Information Blog

Wednesday, June 03, 2026

AI: Executive Order: Promoting Advanced Artificial Intelligence Innovation and Security

The June 2026 executive order on “Promoting Advanced Artificial Intelligence Innovation and Security” doubles down on AI‑enabled cyber defense while signaling that existing criminal statutes will be used against AI‑enabled cybercrime. For law enforcement and digital forensics, it turns AI into both a critical investigative tool and a clearly identified aggravating factor in computer crime prosecutions. whitehouse

Why this matters for policing and forensics

The order frames AI as a strategic asset that must be protected through stronger cyber defenses rather than broad new AI‑specific criminal statutes. connectontech.bakermckenzie
Instead of creating new AI crimes, it directs DOJ to treat AI as a means or modality—prioritizing enforcement of existing laws when AI is used to breach systems, steal data, or facilitate other offenses. whitehouse
This approach preserves doctrinal continuity for prosecutors and courts while still addressing AI‑enabled intrusion, fraud, and data exfiltration scenarios. lawfaremedia

Upgrading systems: more digital evidence, more complex cases

The order requires rapid cyber‑hardening for national security, defense, and civilian systems and pushes agencies to deploy AI‑enabled defensive tools at scale. bankingjournal.aba
CISA is instructed to issue Binding Operational Directives and guidance to accelerate protection of civilian federal systems and to expand programs that make AI‑powered cybersecurity tools available to agencies, state and local governments, and critical infrastructure operators. bankingjournal.aba
For investigators, that means: more pervasive logging, anomaly‑detection telemetry, and machine‑generated alerts that become discoverable evidence in intrusion, fraud, and insider‑threat cases. exterro

Practical implications for digital forensics:

Expect more cases where the key artifacts include model‑generated alerts, AI‑driven risk scores, and automated incident‑response decisions—each of which may need to be interpreted and explained in reports and testimony. europol.europa
AI‑assisted intrusion‑detection systems will increasingly shape timelines (first detection, escalation, containment), which must be carefully preserved and correlated with traditional host and network logs. marymount

AI cybersecurity clearinghouse: a new intelligence feed

The Treasury Department, working with NSA and CISA, is directed to establish an “AI cybersecurity clearinghouse” in voluntary collaboration with the private sector and critical infrastructure operators. airia
This clearinghouse will coordinate vulnerability scanning, vulnerability validation, remediation prioritization, and patch distribution—using AI to scale detection and response. connectontech.bakermckenzie

For law enforcement and forensics:

Shared vulnerability intelligence and patching timelines will strengthen attributions around “known exploited vulnerabilities,” which can be important in proving negligence, willful blindness, or deliberate exploitation of disclosed flaws. hstoday
Coordinated AI‑driven scanning and remediation produce standardized logs and artifacts, which can improve cross‑case pattern analysis and make it easier to link intrusions that reuse the same techniques, infrastructure, or tooling. exterro

Frontier models and pre‑release access: opportunities and risks

The order instructs Treasury, the Department of War (via NSA), and DHS (via CISA) to develop a classified benchmarking process that determines when an AI system is a “covered frontier model” based on advanced cyber capabilities. airia
Developers can opt into a voluntary framework where government gets up to 30 days of early access to these high‑risk models under strict cybersecurity, confidentiality, and IP‑protection conditions. whitehouse

From an investigative and forensic perspective:

Pre‑release access to powerful cyber‑capable models gives federal experts an opportunity to understand offensive capabilities before criminals weaponize them, potentially informing proactive threat models, signatures, and training sets for defensive tools. gigazine
If criminals later use these models to automate discovery of vulnerabilities, generate payloads, or script lateral movement, law enforcement may be able to draw on government test data and red‑team findings when building expert testimony on foreseeability and risk. gigazine
Because the framework is explicitly voluntary and the order rejects any mandatory licensing or preclearance regime, law enforcement should assume some highly capable models will remain opaque, increasing the value of independent forensic reverse‑engineering and open‑source intelligence. axios

DOJ enforcement focus: AI as an aggravating factor

Section 4 directs the Attorney General to prioritize enforcement of 18 U.S.C. 1028 (identity documents and related fraud), 18 U.S.C. 1030 (Computer Fraud and Abuse Act), 18 U.S.C. 1343 (wire fraud), and other applicable federal laws against anyone who uses AI to illegally access or damage a computer, or who uses AI while engaged in such illegal access to further any other crime. lawfaremedia
The order explicitly covers breaches of public or private systems and the use of AI “agents” to unlawfully access data or information that is then used for criminal purposes. aha

Implications for prosecutors and digital forensics:

AI‑assisted activity (for example, using an LLM to generate exploit code or an agent to automate scanning and lateral movement) is now clearly within the enforcement crosshairs, even though the underlying charges are traditional CFAA, fraud, and identity‑crime counts. lawfaremedia
Forensic reports that can distinguish between human‑authored and model‑generated scripts or communications—based on artifacts like API call logs, prompt histories, or distinctive code patterns—will become important in showing the role AI played in scale, sophistication, or concealment of the offense. marymount
Demonstrating that a suspect deployed AI to industrialize attacks (e.g., mass credential‑stuffing, automated spear‑phishing, or high‑volume scanning) may help DOJ argue for higher culpability, upward departures, or leadership enhancements at sentencing. counciloncj

Evidence, chain of custody, and explainability

As agencies deploy AI‑enabled defensive tools, more “evidence” will originate as model outputs: anomaly scores, automated risk classifications, and suggested response actions. exterro
For digital forensic practitioners, this raises questions about validation, reproducibility, and explainability of AI‑driven detections used to justify warrants, arrests, or prosecutions. facebook

Key points:

You will increasingly need to document not only what a system recorded, but also how its embedded models were configured at the time: model version, training/finetuning status, confidence thresholds, and any custom rules layered on top. marymount
Chain of custody should explicitly include configuration snapshots of AI‑based tools, since model updates or retraining could change outputs later and undermine reproducibility of forensic claims. europol.europa
When AI tools are used inside the lab (e.g., for triage, pattern detection, or media analysis), logs of prompts, parameters, and outputs should be preserved as part of the forensic record to allow peer review and cross‑examination. exterro

State and local implications

The order explicitly calls out support for critical infrastructure such as community banks, rural hospitals, and local utilities, and directs agencies to facilitate access to AI‑enabled defensive tools for these entities. bankingjournal.aba
For state, local, and tribal law enforcement, that means more investigations where small agencies face sophisticated, AI‑enabled intrusions into local critical infrastructure, but also more access to federal tools, threat intelligence, and training. hstoday

Digital forensics impact at the local level:

Local cases (e.g., ransomware at a rural hospital or compromise of a small city’s SCADA network) are more likely to involve federal–local joint investigations, coordinated incident response, and shared evidence derived from federally provided AI‑security platforms. papers.govtech
Harmonizing policies on log retention, evidence export, and privacy across federal and local systems will be increasingly important to avoid losing critical AI‑generated indicators in the gap between IT operations and criminal investigations. papers.govtech

What this means for your work

For law enforcement and digital forensics professionals, this order:

Confirms that AI‑enabled intrusions and fraud will be prioritized for prosecution under existing federal laws, not a new AI‑criminal code. whitehouse
Signals a sharp increase in AI‑generated security telemetry, alerts, and reports that must be preserved, validated, and explained as evidence. bankingjournal.aba
Creates a new federal interface with frontier AI developers that can feed threat intelligence and expert knowledge into complex investigations involving advanced AI tools. airia
Raises the bar on forensic methodology, requiring explicit consideration of how AI models used in both crime and defense affect the reliability, interpretability, and admissibility of digital evidence. facebook

Monday, June 01, 2026

IoT: CISA Infographic - Communities Risks & Mitigations

Below are two informative info-graphics from the Cybersecurity and Infrastructure Security Agency (CISA). They depict the IoT risk landscape and IoT device data flow.

https://www.cisa.gov/sites/default/files/2024-12/PDM24069_CCI_IoT_Device_Risk_and_Mitigation_Infographic_Final_508.pdf

IoT Devices: A Growing Security Challenge

Internet of Things (IoT) devices are central to how organizations deliver services and manage infrastructure. As devices proliferate, they expand the digital attack surface. Data from Verizon’s 2024 Mobile Security Index report indicates that 70% of public sector respondents said their organization had experienced a security incident involving a mobile or IoT device (Verizon, 2024). These endpoints are no longer peripheral risks—they are often at the center of modern cyber incidents.

Even organizations that have not yet experienced a known incident face serious challenges managing their IoT systems. Devices are frequently deployed across departments and facilities, added rapidly to support new initiatives, and not always inventoried or governed by consistent security standards. The result is classic “device sprawl”: too many devices, in too many places, with too little centralized visibility. For the public sector, where systems often support critical services, this sprawl can translate directly into operational and safety risks.

To respond, users need to treat mobile and IoT security as a core element of their cybersecurity posture. That means maintaining asset inventories, enforcing configuration baselines, segmenting networks to limit blast radius, and integrating mobile/IoT telemetry into existing monitoring and incident response workflows. With attacks increasingly targeting these devices, proactive governance can be the difference between a contained incident and a larger crisis.

Reference

Verizon. (2024). 2024 Mobile Security Index (MSI). Verizon.

Sunday, May 17, 2026

IoT: Cyberthreats to Automatic Tank Gauge (ATG) Systems

Automatic tank gauge (ATG) systems are a cybersecurity concern because they are often internet-connected industrial control systems that monitor fuel storage, leak detection, and tank inventory at gas stations and other critical facilities (BitSight, 2024; Dutch Institute for Vulnerability Disclosure [DIVD], 2025). Reporting in 2026 indicates that attackers have actively targeted exposed ATG systems in the United States, reinforcing long-standing warnings from researchers that these devices can be manipulated when they are placed online without adequate access controls (Energy Marketers of America, 2026; In Food & Fuel, 2026).

What is an Automatic Tank Gauge (ATG)?

An automatic tank gauge is an electronic monitoring system used to measure fuel levels, detect leaks, and support inventory management in underground or aboveground fuel storage systems (U.S. Environmental Protection Agency [EPA], n.d.; DIVD, 2025). In practice, ATGs help operators track tank conditions and support release detection obligations that are part of underground storage tank compliance and environmental protection programs (EPA, n.d.).

Who Controls ATGs?

ATGs are generally controlled by the owners and operators of fuel storage systems, such as gas stations, convenience stores, fuel distributors, and operators of facilities that store petroleum or hazardous substances (EPA, n.d.). State, territorial, tribal, and federal regulators do not typically operate the devices directly, but they regulate the broader underground storage tank environment and compliance expectations surrounding release detection and environmental protection (EPA, n.d.). Vendors, service contractors, and remote monitoring providers may also play a role when they install, configure, maintain, or remotely access the systems (DIVD, 2025; Veeder-Root, 2024).

How Many ATGs Are There in the United States?

A precise national count of ATG devices in the United States is uncertain. The EPA states that approximately 542,000 underground storage tanks nationwide store petroleum or hazardous substances, but that figure refers to tanks rather than ATG units, and one facility may have multiple tanks while not every tank count translates directly into a one-to-one ATG count (EPA, n.d.). The closest verifiable contextual figure is the EPA’s estimate of approximately 542,000 underground storage tanks in the United States (EPA, n.d.).

What Are the Vulnerabilities of ATGs?

The clearest recurring vulnerability is direct exposure of ATG interfaces to the public internet without proper authentication or network isolation (DIVD, 2025; BitSight, 2024). DIVD reported that exposed systems from multiple manufacturers, especially certain Veeder-Root models, could be accessed through serial interfaces commonly reachable on TCP port 10001, allowing unauthorized parties to view fuel levels, change tank labels, alter alarm thresholds, and modify monitoring parameters (DIVD, 2025). BitSight reported multiple critical vulnerabilities across six ATG systems from five vendors and warned that internet-exposed ATGs remain attractive targets for sabotage and cyberwarfare scenarios (BitSight, 2024).

Other weaknesses include poor password practices, insecure remote connectivity, weak segmentation between operational technology and business networks, and overreliance on remote polling designs that require open network paths into the ATG environment (DIVD, 2025; PAS, 2025). Veeder-Root’s guidance also emphasizes controls such as firewalls, access restrictions, and secure remote connectivity, which indirectly confirms that misconfiguration and unnecessary exposure are central risk factors (Veeder-Root, 2024).

What Are the Threats to ATGs?

The threat landscape includes unauthorized access, reconnaissance, tampering, denial-of-service activity, and operational disruption (DIVD, 2025). Researchers and industry alerts have described attackers changing passwords, modifying system information, deleting data, and interfering with remote access and fuel operations when gauges are exposed online (In Food & Fuel, 2026; DIVD, 2025). In addition to opportunistic criminal exploitation, researchers have warned that ATGs could be targeted in sabotage or cyberwarfare contexts because they are part of the fuel distribution ecosystem and are present at critical facilities beyond retail gas stations (BitSight, 2024; DIVD, 2025).

What Harm Could Come from a Cyberattack on an ATG?

Potential harm from an ATG cyberattack includes environmental damage, operational shutdowns, business interruption, false inventory readings, disabled alarms, and impaired leak detection (BitSight, 2024; DIVD, 2025). BitSight reported that attackers may be able to change critical parameters such as tank geometry and capacity, disable alarms, and interfere with automatic or manual responses, creating the possibility of fuel leaks, safety incidents, and economic losses (BitSight, 2024). Industry reporting in 2026 also described incidents in which stations could not pump gas until affected devices were reset or restored, showing that even attacks short of physical damage can disrupt daily commerce and fuel availability (In Food & Fuel, 2026).

Who Would Want to Threaten an ATG and Why?

Several categories of adversaries could have an interest in ATG systems. Cybercriminals may target them for disruption, extortion, vandalism, or opportunistic exploitation of poorly secured systems (DIVD, 2025; In Food & Fuel, 2026). Nation-state or state-aligned actors may view ATGs as a soft target within critical infrastructure, particularly because fuel distribution has economic and public safety significance and ATGs are often locally managed rather than defended through a uniform national architecture (BitSight, 2024; CNN, 2026). Hacktivists or malicious insiders could also target ATGs to cause embarrassment, interrupt fuel sales, or manipulate records and alarms for ideological, retaliatory, or personal reasons, although specific motive patterns vary by incident and are not always publicly confirmed (DIVD, 2025).

What Are the Recent Reports of Attacks on ATGs?

Industry and media reporting from 2026 indicates that attacks against ATGs were not merely theoretical. Energy Marketers of America circulated a cybersecurity advisory in April 2026 stating that known cyberattacks were targeting ATGs in Tennessee and that cybercriminals were targeting systems nationwide, including at least 15 affected tanks at one convenience store chain (Energy Marketers of America, 2026). In Food & Fuel reported that the Utah Department of Public Safety had identified 76 vulnerable ATGs in Utah and more than 4,000 across the United States, while also describing confirmed incidents involving unauthorized access to tank and sensor data, false alarms, and deletion of system information (In Food & Fuel, 2026).

Mainstream reporting also linked the 2026 campaign to suspected Iranian actors. CNN reported that U.S. officials believed Iranian hackers had breached fuel tank monitoring systems at gas stations across multiple states by accessing internet-connected ATGs that lacked password protection (Bertrand et al., 2026). Because attribution in fast-moving cyber incidents can evolve, that point should be treated as a reported government assessment rather than a final judicial finding (Bertrand et al., 2026).

What Measures Should Be in Place to Protect ATGs?

The strongest protective measure is to avoid exposing ATGs directly to the public internet (DIVD, 2025; Veeder-Root, 2024). Recommendations include placing ATGs behind properly configured firewalls, using VPN gateways or dedicated hardware interfaces for remote connectivity, applying source IP filtering, and setting passwords on serial ports where the feature is supported (DIVD, 2025; Veeder-Root, 2024). Operators should also audit their network configurations regularly to identify exposed systems, restrict third-party remote access to only what is necessary, and separate ATG environments from broader corporate or payment networks (DIVD, 2025; PAS, 2025).

Additional protective measures include maintaining documented incident response procedures, validating alarm and leak-detection settings, coordinating with qualified service vendors, and promptly applying vendor guidance or security updates when available (DIVD, 2025; Veeder-Root, 2024). Because some ATG risk stems from insecure deployment rather than a single patchable flaw, sound architecture, restricted connectivity, and administrative discipline remain as important as software maintenance (DIVD, 2025).

References

Bertrand, N., Lillis, K. B., & Marquardt, A. (2026, May 15). Iranian hackers have breached fuel tank readers at gas stations across multiple U.S. states, sources say. CNN. https://www.cnn.com/2026/05/15/politics/iran-hackers-tank-readers-gas-stations

BitSight. (2024, September 23). Critical vulnerabilities discovered in automated tank gauge systems. https://www.bitsight.com/blog/critical-vulnerabilities-discovered-automated-tank-gauge-systems

Dutch Institute for Vulnerability Disclosure. (2025, August 25). DIVD-2025-00005 - Exposed automated tank gauge systems. https://csirt.divd.nl/cases/DIVD-2025-00005/

Energy Marketers of America. (2026, April 13). Urgent cybersecurity advisory: Nationwide cyberattacks targeting automatic tank gauges (ATGs). https://www.fueliowa.com/latest-news.cfm/Article/INDUSTRY-NEWS/Urgent-Cybersecurity-Advisory-Nationwide-Cyberattacks-Targeting-Automatic-Tank-Gauges-ATGs/2026-4-14

In Food & Fuel. (2026, April 23). Cybersecurity alert: Automatic tank gauge systems targeted. https://www.infoodandfuel.org/news/cybersecurity-alert-automatic-tank-gauge-systems-targeted

PAS. (2025, April 24). Securing your Veeder-Root ATG: Protecting against vulnerabilities in remote connectivity. https://passtesting.com/news/securing-your-veeder-root-atg-protecting-against-vulnerabilities-in-remote-connectivity

Perplexity AI. (2026). Perplexity AI [Large language model]. https://www.perplexity.ai/

U.S. Environmental Protection Agency. (n.d.). Underground storage tanks (USTs). https://www.epa.gov/ust

Veeder-Root. (2024, August 14). Ensuring automatic tank gauge security compliance. https://www.veeder.com/us/ensuring-automatic-tank-gauge-security-compliance

AI Use Statement

Perplexity AI was employed in the research and development of this information.

=-=-=-=-=-=

Video: https://youtu.be/HbBIadarg60

Sunday, May 03, 2026

AI: Prompts to Prevent AI Hallucinations

Dr. Frank Kardasz, MPA, Ed.D.

May 3, 2026

Here is a guide, ironically mostly AI generated, to prompts researchers can use to help prevent AI from misquoting or fabricating reference sources:

Why AI Misquotes Sources

AI language models generate text by predicting plausible patterns, not by retrieving verified facts. When asked for citations, they produce text that looks like legitimate academic references because they've seen similar patterns during training. This phenomenon — sometimes called "vibe citing" — affects an estimated 17–55% of AI-generated references. Prestigious conferences like NeurIPS 2025 have discovered over 100 hallucinated citations in accepted papers.^[1]^[2]

Category 1: Guardrail Prompts (Forbid Fabrication)

These prompts set hard rules before the AI generates any content:^[3]

· The Non-Invention Constraint:

"You must not generate any citation, reference, or source that is not verifiable. If you cannot find a source for a specific claim, state: 'I could not find a verifiable source for this specific claim.' Never invent a source."

· The Epistemic Accuracy System Prompt:

"You are a fact-conscious assistant. Your core principle is: 'If it is not verifiable, do not claim it.' Do not fabricate data, names, dates, events, studies, or quotes. Do not simulate sources or cite imaginary articles. When unsure, say: 'I don't know' or 'This cannot be confirmed.'"^[4]

· The Boundary Constraint:

"Use only the sources I provide. If the answer isn't there, say: 'I could not find that in my knowledge sources.'"^[5]

Category 2: Source-Grounded Prompts (Anchor AI to Real Text)

The most reliable strategy is to paste the actual source text into the prompt, forcing the AI to work only from what you provide:^[6]

· The Context-Lock Prompt:

"Generate a synthesis based ONLY on these papers: [paste full abstract or text]. Do NOT invent citations. Do NOT cite papers not in this list. Include exact quotes with page numbers."^[1]

· The Verbatim Excerpt Prompt:

"Extract a verbatim excerpt — not a paraphrase — from the text I have pasted below that supports [claim]. If no direct excerpt supports this claim, say so explicitly."^[5]
(Note: Using the word "verbatim" and asking for an "excerpt" rather than a "quote" dramatically improves copy-paste accuracy, as "quote" tends to invite paraphrase.)^[5]

· The RTCF Structured Citation Prompt (Role–Task–Context–Format):

"You are an academic citation specialist [Role]. Generate a complete APA 7th edition citation [Task] for the following source: [paste all known bibliographic details — author, year, title, journal, DOI] [Context]. Output a single reference entry in APA 7th edition format [Format]."^[6]

Category 3: Chain-of-Verification (CoVe) Prompts

This is a four-stage method developed by Meta researchers that forces the AI to self-check its own output independently before finalizing it:^[7]^[8]

1. Stage 1 – Draft: Generate the initial claim or citation.

2. Stage 2 – Plan verification questions: "List the specific questions you would need to answer to verify each claim you just made."

3. Stage 3 – Answer independently: "Now answer each verification question independently, without referencing your earlier response."

4. Stage 4 – Reconcile: "Compare your verification answers to your original draft. Correct any claims that are not fully supported. If a citation cannot be verified, remove it."

A condensed single-prompt version of CoVe is:^[3]

"First, generate the claim. Second, search your knowledge base for the supporting source. Third, compare the claim to the source. Fourth, only if verified, output the claim and citation. If unverified, omit."

Research confirms CoVe decreases hallucinations across list-based, closed-book, and long-form generation tasks.^[8]

Category 4: Cross-Model Fact-Check Prompts

A practical technique is to pipe one AI's output into a second AI for verification:^[9]

"Fact-check the following claim against its cited sources. For each source: (1) Confirm the URL is real and reachable; (2) Determine whether the source directly supports, contradicts, or is unrelated to the claim; (3) Spot any misrepresentation, selective quoting, or omitted context; (4) Give a verdict: well-supported, partially supported, unsupported, or contradicted."^[9]

You can also use a follow-up verification prompt directly with the same AI:^[6]

"For the citation you just gave me, is [Journal Name] a real peer-reviewed journal? What is its ISSN? Can you confirm that DOI [DOI number] leads to the article titled [Article Title]?"

Category 5: Structural Accountability Prompts

These prompts build traceability into the AI's output format:^[10]^[5]

· Chunk-referencing prompt (useful when you provide a document):

"I have numbered my source text in chunks,, … For every claim you make, reference the chunk number you pulled it from in brackets."^[11]^[12]^[9]

· Forced citation format prompt:

"Provide legal/factual statements ONLY with a citation in this format: [Author, Year, Title, DOI/URL, page number]. If you cannot supply all fields, do not include the claim."^[10]

· Confidence-flagging prompt:

"For each claim, label it as: (A) Verified from provided text, (B) From general training knowledge — needs verification, or (C) Uncertain — do not use. Do not present (B) or (C) claims as established facts."^[11]

Quick-Reference Prompt Table

Goal	Prompt Keyword/Technique	Source
Prevent fabricated citations	"Never invent a source" + honesty instruction	^[3]
Lock AI to provided text	Paste source text + "based ONLY on these papers"	^[1]
Force verbatim quotes	Use "verbatim" + ask for "excerpt" not "quote"	^[5]
Self-verification	Chain-of-Verification (CoVe) 4-step prompt	^[8]
Cross-model checking	Pipe output to second AI with fact-check prompt	^[9]
Structural traceability	Numbered chunks + bracket referencing	^[5]
Confidence transparency	Label claims A/B/C by verification status	^[11]
Citation format accuracy	RTCF method (Role, Task, Context, Format)	^[6]

The Non-Negotiable Rule

No prompt fully eliminates the risk. Even with all techniques applied, manual verification against the original source remains mandatory. Tools like Elicit, Consensus, Scite.ai, and Zotero are specifically designed for scholarly citation retrieval and validation and should be used alongside AI writing tools. The architecturally safest approach is Retrieval-Augmented Generation (RAG), which reduces hallucination rates by up to 71% by forcing the AI to generate only from pre-verified, retrieved documents.^[12]^[13]^[2]^[14]^[15]^[9]^[1]