Following on from Google’s recent launch announcement for Gemini (its new super-powered foundation model family), Google has now announced the launch of AI Studio to enable the development of apps and chatbots using Gemini.

Gemini (Pro) 

Google recently announced the introduction of its largest and most capable AI model, Gemini. The three sizes of the model, Ultra, Pro and Nano are already being rolled out with Gemini Nano in Android, starting with Pixel 8 Pro, and a specifically tuned version of Gemini Pro in Google’s Bard chatbot. Gemini Pro is now also available for developers and enterprises to build for their using AI Studio.

AI Studio – Leveraging The Power of Gemini 

Google’s new AI Studio (previously called ‘MakerSuite’), which Google describes as “the fastest way to build with Gemini” is a free, web-based developer tool that enables users to quickly develop prompts and then get an API key to use in app development. In short, it’s a fast, free, easy-to-use tool to enable the creation of apps and chatbots that leverage the power of Gemini Pro model (and Ultra later next year).

Generous Free Quota 

As Google is keen to point out, users who sign into Google AI Studio with their Google account login can take advantage of the 60 requests per minute free quota, which is 20 times more than other free offerings.

How It Works 

Once signed in, AI Studio users simply need to click on “Get code” to transfer their work to their integrated development environment (IDE) of choice or use one of the quickstart templates available in Android Studio, Colab or Project IDX.

Shared With Reviewers To Improve Product Quality 

Google also says that to improve the quality of AI Studio, when using the free quota, it may make the user’s API and Google AI Studio input and output accessible to trained reviewers. Google stresses that in the interests of privacy, this data is de-identified from the user’s Google account and API key.

Currently, Google AI Studio supports both Gemini Pro and Gemini Pro Vision models, which accommodate text and imagery development, but not yet image creation

How Much Can You Do With The Free AI Studio? 

It’s been reported that the team behind AI Studio have tried to make sure it doesn’t feel like a very limited trial version or a gated product and that, if the free-tiers rate limits are sufficient for their use, developers can start publishing their AI Studio apps or use them through the API or Google’s software development kits (SDKs) right away.

Which Software Development Kits (SDKs)? 

With Gemini Pro, the SDKs supported include Python, Android (Kotlin), Node.js, Swift and JavaScript, which should enable the building of apps that can run anywhere.

Transition To Vertex AI 

In line with Google’s “growing with Google” (customer retention) concept, AI Studio offers a way for Google to first let users experiment and learn, before seamlessly enabling them to “easily transition” to its fully managed (paid-for) AI developer platform ‘Vertex AI.’ This platform offers the added benefits and value of customisation of Gemini with full data control, and it benefits from additional Google Cloud features for enterprise security, safety, privacy and data governance and compliance.

Those who choose to transition to Vertex will therefore have access to Gemini plus, meaning that they can:

– “Tune and distil” Gemini with their own company’s data and augment it with grounding to include up-to-minute information and extensions to take real-world actions.

– Build Gemini-powered search and conversational agents in a low code / no code environment. This includes support for retrieval-augmented generation (RAG), blended search, embeddings, conversation playbooks and more. RAG refers to using facts fetched from external sources to enhance the accuracy and reliability of generative AI models.

All this should mean that businesses can use these Google AI services to create their own working, real-world customised chatbots and apps (based on a powerful model), saving time and money and without requiring vast amounts of technical skill to do so. Google is also keen to highlight how using Vertex will protect privacy because Google says it doesn’t train its models on inputs or outputs from Google Cloud customers, and customer data and IPs remain their own. This is likely to be important to the many enterprise customers and developers that Google hopes will adopt AI Studio and then Vertex AI.

Looking Ahead (And Pricing)

As previously mentioned, using Google’s Gemini Pro through AI Studio is currently free, and a pay-as-you-go version (coming soon to AI Studio) will be priced at (input) $0.00025 / 1K characters and $0.0025 / image, and output $0.0005 / 1K char.

Google says: “Vertex AI developers can try the same models, with the same rate limits, at no cost until general availability early next year, after which there will be a charge per 1,000 characters or per image across Google AI Studio and Vertex AI.” The Vertex platform is already charged by every 1,000 characters of input (prompt) and every 1,000 characters of output (response).

With Gemini, the new, powerful three-flavoured foundation model means users can build their apps and chatbots via Google AI Studio and then Vertex. Ultra, the largest and most capable model, will be launched next year (following testing and tuning). Google also says it plans to bring Gemini to more of its developer platforms like Chrome and Firebase.

What Does This Mean For Your Business? 

In the fast-moving generative AI market, Google’s powerful Gemini models and its infrastructure and tools for leveraging these models (AI Studio and Vertex) enable it to compete with the likes of OpenAI’s GPT-4 model, its API and ChatGPT. With the race now moving towards giving users the tools to make their own customised apps and chatbots (like OpenAI’s GPTs) focused on their own business uses, this is an important competitive step from Google.

AI Studio is also a way to ease users into Google’s AI services, retain and upsell them by offering them a seamless way to move up to the bigger paid-for platform Vertex. Being able to build apps and chatbots in an easy, low-code way is likely to be very attractive to most businesses that are sold on the general benefits of AI but want a way to easily tailor it in a value-adding way that is specific to their own business needs. Although Google and the other major tech players are moving quickly to meet these needs, it seems that this is such a fast-moving market that in even just a month or two, other major developments or products can up the ante for all again. OpenAI, for example has (after its recent boardroom power struggle) has already announced some major new developments for the very near future.

For now, it’s a case of Google scoring some points with Gemini and its associated infrastructure tools. However, keep watching this space!

A whitepaper by researchers at Sophos highlights how, rather than remaining anonymous, ransomware gangs now engage with the media to shape the narrative around a hack and gain a tactical and strategic advantage.

The Ransomware Threat 

Ransomware is a type of malicious software designed to block access to a computer system or data (typically by encrypting it), until a ransom is paid. It’s worth remembering that even if a ransom is paid, it may not mean that data is ever returned. Ransomware has become increasingly popular among cybercriminals due to its lucrative nature and the ease with which it can be distributed, such as via phishing emails, malicious downloads, or exploiting security vulnerabilities. The rise of cryptocurrencies has also facilitated anonymous ransom payments, making it harder to trace and prosecute perpetrators.

Ransomware’s effectiveness in generating revenue for attackers plus the increasing digitisation of many business-sectors have contributed to its growing prevalence as an attack ‘vector’. For example, ransomware attacks have increased by over 37 per cent this year compared to previous years (ThreatLabz) and over the last five years, there has been a 13 per cent rise in ransomware attacks. Also, the global cost of ransomware is estimated to have exceeded $30 billion this year (tech.co).

The Commoditisation and Professionalisation of Ransomware 

The Sophos whitepaper highlights the fact that whereas historically, cybercriminals preferred to operate in obscurity and avoid public attention (for obvious reasons), there has been a marked shift in the behaviour of ransomware gangs. Sophos says that, aided by the commoditisation and professionalisation of ransomware, these criminal groups are now actively engaging with the media for a variety of tactical and strategic reasons.

Why? 

Some of the key reasons highlighted by Sophos as to why ransomware gangs now court the media include:

– Leveraging media attention. It seems that ransomware gangs now understand that their activities are newsworthy and are prepared to use media coverage to bolster their credibility and exert pressure on victims. For example, they sometimes link to existing coverage on their leak sites, thereby showcasing their notoriety and influence (making a name for themselves and bolstering their criminal ‘brand’).

– Many ransomware gangs now seek direct communication with journalists and invite and facilitate communication with them. For example, criminal gangs do this through FAQs on their leak sites, dedicated private PR channels, and public notices. This approach not only allows them to control the narrative but also serves as a means to intimidate victims by demonstrating their media reach.

– Bizarrely, some groups even give in-depth interviews, thereby hoping to provide a positive perspective of their activities, which could serve as a recruitment tool. This not only increases their notoriety but also offers insights into the ransomware scene from their perspective.

– Sophos reports that ransomware groups have even started issuing what they call “press releases,” often written in fluent English. These releases can, for example, range from recruitment announcements to attacks on organisations for not complying with their demands, thereby applying pressure, and causing reputational damage to victim organisations.

– According to Sophos, ransomware gangs have also started to focus on their own branding, using catchy names and slick graphics on their leak sites to attract media attention and distinguish themselves in the public domain.

Media Management Roles

Reading the above, it’s perhaps not such a surprise to learn that, in some well-established ransomware groups, Sophos reports that there are even individuals who have media management roles and are dedicated to negotiating ransoms and managing public communications. This indicates a worrying level of organisation and professionalisation akin to legitimate businesses.

Criticism and Mistrust of Media 

That said, and despite their engagement, it seems that the split personality and confused logic of ransomware gangs can’t help but shine through as they tend to display a contradictory attitude towards the media. For example, Sophos highlights how they often criticise journalists for what they perceive as unfair or inaccurate coverage and occasionally attack individual journalists to make them feel uncomfortable or cause reputational harm. However, as befits a more media-savvy approach (with a brand and image at stake) they also tend to refrain from making direct threats.

The Unique Position of Ransomware Gangs 

In the world of cybercrime, this need for publicity means that ransomware campaigns now occupy a unique position. Unlike other threats that thrive on remaining undetected, ransomware groups must make themselves known to demand ransoms. This involves using leak sites and media engagement. It should be remembered, however, that all this is used to apply pressure on victims, attract recruits, manage their public image, and shape the narrative of their attacks.

The Implications For The Security Community And Businesses 

To combat the problem of the increasing media savviness of ransomware gangs, many believe that the security community and media need to adopt specific strategies. These could include:

– Refraining from directly engaging with ransomware actors unless it aids in defence or is in the public interest.

– Factual reporting, i.e. focusing on providing information that aids defenders and avoids glorifying the threat actors, thereby reducing their manipulative power.

– Providing adequate support to journalists and researchers who may be targeted by these groups.

– Avoiding publicly naming or crediting threat actors unless necessary and factual, can deny them the publicity they seek, thereby limiting their powers and thwarting some of their criminal ambitions.

Why Aren’t Ransomware Gangs Afraid? 

As the Sophos whitepaper indicates, ransomware gangs often appear to be unfazed by the legal consequences of their actions. Some of the main reasons for this may be:

– An adequate level of anonymity and decentralisation. Despite their media engagement, ransomware operations still manage to maintain an adequate level of anonymity, often using encrypted communication and cryptocurrency for transactions, which makes the successful tracking and identification of perpetrators challenging.

– Jurisdictional challenges. Many ransomware gangs operate from countries with lax cybercrime laws or where local authorities are either unable or unwilling to cooperate with international law enforcement efforts. This creates a kind of safe-haven for cybercriminals.

– Sophistication of operations. Ransomware gangs are now becoming increasingly sophisticated, using advanced techniques to avoid detection, and employing a variety of methods to launder ransom payments.

– The ransomware-as-a-Service (RaaS) model allows ransomware developers to lease their malware to affiliates who conduct attacks, further complicating law enforcement efforts as the developers can claim ignorance of the actual attacks.

Some Sucesses 

Despite these challenges, police around the world have had some notable successes in recent years. Collaborations between international law enforcement agencies have led to the disruption of major ransomware operations, arrests of key figures, and seizure of ransom payments. For example, the takedown of the Emotet botnet, the arrest of individuals connected to the REvil and Egregor ransomware groups, and the recovery of part of the ransom paid in the Colonial Pipeline attack are some significant victories. However, these successes are relatively rare compared to the scale and frequency of ransomware attacks, while the constantly evolving nature of these cybercriminal groups continues to pose a substantial challenge to law enforcement worldwide.

What Does This Mean for Your Business?

This shift by ransomware gangs from hiding away to actively contacting the media seems counterintuitive, brazen, and shocking. For many of the reasons explained above, ransomware gangs don’t seem to fear detection and capture. Despite their media activities, the main point is that if businesses are well prepared with security measures in place, the ransomware threat can be mitigated and the gangs will have little to report.

Proactive businesses should, for example, implement robust cybersecurity practices to prevent breaches, and develop and regularly update a comprehensive incident response plan. It’s also important for businesses to educate employees about ransomware tactics, including their use of media and public relations strategies, and to engage with cybersecurity experts to stay informed about the latest ransomware trends and defence strategies. Businesses also need to be aware, like the attackers, that they may need to prepare a media strategy in case of a ransomware attack to control the narrative and minimise reputational damage.

There’s also clearly a part that the media can play in limiting the manipulative power of ransomware gangs by not engaging with them and by denying them the publicity they crave. Better collaboration between law enforcement globally and increasing investment in detecting and tackling these groups is also an important priority to protect businesses. The more brazen and open attackers become, the more likely they are to make mistakes and leave clues and trails that could lead to their detection and capture.

By understanding the evolving landscape of ransomware threats and their media strategies, businesses and the security community can better prepare and respond to these increasingly sophisticated cyber-attacks.

A Los Angeles-based startup has said the news channel it’s about to launch will feature virtual newsreaders delivering news content generated by AI.

AI-Generated News And Presenters 

Channel 1, which describes itself as a “personalised global news network powered by AI” showcased its virtual AI-generated news and presenters in a half-hour long video posted on Twitter.  The channel said, “Our generated anchors deliver stories that are informative, heartfelt and entertaining.” 

The Plan 

It’s been reported that the initial plan for Channel 1, founded by producer and director Scott Zabielski and tech entrepreneur Adam Mosam, is to deliver a 30-minute weekly show through a FAST channel, which produces newscasts (by virtual presenters) that are customised for every user.

In a recent interview with The Hollywood Reporter, Zabielski acknowledged that the virtual presenters still look a little like video game characters but said that in the near future it will be difficult to tell the difference between watching AI and watching a human being.

Not The First 

The LA-based channel is not the first to use a virtual, AI generated news anchor. For example:

– Back in 2000, a team in Leeds developed a female character virtual newsreader called Ananova who presented news stories in a format similar to traditional TV newscasters, but through an online platform. Ananova marked an early step towards the integration of AI and virtual reality in media and journalism. The character was eventually acquired by the British mobile operator Orange.

– Digital AI news anchors have appeared online and on television in China for years. An AI-powered, ‘human’ style presenter debuted on the state news agency Xinhua in 2018. Also, during the 2022 Winter Olympics in Beijing, China also had a virtual host and an AI sign language presenter. Back in March, China’s state-owned news outlet ‘People Daily’ (the Chinese Community Party – CCP news outlet) introduced a new female AI-created presenter named Ren Xiaorong. People Daily said the 365 days, 24 hours virtual newsreader had the professional skills of a “thousand presenters”.

– Also, in March this year, it was reported that the Venezuelan state-owned television station VTV has been using deepfake English-speaking hosts. YouTube videos from the AI-generated hosts Noah and Daren (created by a company called Synthesia) making (false and over-optimistic) claims about the Venezuelan economy were shown on the VTV channel.

– In February, a New York Times report highlighted how videos featuring AI-generated deepfake broadcasters for a news outlet named Wolf News were being posted on Twitter and Facebook to spread disinformation related to promoting the interests of the Chinese Communist Party.

The Rise of ‘Cheapfakes’ 

Although news channels may have enough resources to develop convincing deepfakes, the now widely available selection of free/low-cost AI tools, video and image editing software mobile apps, means that it’s become easy for anyone to modify media and create their own ‘cheapfakes’. These are simpler and less sophisticated than deepfakes (which require minimal technical skills to make) and the rise of social media facilitates their rapid spread, often outpacing the verification of their authenticity. Cheapfakes can be quickly and cheaply made and exploit trust in traditional media by subtly modifying genuine content to create misleading narratives. Their simplicity and the challenges of detection make them a potent tool for misinformation, especially in politically and socially charged contexts.

What Does This Mean For Your Business? 

AI-powered news channels with virtual newsreaders (as showcased by Channel 1) are already used, e.g. by state media in China, however this latest startup shows a more focused approach that could represent a transformative moment for the news and media industry, as well as for businesses involved in content creation and distribution. This development carries a mix of potential benefits and challenges for businesses to consider.

In terms of the impact on news and media, the widescale use of AI and virtual newsreaders could revolutionise the way news is produced and consumed. For example, it offers the possibility of highly personalised and constantly updated news streams (Channel 1’s plan), potentially increasing viewer engagement. However, it also raises concerns about the authenticity and quality of news, as AI-generated content may lack the nuanced understanding and ethical considerations of human journalists.

For businesses in content creation, AI presents an opportunity to streamline production processes and reduce costs. Virtual newsreaders, for example, can work around the clock, accommodating constant content updates. However, the challenge lies in ensuring that the content remains accurate, unbiased, and adheres to journalistic standards.

Viewers/news consumers may benefit from more tailored and diverse news experiences but the difficulty in distinguishing AI-generated content from human-produced content could lead to confusion and mistrust among viewers, especially if the technology is used to spread misinformation or disinformation. It may also simply feel quite unnatural, impersonal, and a bit creepy to watch multiple news channels where the presenters aren’t real. The characters may lack the human interaction, jokes, quips, and other nuances which are often engaging and entertaining to viewers and give them more of a connection to presenters.

The main advantage of AI-generated news and presenters is the efficiency and personalisation but the experience of other countries e.g., China and Venezuela show how it could easily be manipulated to spread false information using the legitimacy of known news networks for authenticity. The rise of ‘cheapfakes’, for example, illustrates how easily technology can be misused to create and spread misinformation. Businesses must, therefore, balance the efficiency and innovation of AI with a commitment to ethical standards and factual accuracy. It’s crucial, for example, to invest in fact-checking and maintain transparency with audiences to build and retain trust.

While AI-driven news channels like Channel 1 may represent a significant technological advancement, taking the virtual presenter idea forward will mean businesses having to carefully navigate the ethical, practical, and reputational challenges it presents. Maintaining journalistic integrity and trust in the age of AI news will be paramount. Businesses should embrace the innovation AI offers while being mindful of its implications for content authenticity and public trust.

It’s been reported that the UK’s Minister of State (Minister for Crime, Policing and Fire), the Rt Hon Chris Philp MP, has urged UK police forces to follow Bedfordshire’s example of using artificial intelligence (AI) to save time and money in carrying out admin tasks.

Which Admin Tasks? 

The main task that Mr Philip was referring to is redacting personal data from case files that need to be sent to the Crown Prosecution Service (CPS) in order to comply with data protection laws. This is because such case files can, as part of witness statements, contain phone records (e.g. downloaded data from seized mobile phones) and other evidence, as well as personal details like addresses, phone numbers, and vehicle registrations. These personal details can’t be shared under UK data protection regulations, hence the need for redactions.

Time-Saving 

Before AI, the task of manually sifting through all the case files to find the personal data and redact it could take days. With the help of AI, it’s been reported that this time can be reduced significantly so that it only takes a matter of minutes.

Bedfordshire Police Using ‘Docdefender’ AI Tool 

As highlighted recently in the UK government’s Policing Productivity Review, Bedfordshire Police have been testing the Docdefender AI-assisted tool to automatically highlight the potential data that might need to be redacted. Time and motion studies have shown that using the DocDefender tool instead of the usual manual approach has resulted in between 80 and 92 per cent time savings!

Examples 

The report highlighted some more specific examples of Docdefender’s time-saving abilities, such as:

– The redaction of a phone download, which would have previously taken days to sort through for redactions, only taking 20 minutes with Docdefender.

– The redaction of a 350,000 cells spreadsheet in thirty minutes using Docdefender , which would previously have taken four hours.

– A decrease in investigator time spent redacting witness statements, with a potential efficiency savings of 18,900 police officer hours per annum.

Other Forces Too

As suggested by the minister, Bedfordshire Police’s Police Digital Services have reported engaging with other UK forces to explore how to give them access to this AI-powered, timesaving “auto redaction” solution. Work has also reportedly begun to scope the requirements and market for audio and visual redaction, with a view to implementing it in 2024.

Other Police Forces Experimenting 

Police forces reported to be in the process of looking at how such technical solutions could reduce time spent on reviewing and redacting case file material include Avon and Somerset Police, Cleveland Police, Devon and Cornwall Police, Dorset Police, Greater Manchester Police, Merseyside Police, the Metropolitan Police Service, Thames Valley Police and Wiltshire Police.

The Policing Productivity Report 

The recent Policing Productivity Report highlights how the recently formed NPCC Science and Innovation Coordination Committee for national policing will help with the adoption of such innovation projects across policing. The report suggests that knowledge sharing between forces about innovative schemes (like automatic redactions), and upfront investment to implement new the technology could both help. For example, the report says that “recent investments in robotic process automation and automatic redaction have successfully addressed this problem by giving forces a short-term boost in funding to initiate a solution with the expectation the force then take on the business-as-usual running cost. This model should be encouraged.” 

What Does This Mean For Your Business? 

The integration of AI, as exemplified by Bedfordshire Police’s use of the Docdefender tool, signals a transformative era for businesses, particularly in sectors burdened with heavy administrative tasks. The substantial time and cost savings demonstrated by AI in police administrative processes could be extrapolated to various business operations, offering a glimpse into a more efficient and cost-effective future.

For businesses, the adoption of AI for administrative tasks could mean a significant reduction in manual labour and time (and associated costs) spent on mundane activities. As seen in the case of Bedfordshire Police, tasks that once took days can now be completed in minutes with the help of AI. For businesses, this efficiency may not only accelerate processes but also saves valuable human resources, allowing staff to focus on more strategic, creative, or complex tasks that cannot be automated. The potential for AI to enhance productivity and reduce operational costs is, therefore, immense, making it an attractive proposition for businesses looking to optimise their workflows.

However, while the benefits are substantial, reliance on AI also introduces new risks and considerations. Dependence on technology can lead to vulnerabilities such as potential system failures or cyber threats. Businesses should, therefore, invest in robust cybersecurity measures and have contingency plans in place. Additionally, AI systems, while impressively accurate, aren’t infallible (e.g. AI hallucinations). Regular oversight and quality checks are necessary to ensure that AI-driven processes meet required standards.

Another aspect to consider is the ethical implications and regulatory compliance, especially in handling sensitive data. AI systems must be designed to comply with data protection laws, similar to the requirements for redacting personal data in police case files. This requires a balance between leveraging AI for efficiency and ensuring privacy and legal compliance.

As illustrated by the example of Bedfordshire Police, using AI to carry out administrative tasks could, therefore, offer significant advantages for businesses and a wide range of organisations in terms of efficiency, cost reduction, and resource allocation

Following U.S. Senator Ron Wyden revealing that governments can secretly force Apple and Google to hand over the contents of push notifications sent to customers’ phones, Apple has said it’s changed its policy and will no longer do so without a valid judge’s order. This will be either a court order or a search warrant.

Push notifications are the pop-up messages that are sent to phones to alert users to new messages, news, and app-based updates. However, since these notifications are routed through Apple and Google servers, Apple and Google can disclose them to governments as part of surveillance about how people are using certain apps.

Apple’s policy change was made to a passage in its guidelines without an official statement although Google issued a statement saying it had always required judicial approval to hand over this kind of information.

Microsoft’s Digital Crimes Unit has reported disrupting the activities of major cybercrime-as-a-service provider Storm-1152. Microsoft says Storm-1152 has created for sale approximately 750 million fraudulent Microsoft accounts, earning the group millions of dollars in illicit revenue, and costing Microsoft and other companies even more to combat their criminal activity.

Fraudulent online accounts of the type of Storm-1152 have been creating act as the gateway to many types of cybercrime, including mass phishing, identity theft and fraud, and distributed denial of service (DDoS) attacks.

Microsoft says that its disruption strategy involves obtaining a court order to take websites used by Storm-1152 offline, thereby removing fraudulent Microsoft accounts and the websites used to sell services that can bypass security measures on other well-known technology platforms.