Cyberview #5: Grok & Gemini vs. ChatGPT, twist in 23andMe & Okta breaches

In this episode of Cyberview, the team explores the latest models and chatbots. Also, the team unveils the actual consequences of the Okta breach and uncovers how 23andMe downplayed their recent "credential stuffing" incident. Let’s dive in.

Musk's Grok for X Premium+ Subscribers

Grok, the AI chatbot developed by Elon Musk’s xAI, is under beta release, and currently available to X Premium+ subscribers. Grok will feed on real-time data from X, formerly Twitter, which in 2021 was generating “petabyte scale data every day”.

Grok’s ability to engage with current events, coupled with “a rebellious streak” in its responses, sets the chatbot apart from competitors like ChatGPT, according to Musk. However, critics claim that by overly reflecting its source data, X promotes hate speech and contributes to the polarization of political and societal debate.

Google launching the “Gemini era”

Google is also stepping up into the AI game with its new large language model, Gemini. What sets Gemini apart is its native multimodal capability, allowing it to handle text, visual, and audio inputs by default. According to Sundar Pichai, CEO of Alphabet and Google, it “represents one of the biggest science and engineering efforts we’ve undertaken as a company.”

Gemini will come in three “sizes”, or versions, each tailored to specific use cases: Nano is designed to run on relatively low memory, low power devices (smartphones), whereas Pro and Ultra are “effectively Google’s answer to GPT 3.5 and GPT 4”, and will power Bard, Google’s chatbot.

Gemini also represents a new giant in the field of business and productivity AI. With Workspace integration, Google intends on “bringing the Gemini Era to Organizations Everywhere”. Pichai has emphasized that security and safety have been top priorities, achieved through rigorous internal and external testing.

Okta and 23andMe breaches – full story emerges

Two breaches recently covered on previous Cyberview episodes have escalated into more extensive incidents.

The recent Okta breach has affected all customer support users, not just 1% as initially reported. Chief Security Officer David Bradbury stated that while they don’t know how the data is being actively exploited, “there is a possibility that the threat actor may use this information to target Okta customers via phishing or social engineering attacks.”

After seeing a sharp drop in share price following the original disclosures in October, Okta stock is on the rise again, hinting that investor sentiment has not changed too drastically on the company’s outlook as a leading player in access management.

23andMe's recent breach leaked data belonging to 6.9 million users, or roughly half its user base. Originally, the breach was downplayed as a credential stuffing hack that left the company’s core cybersecurity functions intact.

These recent disclosures have brought into question some of 23andMe’s services, notably the opt-in DNA Relatives feature, which allows users “to find and connect with other DNA Relative participants”. This effectively meant that one compromised account revealed information about other users without their knowledge. This info included name, birth year, relationship labels, the percentage of DNA shared with relatives, and location.

NordLayer's Global Remote Work Index

The tectonic shift towards hybrid and remote working models in recent years has reshaped the business landscape. With office buildings standing empty and teams increasingly distributed across the globe, aligning on effective remote work practices is vital. And with so many places to go, there’s a lot to consider.

NordLayer's Global Remote Work Index (GRWI) offers valuable insights, comparing countries on their remote work readiness. The Index evaluates remote work across four dimensions: cyber safety, economic safety, digital & physical infrastructure, and social safety. As the report says, there’s no one-size-fits-all. Explore NordLayer’s 2023 GRWI here.

Stay tuned for the next episode of Cyberview.