Securing the Future: Lessons from 25 Years of Safeguarding Communications
The third in a series on LACE: Lightweight AI Computing Ecosystem, in this discussion LightRoot Quantum CEO Dr. Julia Mossbridge interviews LightRoot strategic advisor and cybersecurity expert Gregory Crabb to explore how to protect a P2P decentralized AI ecosystem from bad stuff like fraud and cyber warfare. See a brief primer on LACE here.
This article is a streamlined version of our discussion (and as usual you can watch the actual interview if you prefer more “ums”.)
Julia: So glad you’re here. Let’s talk about LACE, and let’s talk about you. A brief introduction. At LightRoot Quantum we were looking for advisors who knew anything about fraud and how one might protect against fraud in the world of decentralized AI, and I’m so excited you joined the team.
Greg, you are quite an expert on fraud and technology, having worked with the US Postal Service and FBI — but do you want to do a brief description of your background so that I can be more confident of it?
Greg: Yeah, absolutely, Julia. I was a law enforcement officer for 25 years and had the good occasion to work with law enforcement around the world. I often reference my time tracing the origins of Eastern European organized cybercrime. I think that was one of my big contributions and efforts for about seven years of my career.
Another very important part of my career was the last six years of my government service, when I was the Chief Information Security Officer (CISO) for the Postal Service. I got to do everything that’s required to provide that amazing service that’s pretty decentralized in the United States — delivering mail and packages to people.
It’s an amazing ecosystem of senders and receivers. And not a lot of people realize that there’s a federal law enforcement office dedicated to the U.S. Postal Inspection Service. And I had the great pleasure of being able to serve that organization for 25 years.
So, three years ago, I got to draw my pension and rebrand. Now I help a variety of organizations. It’s been a lot of fun getting to know you and HyperCycle and LACE and all that you’re doing and trying to bring to decentralized AI. I look forward to the conversation about how we address all the bad that I’ve seen across the years. How do we make some really good decisions from design time to be able to proactively address all these problems that are rooted in adversarial use of technology?
Julia: Yes! And we’re lucky because this is design time — but it’s also “flying the plane” time. So, you know, LACE is already starting to get up and running. The big questions are coming fast. I feel like there’s a metaphor relevant to LACE and what you’ve worked with in the postal service. For the USPS, I guess a node would be a household or a business or anyone that’s sending/receiving mail.
Each one is an agent, a decentralized agent, and they get to decide when they want to send mail and then they can be ready to receive mail whenever it comes. So, given your experience, what is the way that we can shape the reputation scoring of these nodes? What is the way that we can shape the communication between nodes, so that it’s secure, private, and source-validated or not fraudulent? In your dream world, from what you know — what would you do? What kind of things have you seen, and what could we fix going forward?
Greg: There’s a lot to that question, Julia, and, you know, you brought in a great metaphor. There are 200 federal laws that are enacted in order to be able to protect the billions of packages and letters that go every year to 160 million addresses in the U.S. And so, when I come into this problem set and think about how we can approach the security of the endpoint that needs to interact with this decentralized infrastructure, I ask how can we securely communicate and prevent man-in-the-middle attacks to prevent one side from being corrupted from an exchange perspective.
One of the things that I loved about being a postal inspector was our core value of privacy. When you put a letter in your mailbox and put a stamp on it, no postal inspector is going to open that up. We would have to get judge-issued search warrant in order to be able to intercept and open a package or letter if we believed there was malicious content that goes in that stream. People can send bad things, the software or network analogy of a mail bomb is malware, right?
Julia: Yeah, or a virus. Like anthrax in the physical world.
Greg: Exactly. Anthrax was obviously a huge concern for us — I had the great occasion of being able to work with the postal inspector who spent a large portion of his career assigned to the FBI, trying to work that case and get back to the subject that actually mailed the anthrax. We’ve got to always just respect those that passed as a result of being contaminated with that biological weapon.
So yes, I’ve seen the bad. When I think about privacy, security and, governance in this space, a lot of thought needs to go into how we enroll nodes, how we establish trust between those nodes, make those nodes reputable and how we depend on that from a value-exchange perspective. I think some nodes must be more valuable from a sending and receiving perspective than other nodes. Of course. And so we need to understand how those value exchanges interplay.
Julia: I’m imagining the postal service nodes that are sending out very useful things, kind of like a hospital that’s sending out information to its patients about how to get, a flu shot, maybe. Depending on how you think about flu shots, this could be a very useful thing, at least for some segment of the population. And there could there be a reputation scoring system kind of like we have first class mail, we have standard post…
Greg: You’ve got certified mail, you’ve got return receipt. You’ve got all those services that exist in the analog, that from a value perspective need to be considered in the exchange of value of AI within LACE. A lot of those things are being worked out in e-commerce today, right? We have a lot of examples of fraud detection and prevention mechanisms that are used by e-commerce merchants. I’ve seen the good, the bad, the ugly in that space. I’ll talk about the good for a second.
Julia: Yeah, let’s do that.
Greg: Yeah. So for instance, in the e-commerce space, a business owner can go online and sell books to educate people. They can pull up to the post office and sends books to wherever in the United States. One particular book seller was doing this of Seattle, Washington — and one thing led to another and he’s got one of the biggest companies in the world today, Amazon. Bezos built his business on the back of a lot of companies, but the postal service was a key contributor for him to be able to get his business started. And so from that foundational perspective, understanding e-commerce and what it can provide is amazing. And what Amazon is doing these days around near real-time delivery of goods is also amazing. That’s the good.
The bad? There’s just a lot of actors who want to manipulate consumers in e-commerce. I’ll just hop to the ugly. There are organized gangs that, dupe e-commerce merchants into sending their goods paid for with fraudulent means, fraudulent credit cards and those kinds of things. The merchandise is stolen.
We need to recognize that there are people with ill intent that will leverage AI infrastructure to facilitate their schemes. And that’s something that from a control perspective, going back to your reputation analogy, we can have frameworks that do rely upon frequency of good transactions to know that an end point is reputable.
When I was based in San Francisco, I also had the opportunity to see how with the good comes the bad. I had the bad fortune, some would say good fortune, of being able to be the postal inspector that had a cubicle in the trust and safety group at eBay, and I saw all the fraud complaints.
Julia: Oh, wow. That’s called an opportunity, Greg!
Greg: An opportunity. I saw the good and the bad of the whole thing, right? I had the pick of the litter of the cases and I decided I would focus on Eastern European organized cybercrime and the U. S. Attorney’s Office in San Jose helped me a lot to develop that focus and get a sense for what’s happening. One of the actors that the U. S. Attorney’s Office put me on was the first person to ever steal the username and password for a PowerSeller account.
I share this as we talk about node and reputation, because power seller accounts are a form of reputation, right? And so power seller accounts, when you had a power seller account and you put an item up there, the bidders, they could trust that they would get what they won. And by stealing power seller accounts, this subject was able to put false auctions up for high dollar value items and people to send him money.
He would never deliver, right?
Julia: But couldn’t his rating go down then?
Greg: Of course, it could down, but you still have people that are defrauded, right? So I just share that analogy. Reputational systems can be manipulated.
But still people will get defrauded and there’s a need for what talked about from a governance perspective. How do we govern these exchanges of value between AI systems?
Julia: Yeah.
Greg: And another present-day question when we consider LACE governance will be — are we doing business with entities in countries that we trust? And we talk about the big four, China, Russia, North Korea, Iran. When we think about exchanging value from an AI perspective, how do we respect those “denied parties” that could potentially do harm with the information that we offer into their AI engines? I just share that as kind of the domain of the problem set here. As we go in, we need to be eyes wide open recognizing that we can do great things to be able to support the world relative to the exchange of computing value, but I feel very passionate about making sure that these systems are maintained in a way that provides for trusted, secure relationships and that people don’t get hurt.
Julia: Well, people will always get hurt but I would like fewer people to get hurt than otherwise. I’d like to plan for that. I want to take the original metaphor of the nodes in the U. S. postal system. There are legal ideas about knowing who the sender is, and that the sender should be marked as well as the receiver.
We’ve already talked about ways in which that’s different with, for instance, eBay, where it’s just this anonymous seller. There’s something we haven’t talked about, and what I think really drives home the importance of what you just said about knowing who we’re working with and protecting that in a trusted and secure environment.
In that situation with eBay, you have a person who says, “I will give you this thing if you give me money” and a person who says, “I will give you money.” For the most part, things go well and they each do what they say they’re going to do. Sometimes there’s fraud. The implication of fraud is that it hurts the person who gave the money who didn’t receive the product. That’s one person who is hurt. With AI’s in a network, you have someone tapping into an AI node that is going to be used millions of times in a day to do millions of different tasks around the world. And if that is a fraudulent node, it’s affecting everything.
Greg: Yep.
Julia: It’s worse than a fraudulent website because with a website, visiting it takes action and choice by the person. With LACE, there are data nodes and AI nodes. Either of them could be asked millions of times for data or AI results, and both of these types of nodes can have massive pile-on effects that are much larger than your basic fraud situation in terms of the number of people they impact. That’s another reason why this concern brings in the five attributes that we had talked about — there are more attributes of LACE, but we talked originally about Wisdom, Openness, Resilience, Love, and Diversity (WORLD).
This situation we are discussing points to diversity. The good thing about diversity is you have all these different AIs and data sources that could be used for different tasks. That diversity is powerful.
But with diversity, there’s fear if we don’t have trust. We want to ask — Who are you? What are you doing with this data or with this AI model? This is where wisdom and resilience both come in. If a node is a compromised node, I think your design wishlist would say, that the reputation scoring should be very up-to-date. There shouldn’t be a big lag between some fraudulent action and a reduction in the reputation score.
Greg: Yeah. It has to be close to real time. Supply chains are built on trust, and the analog doesn’t scale like technology systems. However, as the CISO for 1.2 million endpoints, I dealt with vulnerabilities that scaled.
I transitioned from my law enforcement role to a defensive role as CISO because a nation-state hacked into, our employee data and stole all 600,000 employees’ personal identifying records. So a node can disclose massive amounts of data. In 2017, I had the fortunate insight that a vulnerability that had been leaked from the National Security Agency could present a massive problem. The Shadow Brokers was the hacking group that stole a vulnerability called Eternal Blue, which was an SMB vulnerability on Windows operating systems.
Organizations that paid attention could patch the Windows systems because Microsoft put out an emergency update. But about two weeks after the emergency update came out, there was a major attack. It was the WannaCry attack, that was basically a denial-of-service attack across many organizations.
My biggest business partner, FedEx, had a $400 million financial impact as a result of the negative consequences from the Eternal Blue situation. That’s an excellent example of how supply chains depend upon trust, and how attacks in this ecosystem can really have a negative impact on operations. You see it with every ransomware attack that’s come out in the last couple of years.
Most recently, you have the CDK global attack, where 15,000 dealerships across the United States can’t sell vehicles, can’t get parts, can’t order new vehicles.
Julia: Cyber attacks scale, unlike physical terrorist attacks.
Greg: Exactly.
Julia: Well, those scale differently though in time.
Greg: It’s very different. So those are a couple of the things that go right to some of those virtues — specifically resilience.
I’m going to go back to a physical world example, and I’m so excited to share this one because it’s so beautiful. It starts off with a bad situation. There’s a reason why we can’t carry water bottles onto airplanes today — a chemical expert who was a member of a terrorist organization, Al Qaeda of the Arabian Peninsula, developed a plastic explosive. I was called into action after two parcel bombs were put into the international supply chain via UPS and FedEx. The bomb maker had injected a liquid explosive into, the printer cartridges of two Hewlett Packard printers.
Julia: Oy.
Greg: And he entered those into FedEx and UPS from storefronts in Yemen. And those printers were shipped to an address in Chicago. The intelligence community had awareness of this actor’s activities, so fortunately, the two cargo planes were stopped in Europe before they came into American airspace. The actor had hoped to blow those planes up when they got over American airspace.
Julia: Wow.
Greg: This was before I became CISO, and I was responsible for global security for the postal service. I and my team had to come up with a way to be able to properly screen packages, just like the screening that TSA does today with everyone coming from everywhere around the world. The Postal Service does business with 192 countries, and I had to make a screening capability that could be implemented in the least developed countries of the world.
Julia: So you couldn’t just run everything through an x-ray or sonogram?
Greg: Some of those airports, postal administrations in Africa didn’t have the technology that we have in the United States and other places to properly screen packages. So I went about developing two standards that were implemented by the United Nations organization. One was for the physical security of the postal facilities where the screening activities would take place and the second was the actual aviation security screening procedures that would be made for packages entering the international supply chain that would go on to commercial aviation.
The stakeholders included the IATA, the International Association of Transport Association, the International Civil Aviation Organization, World Customs Organization. We needed to get these standards adopted into the United Nations, so everyone had to play at the same level so we could assure swift transport of goods.
So we went to Africa and brought a contingent of African countries into Ghana and we went about developing and validating these physical and aviation security screening processes in Ghana to be able to support the international supply chain.
Julia: This is like Apollo 13, like working only with the equipment that you have around you, right?
Greg: Exactly. Completely. You only have what you have, right? And we had to also confirm with our other African counterparts that had come there, in 2012, we had to confirm they could do all of these things across all of the 52 African nations. And we certified Ghana in the performance of the standards.
A couple of months later, there was a United Nations convention meeting when all of the countries get together and approved the adoption of the standards.
Julia: Isn’t there a United Nations Postal Service group or something?
Greg: Exactly. It’s called the Universal Postal Union. It’s a specialized agency that deals with all of these postal related matters. It’s very complicated and you can imagine dealing with aviation authorities; also GDPR, all that sort of stuff. So we went to the Congress where these standards were adopted and approved. And today, they’re functional. And this morning, I saw a post on my LinkedIn and it just warmed my heart that the African nations have developed an independent capability to be able to go in and validate their own processes.
We used to have to come in from the United States and Europe to validate that they were doing what they said they were doing. But for the first time in Ghana, The African postal nations got together and validated for themselves the implementation against these standards, and now they don’t need our outside help.
It’s so important when we think about this from a decentralized AI perspective that once we go forward, these nodes need to be self-sufficient. Verifying, self-certifying, and the nodes that are interacting with them need to be able to validate themselves.
For me, it was such a strong metaphor for how the international community can come together and do something that’s so very valuable to facilitate the exchange of value and commerce. It just really resonates in this moment.
Thank you for giving me an opportunity to share the challenges that we face, but also how we can overcome those challenges and what good can come from the development of security for decentralized AI.
Julia: I couldn’t think of a better story to end this on, or a better arc to our conversation from the ugly to the beautiful. Amen. Thank you, Greg!
NOTES: You can read the first installment (original article) in this series here and the second installment (interview with LightRoot Quantum CSO Robert Moir, PhD², here). A brief primer to understand more about LACE is here.
The next installment, a discussion with LightRoot Quantum Strategic Advisor Chitra Sivanandam is here.