone dumb like me with a publicly off-the-shelf chat GPT tool was able to compromise 600 for gate firewalls across 55 different countries. And the idea that you don't need to necessarily have a lot of skill sets or hacking experience to do this, but you have an AI tool is is is terrifying to me. It's it's it's it's it's wild to think about that you know you know the the the dumb marketing guys can now like become hackers right just like you know what what did you call it I think uh um the vibe hacking phenomenon is think I think the term you use earlier like we're no we're not we're not just vibe coding we're vibe hacking right so exactly you know how how how do we how do we manage this?

SPEAKER_01 23:13

Well I don't know if we manage the vibe hacking. I mean we're at the basic level big cloud service providers and the AI providers are trying to put guardrails in place so they can catch that stuff and prevent people from writing nefarious code on their SaaS hosted platform. But certainly if you're a hacker you could download your own models do what you want locally and nobody's gonna limit what you can do there. So that's you know that's uh you know limits them but doesn't stop them. Let's put it that way, right? May slow them down. More, more importantly, it's here, it's here to stay, it's only going to get worse. We have to get better at building out a a really secure environment where and also operating much more efficiently. And again it gets back to how do we use AI to fight AI in this case. And we have to think about how do we do that both from from a governance perspective, the configurations and operational management, how do I patch my vulnerabilities quicker more efficiently? How do I configure things better? That's where sometimes basic things like security posture management can be really valuable because it'll show you where you're from a full stack perspective, where you're strong, where you're weak from a risk perspective and you can go fix those things pretty quick. And then more importantly how do we again use AI to have a SOC team work more efficiently? It same thing goes for general IT operations management. We've been doing observability and AI ops for for organizations for a long time so I feel like in some cases you can look at what's going on there and see some of the productivity benefits where we can solve things 10 or 20 times faster to reduce outages or downtime or impact user experience. And we can do a lot of that and reapply that back inside the SOC for security as well. And then from a data perspective a lot of it gets back to threat intel. The sooner you get better threat intel or indicators of compromise, right? Think of IP addresses, host names, source addresses, attack vectors, session token keys, then you can go look through your giant pile of data and take action against it. And so a lot of it gets back to do I have the best threat intel data to then go surface through all of my logs to go find those things and see where they happen, when they happen and put the incident together and then go address it, respond to it, and then hopefully prevent that in the future. And that's where I think the larger agencies we we work with do a really good job on leveraging an enormous amount of threat intel to then surface through a lot of those things, find things quick and then take action against those. Question could be how do we take action faster and more efficiently at scale?

Project Glasswing And Guardrails Fight

Brian Lake 25:38

Well I mean I'm glad you mentioned fighting AI with a fighting AI with AI, right? We talked about this I think a few episodes ago with our friend Elad Shulman, you know, about the need for you know AI security if you're not battling AI with AI, you're gonna be in trouble. So let's I want to go back a little bit and and run through just kind of frame the situation here and it still goes back to this anthropic mythos project last wing and I really want you to kind of dive into this because I think it really indicates a major need within the government about using AI to fight this these AI threats. I mean but but just to just to kind of level set here right so you know in July 25 Anthropic signs is one of organizations signs a $200 million contract that gets them the first AI frontier model on the classified DOD networks. But they anthropic said we're gonna have some guardrails in place some lines in the sand about how you use our our our LLF right you cannot use it for autonomous lethal weapons and not for using it for domestic mass surveillance and the United States government the Department of Defense said nope we want full access we bought it we should be able to use it how we see PC fit. A lot of this came out of the uh the the reports that it had been used for the the Nicholas Maduro um capture in in Venezuela. So uh fast forward to February this year negotiations break down Secretary Heggs designates as supply chain risk this is first time it's ever been applied to a United States company not a uh Chinese company like Huawei or you know and uh and you know someone who's not necessarily uh who's a an ally of ours Trump directs all agencies to stop using Claude and then we move into obviously litigation in March 26 um the San Francisco judge issued a preliminary injunction uh ruling that uh this was first classic for illegal First Amendment retaliation, uh punishing anthropic and then April 8th as we mentioned previously the DC appeals court stayed Anthropic's requests that uh the government was in the right to to name this. So all of that, right? And here we are today. Now it's they've released this insanely amazing model that's never been seen before really and it's identifying all these vulnerabilities in every operators in browser but the DOE says we need to unfettered access and Aftrop says no we won't give it to you. Let's like let's stop everything else. We started this talking about uh critical infrastructure SISA has lost about a thousand plus employees a third of their workforce is gone so they're trying to do less with more or more with less who's right who's wrong how do we need to get work through this how do we need to make make these organizations collaborate more closely together I know they just announced Project Glasswing. So talk a little bit about that collaboration that's happening and what does it mean for the government and how we need to really start to think about this to ensure that we had the right AI tools to fight these AI threats.

SPEAKER_01 28:43

Sure. Well it's so let's start with Anthropic didn't release a very powerful model. So instead of doing what might have been financially beneficial to them they stepped back and had the the the patience and the I guess courage in this case potentially to go coordinate with other industry members people like AWS, Microsoft, Palautto and others on Project Classwing. So basically they said, hey we found a bunch of vulnerabilities this is really scary we're gonna work with industry in this case 40 different companies currently and I think they have something like $100 million in tokens they donated to go secure some of the world's most broadly used technology to make it more secure. And so I think that was a wise decision. It's gonna be very beneficial for the for the industry. And I think you know from a whether it's an open source project or a commercial off the shelf tool, we all have the responsibility to build good secure high quality software. Secure is important quality is just as important. So I think I would applaud Anthropic for doing that and the companies to spend their own time to go focus on making their stuff more secure because it's only going to get worse. So the good thing is we're out ahead of it. Where that goes, nobody knows, but I think it's a great thing to do and and you can close those gaps pretty quickly right when you think of just you've got vulnerabilities, you know where the issue's at you know how to replicate it now let's go fix the code. Their developers will probably do a great job there if they're able to use mythos in their you know their coding environment to help write code to fix the problems all that much better. And Anthropic was already doing a lot of that with with Cloud Code and and Opus 4.6 they're going to do they've done a lot more of that recently and and they've done a good job of not releasing the vulnerabilities publicly but they put a SHA hash into the incident so that they can trace it without giving away the attack vector for bad people to be aware of to go take action on. So they've done a really good job of balancing the I think upside and the the downside of or risk those vulnerabilities. And so that's the exact behavior you typically want from a company that cares about AI safety at the end of the day. The next question really when you think of the stock market, we've seen it be a bit of a roller coaster recently both up and down you know what's this mean for the ability for a large language model to find more vulnerabilities and more unique ones than a whole host of application security tools over the last 10 or 20 years. So that has a far-reaching ramifications for industry and probably some vendors more than others. And so it's uh it should be interesting to see where this goes and what choices we make both in industry and in the government to leverage the capabilities that now exist or soon will exist for us to to use. But I mean Brian at the end the pace and the sophistication of attacks as large language models get smarter are only going to get more daunting. And so you know we can't keep operating like we did in in previous

Next Steps And Listener Challenge

SPEAKER_01 31:43

years.

Brian Lake 31:43

We have to change yeah the the the yesterday's playbook isn't going to work right that's the reality you got to as you mentioned you got to blow it up you got to like rewrite it and you got to rewrite it fast. That's what I think is I think scares me the most is how fast these organizations have to move. I'm glad to hear that you said that they should you know with you know with these tools to identify these vulnerabilities they should be able to close these vulnerabilities quickly that to me is is is actually really heartening but ultimately when you talk about building a new playbook the government really needs I mean they need to right so the question would be is what is the government doing about it and uh that's what I'd like you to answer but I want you to do it next next episode Sean so listeners if you want to hear what the answer is about what the government is doing next to uh rebuild the playbook, to rewrite it, you're gonna have to tune into the next episode where Sean's going to dive into a little bit of some of his conversations he was having at the White House with a bunch of industry partners, uh how the government is evaluating some of these tools that they can have for AI to fight AI. But in the interim, check out the show notes, uh let us know what we missed, uh let us know some ideas for future shows. Follow us uh on on on wherever you subscribe to your podcast. Go to just 360 to you know find out about the latest events that we're doing in the industry. We have some great conversations coming up uh both in person and virtually about a lot of these different topics so you know make sure you engage with us see you next time and we'll hopefully next time we'll find out what Sean's hacker, what his hacker name would be so more to come on the next episode. Thanks for joining everybody talk to you soon. Thanks Sean Hey you're welcome Brian