Critical internet resources

EU Commission proposes enhanced cyber crisis management framework

The EU Commission introduced a proposal aimed at strengthening the EU’s response to large-scale cyber attacks. This recommendation to the Council of Ministers seeks to update the existing EU framework for crisis management in cybersecurity and outline the roles of relevant EU actors, including civilian and military entities as well as NATO.

Specifically, the proposal aims to establish coordination points with NATO to facilitate information sharing during cyber crises, including interconnections between systems. If Member States deploy defense initiatives during a cybersecurity incident, they must inform EU-CyCLONe and the EU Cyber Commanders Conference.

The High Representative, in collaboration with the Commission and relevant entities, should facilitate information flow with strategic partners during identified incidents and enhance coordination against malicious cyber activities using the cyber diplomacy toolbox. Joint exercises should be organized to test cooperation between civilian and military components during significant incidents, including those affecting NATO allies and candidate countries.

The Commission noted that a significant cybersecurity incident could overwhelm the response capabilities of individual Member States and impact multiple EU countries, potentially leading to a crisis that disrupts the internal market and poses risks to public safety. It encourages the establishment of voluntary collaborative clusters to foster cooperation and trust in cybersecurity. Member States can create these clusters based on existing information-sharing frameworks, focusing on common threats while adhering to the mandates of participating actors.

The document emphasizes the importance of a comprehensive and integrated approach to crisis management across all sectors and levels of government. It highlights that if cybersecurity incidents are part of a broader hybrid campaign, stakeholders should collaborate to develop a unified situational awareness across sectors.

Within twelve months of adopting the cybersecurity blueprint, Member States must develop a unified taxonomy for cyber crisis management and establish guidelines for the secure handling of cybersecurity information. The proposal emphasises avoiding over-classification to promote the sharing of non-classified information through established cooperation platforms.

To enhance preparedness for crises and improve organizational efficiency, Member States and relevant entities should conduct ongoing cyber exercises based on scenarios derived from EU-coordinated risk assessments, aligning with existing crisis response mechanisms. Smaller exercises should test interactions during escalating incidents, while the Commission, EEAS, and ENISA will organize an exercise within eighteen months to evaluate the cybersecurity blueprint, involving all relevant stakeholders, including the private sector.

The proposal also recommends that Member States and critical infrastructure operators integrate at least one Union-based DNS infrastructure, such as DNS4EU, to ensure reliable services during crises. ENISA and EU-CyCLONe are tasked with creating emergency failover guidelines for transitioning to Union-based DNS in case of service failures.

While the cybersecurity blueprint does not interfere with how entities define their internal procedures, each entity should clearly define the interfaces used for working with other entities. These interfaces should be jointly agreed upon between the entities concerned and documented.

National and cross-border cyber hubs should share threat information to bolster protection against Union-specific threats, and Member States are encouraged to engage in a multistakeholder forum to identify best practices and standards for securing critical Internet infrastructure. Public and private entities should implement threat-informed detection strategies to proactively identify potential disruptions. They must share information about covert operations with partners before crises escalate and report potential cyber crises to relevant networks, while the CSIRTs Network and EU-CyCLONe establish procedures for coordinating responses to large-scale incidents.

For more information on these topics, visit diplomacy.edu.

Competition heats up for Musk’s Starlink in satellite internet

Elon Musk’s Starlink is facing mounting competition from several ambitious satellite internet projects, including China’s SpaceSail and Jeff Bezos’s Project Kuiper. SpaceSail, backed by the Chinese government, recently expanded its reach to Brazil and Kazakhstan, with plans for a 15,000-satellite constellation by 2030. Meanwhile, Bezos’s Project Kuiper is in talks with Brazilian officials to establish its own LEO satellite network.

These developments come as Beijing accelerates its investment in satellite technology, having launched a record 263 satellites last year. With SpaceSail aiming to deploy 648 satellites in 2025 alone, it is positioning itself as a serious challenger to Starlink’s current fleet of around 7,000 satellites. SpaceSail’s plans are seen as part of China’s broader push to expand its digital influence, sparking concerns about potential censorship capabilities.

For more information on these topics, visit diplomacy.edu.

Musk’s X wins court motion to remove judge in German election data case

Elon Musk-owned social media platform X has succeeded in removing a judge from a German court case concerning demands for real-time election data.

The case, brought by activist groups Democracy Reporting International and the Society for Civil Rights, aimed to secure immediate access to data from the February 23 German election to monitor misinformation.

Although a Berlin court initially supported the activists’ request, X filed a motion arguing the judge had shown bias by interacting with the plaintiffs’ social media posts. The court approved the motion, though similar claims against two other judges were dismissed.

The ruling means that the activists will not receive the requested data within their critical timeframe. A hearing on the matter is set for February 27, but any ruling will come too late to influence their election monitoring efforts in Germany.

However, the decision could establish an important precedent for future transparency cases involving social media platforms. The activists had argued that while some election data is technically accessible, it is not realistically obtainable without direct access from X.

X has also announced plans to sue the German government over what it calls excessive user data requests, claiming these demands violate privacy and freedom of expression.

The German digital affairs ministry acknowledged X’s public statements but confirmed that no formal lawsuits had been filed yet. The escalating legal dispute highlights growing tensions between Musk and German authorities, particularly as the country prepares for key elections amid concerns over misinformation.

For more information on these topics, visit diplomacy.edu.

Russia fines Google over YouTube content on surrendering soldiers

A Russian court has fined Google 3.8 million roubles (£32,600) for hosting YouTube videos that allegedly instructed Russian soldiers on how to surrender. The ruling is part of Moscow’s ongoing crackdown on content it deems illegal, particularly regarding the war in Ukraine. Google has not yet responded to the decision.

Authorities in Russia have frequently ordered foreign tech companies to remove content they claim spreads misinformation. Critics argue that the government is deliberately slowing YouTube‘s download speeds to limit access to material critical of President Vladimir Putin. Moscow denies the accusation, blaming Google for failing to upgrade its infrastructure.

President Putin has previously accused Google of being used by Washington to serve political interests. The latest fine is one of many imposed on the company as part of Russia’s broader control over digital platforms.

For more information on these topics, visit diplomacy.edu.

Microsoft secures solar power deal with EDP renewables

Microsoft has deepened its commitment to clean energy by securing a long-term virtual power purchase agreement with EDP Renewables North America. As part of the deal, three large-scale solar projects in the United States will supply Microsoft with 389 megawatts of electricity and renewable energy credits. The agreement aligns with the tech giant’s push to power its expanding AI-driven data centres with sustainable energy sources.

The projects, located in Illinois and Texas, began operations between November and December last year. This includes a 140 MW solar installation in Jacksonville, a 110 MW site near Jerseyville, and a 150 MW park near Austin. EDP Renewables confirmed that this latest agreement brings its total number of operational projects with Microsoft in the US to five.

Big technology firms have significantly ramped up investments in renewable energy as they seek to offset the soaring electricity demand of AI infrastructure. Microsoft’s partnership with EDP Renewables marks another step towards the company’s sustainability targets, reinforcing its ambition to run entirely on renewable energy in the near future.

For more information on these topics, visit diplomacy.edu.

Workday lays off 8.5% of staff as it shifts focus to AI

Workday has announced plans to cut around 1,750 jobs, or 8.5% of its workforce, as it shifts focus towards AI and international expansion. CEO Carl Eschenbach said the layoffs would help prioritise investments in AI while also freeing up resources to strengthen the company’s presence in different markets. Shares of the California-based human capital management firm rose over 4% in premarket trading following the announcement.

The industry has faced a slowdown in enterprise spending due to high interest rates affecting tech budgets. Workday expects to incur charges of up to $270 million related to the job cuts, with $60 million to $70 million recognised in the fourth quarter. The company, which had around 18,800 employees as of January last year, also plans to close some of its office spaces as part of its cost-cutting strategy.

Workday faces growing competition in the human capital management sector as rivals consolidate through acquisitions. Recent deals include Paychex’s $4.1 billion purchase of Paycor and ADP‘s $1.2 billion acquisition of WorkForce Software. Despite the job cuts, Workday reaffirmed that its financial performance remains on track, with annual subscription revenue expected to reach $7.70 billion and fourth-quarter revenue forecasted at $2.03 billion.

FBI and Europol target cybercrime networks in global crackdown

A global law enforcement operation has shut down a series of cybercrime websites used for selling stolen data, pirated software, and hacking tools. The FBI and Europol coordinated the takedown as part of ‘Operation Talent’, targeting platforms associated with Cracked, Nulled, StarkRDP, Sellix, and MySellix.

Seizure notices appeared on the affected websites, and officials confirmed that information on customers and victims had also been obtained. Europol stated that further details would be released within 24 hours, while the FBI has not yet commented on the operation.

Reports suggest that the targeted sites played various roles in the cybercrime ecosystem, facilitating the trade of stolen login credentials, compromised credit card details, and video game cheats. A message in a Cracked Telegram channel acknowledged the seizure, with administrators expressing uncertainty over the next steps.

Authorities continue to investigate, with the crackdown highlighting ongoing efforts to disrupt cybercriminal networks. More updates are expected as officials analyse the seized data and determine potential follow-up actions.

Smiths Group hit by cybersecurity breach

Smiths Group, the British engineering firm known for its baggage-screening and explosive detection equipment, is addressing a cybersecurity breach involving unauthorised access to its systems. The company confirmed on Tuesday that it had isolated the affected systems as soon as the incident was detected.

Efforts are underway with cybersecurity experts to recover impacted systems and assess the broader implications of the breach. Smiths Group assured it is adhering to all regulatory requirements and promised to provide updates as necessary.

The incident, disclosed in the morning, sent the company’s shares down by as much as 2.3% in early trading. No further details have been provided about the breach or its potential consequences.

OpenAI praises DeepSeek’s affordable AI model

OpenAI CEO Sam Altman has called Chinese startup DeepSeek’s R1 model “impressive,” highlighting its ability to deliver advanced AI performance at a fraction of the cost. According to DeepSeek, its R1 model is 20 to 50 times cheaper to use than OpenAI’s own models, offering significant affordability without sacrificing quality.

Chinese AI, DeepSeek gained global recognition last month when it revealed that training its DeepSeek-V3 model required less than $6 million in computing resources, leveraging lower-cost Nvidia H800 chips. In contrast, Altman noted that OpenAI remains committed to prioritising increased computing power, suggesting this as an important factor in achieving AI progress.

The emergence of DeepSeek has disrupted the AI industry, leading to a significant sell-off in tech stocks, including Nvidia, which recorded a historic single-day loss of $593 billion in market value. Analysts say DeepSeek’s cost-efficient approach raises doubts about the necessity of the massive financial investments made by US tech firms in AI development.

As DeepSeek continues to attract attention, the startup’s success underscores a shift in the AI market, with low-cost models challenging traditional notions of progress in AI.

Undersea cable damaged between Latvia and Sweden

A fibre optic cable running under the Baltic Sea between Latvia and Sweden sustained significant damage, likely due to external factors, according to Latvian authorities. The incident prompted NATO to deploy patrol ships and launch a coordinated investigation with Sweden, where the Security Service seized control of a vessel as part of its probe. Latvian Prime Minister Evika Silina confirmed that her government is collaborating with NATO and neighboring Baltic Sea countries to determine the cause.

Senior prosecutor Mats Ljungqvist stated that investigators are conducting several actions but refrained from disclosing details due to the ongoing preliminary inquiry.

NATO’s recently launched ‘Baltic Sentry’ mission, involving naval and aerial assets, aims to safeguard critical infrastructure in the region following a series of incidents affecting cables, pipelines, and telecom links since Russia’s invasion of Ukraine in 2022. The project also includes the deployment of new technologies, including a small fleet of naval drones. Swedish Prime Minister Ulf Kristersson also emphasized close cooperation with NATO and Latvia in response to the situation.

The damaged cable, located in Sweden’s exclusive economic zone, connects Latvia’s Ventspils to Sweden’s Gotland island. The Latvian State Radio and Television Centre (LVRTC), which operates the cable, reported switching communications to alternative routes and is contracting a repair vessel. Repairs are expected to proceed more quickly than those for gas pipelines or power cables, as fibre optic cables in the Baltic Sea are typically restored within weeks.

This incident follows last month’s damage to the Finnish-Estonian Estlink 2 power line and telecom cables, reportedly caused by a Russian tanker dragging its anchor. Finnish and Swedish leaders underscored the importance of bolstering the protection of critical undersea infrastructure in the Baltic Sea. NATO also stated it reserves the right to act against ships deemed security risks while continuing to monitor the situation closely.