 |
|
|
|||||
Generative AI has rapidly become core infrastructure, embedded across enterprise software, cloud platforms, and internal workflows. But that shift is also forcing a structural rethink of cybersecurity. The same systems driving productivity and growth are emerging as points of vulnerability. Google Clouds latest AI Threat Tracker report suggests the tech industry has entered a new phase of cyber risk, one in which AI systems themselves are high-value targets. Researchers from Google DeepMind and the Google Threat Intelligence Group have identified a steady rise in model extraction, or distillation, attacks, in which actors repeatedly prompt generative AI systems in an attempt to copy their proprietary capabilities. In some cases, attackers flood models with carefully designed prompts to force them to reveal how they think and make decisions. Unlike traditional cyberattacks that involve breaching networks, many of these efforts rely on legitimate access, making them harder to detect and shifting cybersecurity toward protecting intellectual property rather than perimeter defenses. Researchers say model extraction could allow competitors, state actors, or academic groups to replicate valuable AI capabilities without triggering breach alerts. For companies building large language models, the competitive moat now extends to the proprietary logic inside the models themselves. The report also found that state-backed and financially motivated actors from China, Iran, North Korea, and Russia are using AI across the attack cycle. Threat groups are deploying generative models to improve malware, research targets, mimic internal communications, and craft more convincing phishing messages. Some are experimenting with AI agents to assist with vulnerability discovery, code review, and multi-step attacks. John Hultquist, chief analyst at Google Threat Intelligence Group, says the implications extend beyond traditional breach scenarios. Foundation models represent billions in projected enterprise value, and distillation attacks could allow adversaries to copy key capabilities without breaking into systems. The result, he argues, is an emerging cyber arms race, with attackers using AI to operate at machine speed while defenders race to deploy AI that can identify and respond to threats in real time. Hultquist, a former U.S. Army intelligence specialist who helped expose the Russian threat actor known as Sandworm and now teaches at Johns Hopkins University, tells Fast Company how AI has become both a weapon and a target, and what cybersecurity looks like in a machine-versus-machine future. AI is shifting from being merely a tool used by attackers to a strategic asset worth replicating. What has changed over the past year to make this escalation structurally and qualitatively different from earlier waves of AI-enabled threats? AI isnt just an enabler for threat actors. Its a new, unique attack surface, and its a target in itself. The biggest movements we will see in the immediate future will be actors adopting AI into their existing routines, but as we adopt AI into the stack, they will develop entirely new routines focused on the new opportunity. AI is also an extremely valuable capability, and we can expect the technology itself to be targeted by states and commercial interests looking to replicate it. The report highlights a rise in model extraction, or distillation, attacks aimed at proprietary systems. How do these attacks work? Distillation attacks are when someone bombards a model with prompts to systematically replicate a models capabilities. In Googles case, someone sent Gemini more than 100,000 prompts to probe its reasoning capabilities in an apparent attempt to reverse-engineer its decision-making structure. Think of it like when youre training an analyst, and youre trying to understand how they came to a conclusion. You might ask them a whole series of questions in an effort to reveal their thought process. Where are state-sponsored and financially motivated threat groups seeing the most immediate operational gains from AI, and how is it changing the speed and sophistication of their day-to-day attack workflows? We believe adversaries see the value of AI in day-to-day productivity across the full spectrum of their attack operations. Attackers are increasingly using AI platforms for targeting research, reconnaissance, and social engineering. For instance, an attacker who is targeting a particular sector might research an upcoming conference and use AI to interpret and highlight themes and interest areas that can then be integrated into phishing emails for a specific targeted organization. This type of adversarial research would usually take a long time to gather data, translate content, and understand localized context for a particular region or sector. But using AI, an adversary can accomplish hours worth of work in just a few minutes. Government-backed actors from Iran, North Korea, China, and Russia are integrating AI across the intrusion lifecycle. Where is AI delivering the greatest operational advantage today, and how is it accelerating the timeline from initial compromise to real-world impact? Generative AI has been used in social engineering for eight years now, and it has gone from making fake photos for profiles to orchestrating complex interactions and deepfaking colleagues. But there are so many other advantages to adversaryspeed, scale, and sophistication. Even a less experienced hacker becomes more effective with tools that help troubleshoot operations, while more advanced actors may gain faster access to zero-day vulnerabilities. With these gains in speed and scale, attackers can operate inside traditional patch cycles and overwhelm human-driven defenses. It is also important not to underestimate the criminal impact of this technology. In many applications, speed is actually a liability to espionage actors who are working very hard to stay low and slow, but it is a major asset for criminals, especially since they expect to alert their victims when they launch ransomware or threaten leaks. Were beginning to see early experimentation with agentic AI systems capable of planning and executing multi-step campaigns with limited human intervention. How close are we to truly autonomous adversaries operating at scale, and what early signals suggest threat velocity is accelerating? Threat actors are already using AI to gain scale advantages. We see them using AI to automate reconnaissance operations and social engineering. They are using agentic solutions to scan targets with multiple tools and we have seen some actors reduce the laborious process of developing tailored social engineering. From our own work with tools such as BigSleep, we know that AI agents can be extremely effective at identifying software vulnerabilities and expect adversaries to be exploring similar capabilities. At a strategic level, are we moving toward a default machine-versus-machine era in cybersecurity? Can defensive AI evolve fast enough to keep pace with offensive capabilities, or has cyber resilience now become inseparable from overall AI strategy? We are certainly going to lean more on the machines than we ever have, or rik falling behind others that do. In the end, though, security is about risk management, which means human judgment will have to be involved at some level. Im afraid that attackers may have some advantages when it comes to adapting quickly. They wont have the same bureaucracies to manage or have the same risks. If they take a chance on some new technique and it fails, that wont significantly cost them. That will give them greater freedom to experiment. We are going to have to work hard to keep up with them. But if we dont try and dont adopt AI-based solutions ourselves, we will certainly lose. I dont think there is any future for defenders without AI; its simply too impactful to be avoided.
Category:
E-Commerce
United Parcel Service (UPS) is planning to close dozens of packaging facilities this year, the shipping giant revealed in a court filing this week. The plans include shuttering facilities in Texas, Florida, Georgia, Maryland, and several other states. It includes locations that have union employees, according to a docket made public as part of a lawsuit between UPS and the Teamsters Union. UPS revealed in January that it will cut 30,000 jobs over the coming year. The move was announced as its partnership with Amazon was winding down and amid a broader push toward automation. At the time, it also revealed plans to close 24 total facilities, though it did not reveal the locations. Now the locations of 22 of those facilities have been made public. In the court filings, UPS said the applicable Local Unions have been notified of these closures and informed of the anticipated impacts. Which UPS package facilities are closing? The facilities marked for closure are spread across more than 18 states. They appear below: Jamieson Park facility in Spokane, Washington Chalk Hill facility in Dallas, Texas Jacksonville, Illinois Rockdale, Illinois Devils Lake, North Dakota Laramie, Wyoming Pendleton, Oregon North Hills, California Las Vegas North in Las Vegas, Nevada Quad Avenue in Baltimore, Maryland Wilmington, Massachusetts Ashland, Massachusetts Sagamore Beach, Massachusetts Miami Downtown Air in Miami, Florida Camden, Arkansas Blytheville, Arkansas Kosciusko, Mississippi Atlanta Hub in Atlanta, Georgia Columbia Hub in West Columbia, South Carolina Kinston, North Carolina Austinburg, Ohio Cadillac, Michigan What has UPS said about the closures? Were well into the largest U.S. network reconfiguration in UPS history, creating a nimbler, more efficient operation by modernizing our facilities and matching our size and resources to support growth initiatives,” a UPS spokesperson told Fast Company when reached for comment. “Some positions will be affected, though most changes are expected to occur through attrition. Were committed to supporting our people throughout this process.” The facility closures were reported earlier by Freight Waves. Last year, UPS also shed 48,000 workers. The primary drivers for the closures are a broader rightsizing effort, outlined back in 2024. Shares of United Parcel Service Inc (NYSE: UPS) are up almost 15% so far in 2026. But the stock is down significantly from highs it had seen during the early pandemic years. However, the impact of the closures will affect members of the International Brotherhood of Teamsters. In response, the Teamsters filed a lawsuit over a planned voluntary buyout program for union drivers, called the Driver Choice Program, or DCP, saying it violates its contract. The Teamsters have asked the court for an injunction pending the two sides’ initiation of the grievance process outlined in their contract. In a statement, the Teamsters have said that they have detailed at least six violations of its National Master Agreement by UPS in the rollout of the buyout program, including direct dealing of new contracts with workers, elimination of union jobs when UPS contractually agreed to establish more positions, and erosion of the rights and privileges of union shop stewards, among other charges. For the second time in six months, UPS has proven it doesnt care about the law, has no respect for its contract with the Teamsters, and is determined to try to screw our members out of their hard-earned money, said Teamsters General President Sean M. OBrien, in comments included in the statement. UPSs spokesperson tells Fast Company that the company is disappointed in the response. The world is changing, and the rate of change isaccelerating,” UPS says. “As we navigate these changes and continue to reshape our network, our drivers appreciate having choices, including theoptionto make a career change or retire earlier than planned.” This story is developing…
Category:
E-Commerce
Former Florida Governor Jeb Bush’s 2016 presidential campaign is remembered a decade on for the exclamation point in its “Jeb!” logo, but Jesse Jackson’s campaign actually used the punctuation 28 years before him. Jackson, the civil rights activist who died Tuesday at the age of 84, ran for president twice, in 1984 and 1988. At the 1988 Democratic National Convention, his supporters held red signs that said “Jesse!” in white. Democratic National Convention, Atlanta, 1988. [Photo: Robert Abbott Sengstacke/Getty Images] Jackson came in second in the 1988 primary with nearly 30% of the vote against the party’s nominee Michael Dukakis, and since then, candidates from Bush to 2012 Republican presidential candidate Mitt Romney and former U.S. Sen. Lamar Alexander, a Tennessee Republican, have used the punctuation mark in their logos to give their names some added emphasis. An attendee holds a campaign sign while listening during a campaign event for Jeb Bush in Charleston, South Carolina, 2016. [Photo: Daniel Acker/Bloomberg/Getty Images] Though Jackson never held political office, the visual brand of his historic campaigns still resonates today for standing out in a sea of sameness. A protege of Martin Luther King Jr., Jackson was the founder of the civil rights nonprofit Operation PUSH (People United to Serve Humanity) when he announced his campaign in 1983 without any experience in elected office and became the first Black presidential candidate for a major party since Shirley Chisholm. [Image: United States Library of Congress] Jackson’s exclamation mark logo was far from the only logo used in support of his presidential campaigns in a time before standardized, consistent branding was expected for political campaigns. He campaigned in serifs and sans serifs, and sometimes in bright yellow, a color that signaled a break from the standard red, white, and blue color palette of U.S. politics at the time. His campaign used slogans like “Now is the Time” and “Keep Hope Alive.” During a speech at the 1984 Democratic National Convention, Jackson explained his idea of the nation as a rainbow, a symbol that became associated with his candidacy and advocacy. “Our flag is red, white, and blue, but our nation is a rainbowred, yellow, brown, black, and whiteand were all precious in Gods sight,” he said. [Photo: Smithsonian National Museum of African American History and Culture] That message, along with Jackson’s push to build a “rainbow coalition” that transcended racial and class lines, inspired rainbow-themed buttons and ephemera. Buttons depicted rainbows that were red, white, and blue
Category:
E-Commerce
All news |
||||||||||||||||||
|
||||||||||||||||||