Consumer protection

Tech support scammers abuse search tools

Tech support scammers have exploited the websites of major firms such as Apple, Microsoft, and Netflix to trick users into calling them. Using sponsored ads and a technique known as search parameter injection, scammers have manipulated legitimate support pages to display fake helpline numbers.

Victims searching for 24/7 support are directed to genuine websites where misleading search results prominently show fraudulent numbers. According to researchers, the address bar shows the official URL, reducing suspicion and increasing the likelihood that users will call the scammers.

Once connected, the fraudsters pose as legitimate staff and attempt to steal sensitive information, including personal data, payment details or access to victims’ devices. Financial services sites like Bank of America and PayPal have also been targeted, with attackers aiming to drain accounts.

Experts warn that while some scams are easy to spot, others appear highly convincing, especially on sites like Apple’s and Netflix’s. Users are urged to verify contact details through official channels rather than relying on search results or ads.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Salt Typhoon exploits critical Cisco flaw to breach Canadian network

Canadian and US authorities have attributed a cyberattack on a Canadian telecommunications provider to state-sponsored actors allegedly linked to China. The attack exploited a critical vulnerability that had been patched 16 months earlier.

According to a statement issued on Monday by Canada’s Communications Security Establishment (CSE), the breach is attributed to a threat group known as Salt Typhoon, believed to be operating on behalf of the Chinese government.

‘The Cyber Centre is aware of malicious cyber activities currently targeting Canadian telecommunications companies,’ the CSE stated, adding that Salt Typhoon was ‘almost certainly’ responsible. The US FBI released a similar advisory.

Salt Typhoon is one of several threat actors associated with the People’s Republic of China (PRC), with a history of conducting cyber operations against telecommunications and infrastructure targets globally.

In late 2023, security researchers disclosed that over 10,000 Cisco devices had been compromised by exploiting CVE-2023-20198—a vulnerability rated 10/10 in severity.

The exploit targeted Cisco devices running iOS XE software with HTTP or HTTPS services enabled. Despite Cisco releasing a patch in October 2023, the vulnerability remained unaddressed in some systems.

In mid-February 2025, three network devices operated by an unnamed Canadian telecom company were compromised, with attackers retrieving configuration files and modifying at least one to create a GRE tunnel—allowing network traffic to be captured.

Cisco has also linked Salt Typhoon to a broader campaign using multiple patched vulnerabilities, including CVE-2018-0171, CVE-2023-20273, and CVE-2024-20399.

The Cyber Centre noted that the compromise could allow unauthorised access to internal network data or serve as a foothold to breach additional targets. Officials also stated that some activity may have been limited to reconnaissance.

While neither agency commented on why the affected devices had not been updated, the prolonged delay in patching such a high-severity flaw highlights ongoing challenges in maintaining basic cyber hygiene.

The authorities in Canada warned that similar espionage operations are likely to continue targeting the telecom sector and associated clients over the next two years.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

McLaren Health Care confirms major ransomware attack and data breach

McLaren Health Care in Michigan has begun notifying over 743,000 individuals that their personal and health data may have been compromised in a ransomware attack in August 2024.

The health system confirmed that unauthorised access to its systems began on 17 July and continued until 3 August 2024, affecting McLaren Health Care and its Karmanos Cancer Centers.

A forensic investigation concluded on 5 May 2025 revealed that files containing names, Social Security numbers, driver’s licence details, medical information, and insurance data were accessed.

Notification letters began going out on 20 June 2025, and recipients are being offered 12 months of complimentary credit monitoring and identity theft protection.

Although the incident has not been officially attributed to a specific ransomware group, industry reports have previously linked the attack to the Inc. Ransom group. However, McLaren Health Care has not confirmed this, and the group has not publicly listed McLaren on its leak site.

However, this is McLaren’s second ransomware incident within a year. A previous attack by the ALPHV/BlackCat group compromised the data of more than 2.1 million individuals.

Following the August 2024 attack, McLaren Health Care restored its IT systems ahead of schedule and resumed normal operations, including reopening emergency departments and rescheduling postponed appointments and surgeries.

However, data collected manually during the outage is still being integrated into the electronic health record (EHR) system, a process expected to take several weeks.

McLaren Health Care has stated that it continues to investigate the full scope of the breach and will issue further notifications if additional data exposures are identified. The organisation works with external cybersecurity experts to strengthen its systems and prevent future incidents.

The attack caused disruptions across all 13 hospitals in the McLaren system and affiliated cancer centres, surgery centres, and clinics. While systems have been restored, McLaren has encouraged patients to remain prepared by bringing essential documents and information to appointments.

The health system expressed appreciation for its staff’s efforts and patients’ patience during the response and recovery efforts.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cloudflare blocks the largest DDoS attack in internet history

Cloudflare has blocked what it describes as the largest distributed denial-of-service (DDoS) attack ever recorded after nearly 38 terabytes of data were unleashed in just 45 seconds.

The onslaught generated a peak traffic rate of 7.3 terabits per second and targeted nearly 22,000 destination ports on a single IP address managed by an undisclosed hosting provider.

Instead of relying on a mix of tactics, the attackers primarily used UDP packet floods, which accounted for almost all attacks. A small fraction employed outdated diagnostic tools and methods such as reflection and amplification to intensify the network overload.

These techniques exploit how some systems automatically respond to ping requests, causing massive data feedback loops when scaled.

Originating from 161 countries, the attack saw nearly half its traffic come from IPs in Brazil and Vietnam, with the remainder traced to Taiwan, China, Indonesia, and the US.

Despite appearing globally orchestrated, most traffic came from compromised devices—often everyday items infected with malware and turned into bots without their owners’ knowledge.

To manage the unprecedented data surge, Cloudflare used a decentralised approach. Traffic was rerouted to data centres close to its origin, while advanced detection systems identified and blocked harmful packets without disturbing legitimate data flows.

The incident highlights the scale of modern cyberattacks and the growing sophistication of defences needed to stop them.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

M&S and Co‑op hit by Scattered Spider attack

High street giants M&S and Co‑op remain under siege after the Scattered Spider gang’s sophisticated cyber‑attack this April. The breaches disrupted online services and automated systems, leading to suspended orders, empty shelves and significant reputational damage.

Authorities have classified the incident as category‑2, with initial estimates suggesting losses between £270 million and £440 million. M&S expects a £300 million hit to its annual profit, with daily online sales down by up to £4 million during the outage.

In a rare display of unity, Tesco’s Booker arm stepped in to supply M&S and some independent Co‑op stores, helping to ease stock shortages. Meanwhile, cyber insurers have signalled increasing premiums, with the cost of cover for retail firms rising by up to 10 percent.

The National Cyber Security Centre and government ministers have issued urgent calls for the sector to strengthen defences, citing such high‑impact incidents as a vital wake‑up call for business readiness.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Oakley Meta HSTN smart glasses unveiled

Meta and Oakley have revealed the Oakley Meta HSTN, a new AI-powered smart glasses model explicitly designed for athletes and fitness fans. The glasses combine Meta’s advanced AI with Oakley’s signature sporty design, offering features tailored for high-performance settings.

The device is ideal for workouts and outdoor use and is equipped with a 3K ultra-HD camera, open-ear speakers, and IPX4 water resistance.

On-device Meta AI provides real-time coaching, hands-free information and eight hours of active battery life, while a compact charging case adds up to 48 more hours.

The glasses are set for pre-order from 11 July, with a limited-edition gold-accent version priced at 499 dollars. Standard versions will follow later in the summer, with availability expanding beyond North America, Europe and Australia to India and the UAE by year-end.

Sports stars like Kylian Mbappé and Patrick Mahomes are helping introduce the glasses, representing Meta’s move to integrate smart tech into athletic gear. The product marks a shift from lifestyle-focused eyewear to functional devices supporting sports performance.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Watson CoPilot brings AI-driven support to small firms

IBM has introduced AI-powered software to help small businesses improve operations and customer engagement. Based on its Watson AI, the tools aim to streamline tasks, reduce costs and offer deeper insights into customer behaviour.

One of the key features is Watson CoPilot, an AI assistant that handles routine customer queries using natural language processing. However, this allows employees to focus on complex tasks while improving response times and customer satisfaction.

IBM highlighted the potential of these tools to strengthen customer loyalty and drive growth in a competitive market. However, small firms may face challenges such as integration costs, data security concerns and the need for staff training.

The company provides support and resources to ease adoption and help businesses customise the technology to their needs. Using AI responsibly allows small businesses to gain a valuable edge in an increasingly digital economy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China pushes quantum computing towards industrial use

A Chinese startup has used quantum computing to improve breast cancer screening accuracy, highlighting how the technology could transform medical diagnostics—based in Hefei, Origin Quantum applied its superconducting quantum processor to analyse medical images faster and more precisely.

China is accelerating efforts to turn quantum research into industrial applications, with companies focusing on areas such as drug discovery, smart cities and finance. Government backing and national policy have driven rapid growth in the sector, with over 150 firms now active in quantum computing.

In addition to medical uses, quantum algorithms are being tested in autonomous parking, which has dramatically cut wait times. Banks and telecom firms have also begun adopting quantum solutions to improve operational efficiency in areas like staff scheduling.

The merging of quantum computing with AI is seen as the next significant step, with Origin Quantum recently fine-tuning a billion-parameter AI model on its quantum system. Experts expect the integration of these technologies to shift from labs to practical use in the next five years.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Lawmakers at IGF 2025 call for global digital safeguards

At the Internet Governance Forum (IGF) 2025 in Norway, a high‑level parliamentary roundtable convened global lawmakers to tackle the pressing challenge of digital threats to democracy. Led by moderator Nikolis Smith, the discussion included Martin Chungong, Secretary‑General of the Inter‑Parliamentary Union (via video), and MPs from Norway, Kenya, California, Barbados, and Tajikistan. The central concern was how AI, disinformation, deepfakes, and digital inequality jeopardise truth, electoral integrity, and public trust.

Grunde Almeland, Member of the Norwegian Parliament, warned: ‘Truth is becoming less relevant … it’s hard and harder to pierce [confirmation‑bias] bubbles with factual debate and … facts.’ He championed strong, independent media, noting Norway’s success as “number one on the press freedom index” due to its editorial independence and extensive public funding. Almeland emphasised that legislation exists, but practical implementation and international coordination are key.

Kenyan Senator Catherine Mumma described a comprehensive legal framework—including cybercrime, data protection, and media acts—but admitted gaps in tackling misinformation. ‘We don’t have a law that specifically addresses misinformation and disinformation,’ she said, adding that social‑media rumours ‘[sometimes escalate] to violence’ especially around elections. Mumma called for balanced regulation that safeguards innovation, human rights, and investment in digital infrastructure and inclusion.

California Assembly Member Rebecca Bauer‑Kahn outlined her state’s trailblazing privacy and AI regulations. She highlighted a new law mandating watermarking of AI‑generated content and requiring political‑advert disclosures, although these face legal challenges as potentially ‘forced speech.’ Bauer‑Kahn stressed the need for ‘technology for good,’ including funding universities to develop watermarking and authentication tools—like Adobe’s system for verifying official content—emphasising that visual transparency restores trust.

Barbados MP Marsha Caddle recounted a recent deepfake falsely attributed to her prime minister, saying it risked ‘put[ting] at risk … global engagement.’ She promoted democratic literacy and transparency, explaining that parliamentary meetings are broadcast live to encourage public trust. She also praised local tech platforms such as Zindi in Africa, saying they foster home‑grown solutions to combat disinformation.

Tajikistan MP Zafar Alizoda highlighted regional disparities in data protections, noting that while EU citizens benefit from GDPR, users in Central Asia remain vulnerable. He urged platforms to adopt uniform global privacy standards: ‘Global platforms … must improve their policies for all users, regardless of the country of the user.’

Several participants—including John K.J. Kiarie, MP from Kenya—raised the crucial issue of ‘technological dumping,’ whereby wealthy nations and tech giants export harmful practices to vulnerable regions. Kiarie warned: ‘My people will be condemned to digital plantations… just like … slave trade.’ The consensus called for global digital governance treaties akin to nuclear or climate accords, alongside enforceable codes of conduct for Big Tech.

Despite challenges—such as balancing child protection, privacy, and platform regulation—parliamentarians reaffirmed shared goals: strengthening independent media, implementing watermarking and authentication technologies, increasing public literacy, ensuring equitable data protections, and fostering global cooperation. As Grunde Almeland put it: ‘We need to find spaces where we work together internationally… to find this common ground, a common set of rules.’ Their unified message: safeguarding democracy in the digital age demands national resilience and collective global action.

Track all key moments from the Internet Governance Forum 2025 on our dedicated IGF page.

FC Barcelona documents leaked in ransomware breach

A recent cyberattack on French insurer SMABTP’s Spanish subsidiary, Asefa, has led to the leak of over 200GB of sensitive data, including documents related to FC Barcelona.

The ransomware group Qilin has claimed responsibility for the breach, highlighting the growing threat posed by such actors. With high-profile victims now in the spotlight, the reputational damage could be substantial for Asefa and its clients.

The incident comes amid growing concern among UK small and medium-sized enterprises (SMEs) about cyber threats. According to GlobalData’s UK SME Insurance Survey 2025, more than a quarter of SMEs have been influenced by media reports of cyberattacks when purchasing cyber insurance.

Meanwhile, nearly one in five cited a competitor’s victimisation as a motivating factor.

Over 300 organisations have fallen victim to Qilin in the past year alone, reflecting a broader trend in the rise of AI-enabled cybercrime.

AI allows cybercriminals to refine their methods, making attacks more effective and challenging to detect. As a result, companies are increasingly recognising the importance of robust cybersecurity measures.

With threats escalating, there is an urgent call for insurers to offer more tailored cyber coverage and proactive services. The breach involving FC Barcelona is a stark reminder that no organisation is immune and that better risk assessment and resilience planning are now business essentials.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!