Beyond Labels

A 360° Discussion of Foreign, National and Local Policy Issues

Mike Wolf

11 June Notes and Links

From Eric:

Cryptocurrencies Lose $42 Billion After South Korean Bourse Hack

Vaccine model of Cyberthreats.

History of Lime Vaccine

There is no evidence to suggest that the Lyme disease vaccine ever caused Lyme arthritis, but it was taken off the market largely in response to lawsuits alleging exactly that. Why?

But it was too late. Already, there was “significant media coverage, sensationalism, the development of anti-Lyme vaccine groups … who urged withdrawal of the vaccine from the market,” Poland explained in his 2011 article. A class-action lawsuit targeted SmithKline Beecham, claiming the company did not do enough to warn people of potential autoimmune side effects.

The FDA continued to follow up with an additional drug safety trial to try to settle the matter for the public. The trial was supposed to last four years. But sales of LYMErix had plummeted “from about 1.5 million doses in 1999 to a projected 10,000 doses in 2002,” the National Institute of Allergy and Infectious Diseases explains on its website.

So the manufacturer pulled it from the market, despite the fact that early data from the additional safety trial found “no differences in any significant adverse reactions noted between control subjects and vaccinated persons,” Poland writes.

The incredibly frustrating reason there’s no Lyme disease vaccine

Yet in the late 1990s and early 2000s, a vaccine called LYMErix was sold to prevent between 76 and 92 percent of infections. Hundreds of thousands of people got it — until vaccine fear knocked it off the market.

The LYMErix story is worth retelling today. It’s a stark reminder of how anti-vaccine mania of the past few decades is leaving us all more susceptible to disease.

We’re Officially On the Path to a Global Pandemic

CDC to cut by 80 percent efforts to prevent global disease outbreak

Bill Gates Calls For, And Funds, Steps To Prevent A Global Pandemic

“Given the continual emergence of new pathogens, the increasing risk of a bioterror attack, and how connected our world is through air travel, there is a significant probability of a large and lethal modern-day pandemic occurring in our lifetimes,” Gates told audience members in April at the New England Journal of Medicine’s Shattuck Lecture in Boston.

Gates called for a coordinated global effort to combat this potential catastrophe, saying that the world needs an early detection system, better tools and a response system in place. He noted that several initiatives have already started to work on these challenges.

 

Topic 11 June: Cybersecurity

Anyone who keeps up with current events knows that both the economic costs of trying to secure our systems and the economic impact of failure to secure them are growing.  Most people don’t realize the current cost and rate of growth.

Here’s how to think about it. Imagine if all the economic activity devoted to guarding against hackers and all the economic activity resulting from their activity–let’s call this the global hackonomy–was attributed to a single imaginary country–let’s call it Hackistan, then Hackistan’s economy–estimated at $2-3 trillion in 2015 would have made it one of the ten largest economies in the world.  And if projections for 2021 are accurate,  Hackistan will move into fifth place, behind the United States, the European Union, China, and Japan.

The Hackistanian hackonomy includes the value of goods and services bought and sold in the fast-growing black,  gray and white markets for hacking tools, techniques, and services; the value of money and other financial assets stolen by hackers; the money exchanged for information stolen by hackers; the ransom demanded and paid for decrypting files or ceasing Denial of Service (DoS) attacks; the money spent on products and services intended to protect individuals and organizations against hackers.

The contribution of any economic sector to GDP is the monetary value of the goods and services in that sector. It doesn’t matter whether they are the result of creating something of value or are the result of repairing or replacing something of value that has been destroyed. So the economy of Hackistan includes all the exchanges of value between hackers and the outside economy and all the costs of recovering from damages caused by hacking.

Hackistan’s economy is growing far faster than the rest of the world’s economy. High returns make hacking profitable for criminals and criminal organizations and valuable to nation-states that benefit from both the costs that must be borne by their adversaries and the value of the money and information that they can steal. So elite talent around the world is drawn to developing hacking tools and techniques. And as regions without sufficiently many economic opportunities attach to the internet, the best opportunities for some of their most talented citizens is developing hacking tools, or using the tools that have already been developed.

Hackers who develop new techniques don’t have to resort to shadowy markets to make money. There are overlapping markets–white, gray, and black–where hackers can make money. The market includes companies like Google and Microsoft that pay hefty rewards to hackers who discover ways to bypass the security they’ve tried to build into their products. Google’s “bug bounty” program, for example, paid out nearly $3M in 2017.  It includes companies like HackerOne, and BugCrowd that run vulnerability disclosure and bounty programs. It includes Zerodium a company that publishes a price list with payments up to $1.5 million dollars for “zero-day” exploits. (A zero-day is a previously unknown ways of compromising computer systems.) Zerodium makes money by using the information that it’s gained to help protect its customers. It may also sell the reported exploits to the NSA and other government entities. Exodus Intel is another company in the market for zero day exploits.

The NSA is in the market, as revealed by Edward Snowden and later

HackingTeam is an Italian company that sells hacking technologies for use by worldwide law enforcement and intelligence communities.  HackingTeam was itself hacked in 2016 and its list of customers revealed.

Bad as things are they are likely to get worse. A lot of hacking is labor-intensive work. While some of the work is the development of novel techniques, most of it is pattern recognition and application and adaptation of existing techniques based on the patterns that have been found. It’s demanding work but can be automated using Machine Learning techniques.  Smarter hacking tools can help less skilled hackers carry out attacks that today only the best hackers–the ones employed by nation-states can carry out. The result is that the impact of hacking will grow even faster.

Cyberkinetic systems are computer controlled systems with energetic physical consequences. If someone hacks into an information system they can change ownership of an information asset–including money. But if someone hacks into a cyberkinetic system they can destroy property or injure or even kill people.

The use of AI to help hack systems gives a wider range of actors the ability to hack cyberkinetic systems. And since most such systems are in the West, it threatens the Western economic and political order.

Topic 21 May: Artificial Intelligence

Apologies for not posting this sooner. Maybe we make this a two-parter if we aren’t sick of the topic by the end of this week.

First of all this article by Henry Kissinger in The Atlantic which raises concerns.

But that order is now in upheaval amid a new, even more sweeping technological revolution whose consequences we have failed to fully reckon with, and whose culmination may be a world relying on machines powered by data and algorithms and ungoverned by ethical or philosophical norms.

This is a fairly long paper called Cyber,Nano and AGI risks

The article is about existential risks. Implicit in the article is the idea that nanotechnology and Artificial Intelligence are existential risks, unlike say climate change, which is not an existential risk. Climate Change is not an existential risk because its effects will appear over a period of decades, if not centuries giving people time to adapt. And if we can’t adapt, then even in the worst-case scenarios where if it kills a couple of billion people, that’s only 10-20% of the human population. These other things are existential risks because rise suddenly, over a period of weeks, and might kill everyone. Cyber is included because if we can’t guard against cyber risk, then we can’t guard against these others.

Civilization, taken as a whole, is already a superintelligence. It is vastly more intelligent than any individual, it is already composed of both human and machine intelligences, and its intelligence is already increasing at an exponentially accelerating rate.

The paper points out that before AI has reached general superintelligence it would have achieved super-abilty in narrow domains, such as hacking computer systems.

Finally, this paper, “The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation” describes the many ways in which AI could be used for malicious purposes.

  • Subscribe via Email

    Receive email notification of new posts/announcements about our weekly meeting.

    Join 244 other subscribers
  • Recent Posts

  • Recent Comments