Artificial Intelligence & Machine Learning,
Fraud Management & Cybercrime,
Government
Also: CISA’s Leadership Crisis; Why AI’s Confident Errors Demand Urgent Oversight
In the latest update from Information Security Media Group (ISMG), a panel of four editors delved into recent developments surrounding Anubis ransomware, particularly its surprising shift towards data-wiping capabilities. The discussion also highlighted significant issues surrounding the leadership void and uncertain budgetary conditions at the Cybersecurity and Infrastructure Security Agency (CISA), along with increasing apprehensions about the implications of artificial intelligence tools making overly confident yet erroneous decisions, necessitating human supervision.
The panel featured Anna Delaney, director of productions; Tony Morbin, executive news editor for the EU; Chris Riotta, managing editor of GovInfoSecurity; and Mathew Schwartz, executive editor at DataBreachToday and a correspondent in Europe. They examined several pivotal aspects, including the potential reasons behind the Anubis ransomware group’s decision to integrate a wiper feature that can obliterate data. This unexpected addition jeopardizes the conventional ransom model and raises the possibility of its utilization by nation-state actors for conducting disruptive, deniable assaults.
Moreover, the editors addressed the growing leadership crisis within CISA, where delayed confirmations, including the appointment of agency director nominee Sean Plankey, alongside severe budget cuts and a wave of high-level staff departures, has led to considerable internal confusion. This uncertainty casts doubt on the agency’s capacity to protect U.S. cybersecurity interests effectively.
Furthermore, the conversation emphasized the overlooked risks associated with AI technologies making confidently incorrect decisions. Unlike issues arising from hallucinations, these inaccuracies stem from flawed reasoning. As AI systems are increasingly deployed in high-stakes contexts, calls for regulation and human oversight become urgent to mitigate potential consequences that erroneous outputs could invoke.
The MITRE ATT&CK framework provides a useful lens through which to understand potential adversary tactics at play, such as initial access, privilege escalation, and data manipulation. Applying these tactics to the Anubis ransomware case suggests various methods that may have been employed in this sophisticated attack.
The ISMG Editors’ Panel convenes weekly, providing vital insights into ongoing cybersecurity challenges. Previous discussions include topics such as the recent InfoSecurity Europe Conference 2025 and the rise in supply chain attacks highlighted earlier this month. Professionals concerned about cybersecurity risks are encouraged to stay informed about these crucial updates.
