Drex explores two critical cybersecurity threats facing healthcare: the rise of "vibe coding" where non-programmers use AI like Anthropic's Claude to create functional code, creating potential operational risks from undocumented projects, and increasingly sophisticated AI deepfakes from tools like Google's VO3 that cybercriminals are weaponizing for phishing attacks. He emphasizes the need for healthcare leaders to inventory AI coding projects and prepare defenses against deepfake-based social engineering, while previewing his upcoming discussion on North Korean cyber operations targeting Western companies.
Remember, Stay a Little Paranoid
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer
Hey everyone. I'm Drex and this is the two minute drill where I cover three hot security stories twice a week. All part of the 2 29 Project. Cyber and Risk community here at this week Health, you can join that community and I'll keep you posted on all the latest webinars and podcasts and other insider info.
Plus I'll let you know where Sarah and Bill and I are barnstorming as we cross the country on 2 29 Project City tour dinners and summits. It's easy to stay in the know. Go to this week, help.com/security, and click on the join the community button. Today's episode is brought to you by Google. Healthcare Systems are lowering cost and boosting endpoint security with Chrome OS devices paired with Chrome Enterprise, a secure browser that's trusted by billions of users.
So now you have a better way for your healthcare teams to work safely on the web. Learn more or schedule some time with the Google Healthcare team at this week, health.com/chromeos. Good to see everyone here today. Here's some stuff you might wanna know about. By now many of you probably heard the term vibe coding.
It's a way to develop software where the coder uses artificial intelligence to translate their natural language request for functionality into an actual computer code that can be run to realize the code's vision. In many cases, the person doing the coding doesn't actually know how to code at all.
They're relying on AI for that part of the work. New software release this week from the company Anthropic, that's the team who created Claude. Their latest release is being benchmarked as helping vibe coders create code with 25% fewer syntax errors. And the new release also lets these vibe coders finish their projects 40% faster than ever before.
So my question for you, who's vibe coding in your organization and what are they working on? And is that new capability being developed transparently or are they building something that they'll become operationally dependent on? And then you'll be asked to take it over when that vibe coder leaves. I mean, I feel like we've been down this road before.
Just make sure that you're talking to all your leaders about surfacing any vibe coating projects they might have, because it's better to find out sooner rather than later. Continuing with the, it's been a weird week and AI kind of thread with the release last week of Google VO three and AI video synthesis model that can create amazingly realistic looking video and audio tracks, um, the road to not really being able to believe anything that you see.
Just got a lot smoother over the past week. So DeepFakes, we've been talking about those for a long time, a couple of years now at least. But if you've been on social media at all over the weekend, you've seen some of the examples of VO three, along with some other AI video generation tools that now exist.
There are especially powerful and even more powerful when they're used together. And you can be absolutely sure that cyber criminals have huge teams who are working overtime to figure out how to use that tech to phish or scam their way into your organizations. There are security tools that will allow you to run those video through and analyzer and get some feedback on what's real and what's not.
But I can tell you the results based on everything that I've seen so far, are inconsistent. By the way, I'm gonna talk live about the challenges with DeepFakes, and more specifically about how North Korea is taking advantage of their human and technical infrastructure to catfish hundreds of western companies into hiring fake remote workers.
If you wanna hear me talk about that in person. And I promise it's a really interesting story. I'll be on stage at the Oregon HIMSS Regional meeting this Thursday in Portland, and it'll be great to see you there. I. More on those stories and a lot of other healthcare innovation, tech and security news at our news site this week.
health.com/news. Today's two minute drill was brought to you by Google. You can keep patient data safe and reduce the burden on it operation, staff, and create a better clinician experience, all with one platform. Google Chrome, os. With Chrome Enterprise, find out how by scheduling a chat today. Go to this week, health.com/chromeos.
That's it for today's two minute drill. Thanks for being here. Stay a little paranoid. I'll see you around campus. I.