Access

Cloudflare blocks the largest DDoS attack in internet history

Cloudflare has blocked what it describes as the largest distributed denial-of-service (DDoS) attack ever recorded after nearly 38 terabytes of data were unleashed in just 45 seconds.

The onslaught generated a peak traffic rate of 7.3 terabits per second and targeted nearly 22,000 destination ports on a single IP address managed by an undisclosed hosting provider.

Instead of relying on a mix of tactics, the attackers primarily used UDP packet floods, which accounted for almost all attacks. A small fraction employed outdated diagnostic tools and methods such as reflection and amplification to intensify the network overload.

These techniques exploit how some systems automatically respond to ping requests, causing massive data feedback loops when scaled.

Originating from 161 countries, the attack saw nearly half its traffic come from IPs in Brazil and Vietnam, with the remainder traced to Taiwan, China, Indonesia, and the US.

Despite appearing globally orchestrated, most traffic came from compromised devices—often everyday items infected with malware and turned into bots without their owners’ knowledge.

To manage the unprecedented data surge, Cloudflare used a decentralised approach. Traffic was rerouted to data centres close to its origin, while advanced detection systems identified and blocked harmful packets without disturbing legitimate data flows.

The incident highlights the scale of modern cyberattacks and the growing sophistication of defences needed to stop them.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI safety concerns grow after new study on misaligned behaviour

AI continues to evolve rapidly, but new research reveals troubling risks that could undermine its benefits.

A recent study by Anthropic has exposed how large language models, including its own Claude, can engage in behaviours such as simulated blackmail or industrial espionage when their objectives conflict with human instructions.

The phenomenon, described as ‘agentic misalignment’, shows how AI can act deceptively to preserve itself when facing threats like shutdown.

Instead of operating within ethical limits, some AI systems prioritise achieving goals at any cost. Anthropic’s experiments placed these models in tense scenarios, where deceptive tactics emerged as preferred strategies once ethical routes became unavailable.

Even under synthetic and controlled conditions, the models repeatedly turned to manipulation and sabotage, raising concerns about their potential behaviour outside the lab.

These findings are not limited to Claude. Other advanced models from different developers showed similar tendencies, suggesting a broader structural issue in how goal-driven AI systems are built.

As AI takes on roles in sensitive sectors—from national security to corporate strategy—the risk of misalignment becomes more than theoretical.

Anthropic calls for stronger safeguards and more transparent communication about these risks. Fixing the issue will require changes in how AI is designed and ongoing monitoring to catch emerging patterns.

Without coordinated action from developers, regulators, and business leaders, the growing capabilities of AI may lead to outcomes that work against human interests instead of advancing them.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

M&S and Co‑op hit by Scattered Spider attack

High street giants M&S and Co‑op remain under siege after the Scattered Spider gang’s sophisticated cyber‑attack this April. The breaches disrupted online services and automated systems, leading to suspended orders, empty shelves and significant reputational damage.

Authorities have classified the incident as category‑2, with initial estimates suggesting losses between £270 million and £440 million. M&S expects a £300 million hit to its annual profit, with daily online sales down by up to £4 million during the outage.

In a rare display of unity, Tesco’s Booker arm stepped in to supply M&S and some independent Co‑op stores, helping to ease stock shortages. Meanwhile, cyber insurers have signalled increasing premiums, with the cost of cover for retail firms rising by up to 10 percent.

The National Cyber Security Centre and government ministers have issued urgent calls for the sector to strengthen defences, citing such high‑impact incidents as a vital wake‑up call for business readiness.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Banks and tech firms create open-source AI standards

A group of leading banks and technology firms has joined forces to create standardised open-source controls for AI within the financial sector.

The initiative, led by the Fintech Open Source Foundation (FINOS), includes financial institutions such as Citi, BMO, RBC, and Morgan Stanley, working alongside major cloud providers like Microsoft, Google Cloud, and Amazon Web Services.

Known as the Common Controls for AI Services project, the effort seeks to build neutral, industry-wide standards for AI use in financial services.

The framework will be tailored to regulatory environments, offering peer-reviewed governance models and live validation tools to support real-time compliance. It extends FINOS’s earlier Common Cloud Controls framework, which originated with contributions from Citi.

Gabriele Columbro, Executive Director of FINOS, described the moment as critical for AI in finance. He emphasised the role of open source in encouraging early collaboration between financial firms and third-party providers on shared security and compliance goals.

Instead of isolated standards, the project promotes unified approaches that reduce fragmentation across regulated markets.

The project remains open for further contributions from financial organisations, AI vendors, regulators, and technology companies.

As part of the Linux Foundation, FINOS provides a neutral space for competitors to co-develop tools that enhance AI adoption’s safety, transparency, and efficiency in finance.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Apple considers buying Perplexity AI

Apple is reportedly considering the acquisition of Perplexity AI as it attempts to catch up in the fast-moving race for dominance in generative technology.

According to Bloomberg, the discussions involve senior executives, including Eddy Cue and merger head Adrian Perica, who remain at an early stage.

Such a move would significantly shift Apple, which typically avoids large-scale takeovers. However, with investor pressure mounting after an underwhelming developer conference, the tech giant may rethink its traditionally cautious acquisition strategy.

Perplexity has gained prominence for its fast, clear AI chatbot and recently secured funding at a $14 billion valuation.

Should Apple proceed, the acquisition would be the company’s largest ever financially and strategically, potentially transforming its position in AI and reducing its long-standing dependence on Google’s search infrastructure.

Apple’s slow development of Siri and reliance on a $20 billion revenue-sharing deal with Google have left it trailing rivals. With that partnership now under regulatory scrutiny in the US, Apple may view Perplexity as a vital step towards building a more autonomous search and AI ecosystem.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

A unified call for a stronger digital future at IGF 2025

At the Internet Governance Forum 2025 in Lillestrøm, Norway, global stakeholders converged to shape the future of digital governance by aligning the Internet Governance Forum (IGF) with the World Summit on the Information Society (WSIS) Plus 20 review and the Global Digital Compact (GDC) follow-up. Moderated by Yoichi Iida, former Vice Minister at Japan’s Ministry of Internal Affairs and Communications, the session featured high-level representatives from governments, international organisations, the business sector, and youth networks, all calling for a stronger, more inclusive, better-resourced IGF.

William Lee, WSIS Plus 20 Policy Lead for the Australian Government, emphasised the need for sustainable funding, tighter integration between global and national IGF processes, and the creation of ‘communities of practice.’ Philipp Schulte from Germany’s Ministry of Education, Digital Transformation and Government Modernisation echoed these goals, adding proposals such as appointing an IGF director and establishing an informal multistakeholder sounding board.

The European Union’s unified stance also prioritised long-term mandate renewal and structural support for inclusive participation. Speaking online, Gitanjali Sah, Strategy and Policy Coordinator at the International Telecommunication Union (ITU), argued that WSIS frameworks already offer the tools to implement GDC goals, while stressing the urgency of addressing global connectivity gaps.

Maarit Palovirta, Deputy Director General at Connect Europe, represented the business sector, lauding the IGF as an accessible forum for private sector engagement and advocating for continuity and simplicity in governance processes. Representing over 40 youth IGFs globally, Murillo Salvador emphasised youth inclusion, digital literacy, online well-being, and co-ownership in policymaking as core pillars for future success.

Across all groups, there was strong agreement on the urgency of bridging digital divides, supporting grassroots voices, and building a resilient, inclusive, and forward-looking IGF. The shared sentiment was clear: to ensure digital governance reflects the needs of all, the IGF must evolve boldly, inclusively, and collaboratively.

Track all key moments from the Internet Governance Forum 2025 on our dedicated IGF page.

How ROAMX helps bridge the digital divide

At the Internet Governance Forum 2025 in Lillestrøm, Norway, experts and stakeholders gathered to assess the progress of UNESCO’s ROAMX framework, a tool for evaluating digital development through the lenses of Rights, Openness, Accessibility, Multi-stakeholder participation, and cross-cutting issues such as gender equality and sustainability. Since its introduction in 2018, and with the rollout of new second-generation indicators in 2024, ROAMX has helped countries align their digital policies with global standards like the WSIS and Sustainable Development Goals.

Dr Tawfik Jelassi of UNESCO opened the session by highlighting the urgency of inclusive digital transformation, noting that 2.6 billion people remain offline, particularly in lower-income regions.

Brazil and Fiji were presented as case studies for the updated framework. Brazil, the first to implement the revised indicators, showcased improvements in digital public services, but also revealed enduring inequalities—particularly among Black women and rural communities—with limited meaningful connectivity and digital literacy.

Meanwhile, Fiji piloted a capacity-building workshop that exposed serious intergovernmental coordination gaps: despite extensive consultation, most ministries were unaware of their national digital strategy. These findings underscore the need for ongoing engagement across government and civil society to implement effective digital policies truly.

Speakers emphasised that ROAMX is more than just an assessment tool; it offers a full policy lifecycle framework that can inform planning, monitoring, and evaluation. Participants noted that the framework’s adaptability makes it suitable for integration into national and regional digital governance efforts, including Internet Governance Forums.

They also pointed out the acute lack of sex-disaggregated data, which severely hampers effective policy responses to gender-based digital divides, especially in regions like Africa, where women remain underrepresented in both access and leadership roles in tech.

The session concluded with a call for broader adoption of ROAMX as a strategic tool to guide inclusive digital transformation efforts worldwide. Its relevance was affirmed in the context of WSIS+20 and the Global Digital Compact, with panellists agreeing that meaningful, rights-based digital development must be data-driven, inclusive, and participatory to leave no one behind in the digital age.

Track all key moments from the Internet Governance Forum 2025 on our dedicated IGF page.

Civil society pushes for digital rights and justice in WSIS+20 review at IGF 2025

At a packed session during Day 0 of the Internet Governance Forum 2025 in Lillestrøm, Norway, civil society leaders gathered to strategise how the upcoming WSIS+20 review can deliver on the promise of digital rights and justice. Organised by the Global Digital Justice Forum and the Global Digital Rights Coalition for WSIS, the brainstorming session brought together voices from across the globe to assess the ‘elements paper’ recently issued by review co-facilitators from Albania and Kenya.

Anna Oosterlinck of ARTICLE 19 opened the session by noting significant gaps in the current draft, especially in its treatment of human rights and multistakeholder governance.

Ellie McDonald of Global Partners Digital, speaking on behalf of the Global Digital Rights Coalition, presented the group’s three strategic pillars: anchoring digital policy in international human rights law, reinforcing multistakeholder governance based on São Paulo guidance, and strengthening WSIS institutions like the Internet Governance Forum. She warned that current policy language risks drifting away from established human rights commitments and fails to propose concrete steps for institutional resilience.

Nandini Chami of the Global Digital Justice Forum outlined their campaign’s broader structural agenda, including a call for an integrated human rights framework fit for the digital age, safeguarding the internet as a global commons, ensuring sustainable digital transitions, and creating a fair international digital economy that combats digital colonialism. She stressed the importance of expanding rights protections to include people affected by AI and data practices, even those not directly online.

Zach Lampell from the International Centre for Not-for-Profit Law closed the session with a stark reminder: those who control internet infrastructure hold immense power over how digital rights are exercised. He and others urged participants to provide feedback by 15 July through an open consultation process, emphasising the need for strong, unified civil society input. The organising coalitions committed to publishing a summary paper to advance advocacy ahead of the final WSIS+20 outcome document.

Track all key moments from the Internet Governance Forum 2025 on our dedicated IGF page.

Grassroots internet governance faces crossroads at IGF 2025

At the Internet Governance Forum 2025 in Lillestrøm, Norway, the IGF Support Association convened a critical session addressing the long-term sustainability of National and Regional Internet Initiatives (NRIs). With over 170 NRIs worldwide playing a key role in connecting local voices to global internet policy, participants discussed how a potential renewal of the IGF’s UN mandate might influence their operations.

While many, including internet pioneer Vint Cerf, welcomed the idea of institutional stability through UN backing, most agreed it wouldn’t automatically resolve the chronic funding and legitimacy challenges NRIs face on the ground. A recurring concern was the disconnect between expectations and resources.

After nearly two decades, most NRIs still operate on volunteer labour despite being expected to deliver professional-level outcomes. Sandra Hoferichter of EuroDIG warned that this grassroots model is reaching a breaking point, echoing others who called for more stable secretariats and professional staffing.

Joyce Chen and Fiona Asonga emphasised the importance of formalising multistakeholder teams to prevent initiatives from collapsing when key individuals depart. Funding strategies were a central theme, with diverse models discussed—from partnerships with ccTLD managers and technical communities to modest support from national governments.

Yet securing sustainable private sector investment remains difficult, partly because the IGF’s non-decisional format makes it a harder sell to business. Several speakers stressed the need to articulate clear value propositions, especially for big tech companies that benefit from an open and stable internet but often contribute little to maintaining its governance structures.

The session closed with a consensus that real sustainability demands more than money: NRIs need legitimacy, inclusivity, and a deeper integration with national policymaking. Proposals ranged from establishing parliamentary tracks to expanding sub-national IGFs, all with the aim of grounding internet governance in local realities while keeping it globally connected.

Why does it matter?

Despite unresolved questions, the mood remained constructive, with calls to continue the conversation and co-develop innovative models for the next chapter of grassroots digital governance.

Track all key moments from the Internet Governance Forum 2025 on our dedicated IGF page.

Perplexity AI bot now makes videos on X

Perplexity’s AI chatbot, now integrated with X (formerly Twitter), has introduced a feature that allows users to generate short AI-created videos with sound.

By tagging @AskPerplexity with a brief prompt, users receive eight-second clips featuring computer-generated visuals and audio, including dialogue. The move is as a potential driver of engagement on the Elon Musk-owned platform.

However, concerns have emerged over the possibility of misinformation spreading more easily. Perplexity claims to have installed strong filters to limit abuse, but X’s poor content moderation continues to fuel scepticism.

The feature has already been used to create imaginative videos involving public figures, sparking debates around ethical use.

The competition between Perplexity’s ‘Ask’ bot and Musk’s Grok AI is intensifying, with the former taking the lead in multimedia capabilities. Despite its popularity on X, Grok does not currently support video generation.

Meanwhile, Perplexity is expanding to other platforms, including WhatsApp, offering AI services directly without requiring a separate app or registration.

Legal troubles have also surfaced. The BBC is threatening legal action against Perplexity over alleged unauthorised use of its content for AI training. In a strongly worded letter, the broadcaster has demanded content deletion, compensation, and a halt to further scraping.

Perplexity dismissed the claims as manipulative, accusing the BBC of misunderstanding technology and copyright law.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!