Critical internet resources

Musk blames ‘major cyberattack’ for X outage, points to Ukraine

Elon Musk’s social media platform, X, experienced widespread disruptions on Monday, which the billionaire attributed to a major cyberattack.

Musk claimed the platform was targeted by an unusually powerful denial-of-service (DoS) attack, suggesting that a well-coordinated group or nation-state might be responsible. However, he offered no concrete evidence to support the claim, leaving cybersecurity experts sceptical.

Many pointed out that DoS attacks, which flood websites with excessive traffic to overwhelm their servers, are commonly executed by small groups or individuals with relatively limited resources.

Reports of outages spiked early in the day, with Downdetector tracking over 39,000 complaints from users in the US at the peak of the disruption. By the afternoon, the number had dwindled significantly, though intermittent service issues persisted for some.

According to an anonymous industry source, the attack consisted of multiple waves of rogue traffic bombarding X’s servers, beginning around 9:45 UTC.

While Musk later asserted in an interview with Fox Business that the cyberattack originated from Ukraine, the same industry source disputed this claim, stating that the bulk of the malicious traffic came from various locations, including the USA, Vietnam, and Brazil, with only a minimal amount from Ukraine.

Tracing the true origin of DoS attacks is notoriously tricky, as attackers often use proxy servers and botnets to disguise their locations.

Cybersecurity specialists have noted that assigning blame based solely on IP addresses can be misleading, as they rarely indicate the actual perpetrators. Despite Musk’s insistence on a Ukraine-based origin, no definitive proof has been presented to substantiate the claim.

Musk’s comments come amid his increasingly vocal criticisms of Ukraine’s ongoing war efforts against Russia, aligning with sentiments echoed by US President Donald Trump, whom he advises.

Over the weekend, Musk suggested that Ukraine’s battlefield operations would collapse without his Starlink satellite communication system, although he clarified that he had no intention of cutting off access.

The latest controversy surrounding X’s cyberattack has further fueled speculation about Musk’s political and strategic positioning in the ongoing geopolitical conflict.

For more information on these topics, visit diplomacy.edu.

Quantum machines secures $170 million for growth

Quantum Machines (QM), a leader in quantum computing technology, has raised $170 million in a mid-stage funding round, bringing its total funding to $280 million. The investment is seen as a significant step in accelerating QM’s role in the rapidly evolving quantum computing industry. With quantum technology on the verge of becoming a major disruptive force, this funding will help QM expand its hardware and software offerings to meet the demands of quantum system developers globally.

Quantum computing holds enormous promise for breakthroughs in fields such as medicine and chemistry, offering the ability to solve problems far beyond the capabilities of classical computers. While the technology is still developing, key milestones are being reached, including IBM and Google’s advancements in achieving over 1,000 qubits. These developments signal that practical quantum computers could soon become a reality.

QM’s growth is supported by strong backing from major investors, including PSG Equity and Intel Capital, reflecting the increasing confidence in the potential of quantum computing. As the technology matures, companies like Microsoft and Nvidia are also contributing to the ecosystem, highlighting that the quantum race is heating up. Despite regional challenges, Israeli tech startups, including QM, are continuing to attract investment, contributing to the country’s growing tech sector.

With this new funding, QM is well-positioned to drive forward its mission to innovate and lead in the quantum computing space, which many consider one of the most important technological developments of the current generation.

For more information on these topics, visit diplomacy.edu.

EU Commission proposes enhanced cyber crisis management framework

The EU Commission introduced a proposal aimed at strengthening the EU’s response to large-scale cyber attacks. This recommendation to the Council of Ministers seeks to update the existing EU framework for crisis management in cybersecurity and outline the roles of relevant EU actors, including civilian and military entities as well as NATO.

Specifically, the proposal aims to establish coordination points with NATO to facilitate information sharing during cyber crises, including interconnections between systems. If Member States deploy defense initiatives during a cybersecurity incident, they must inform EU-CyCLONe and the EU Cyber Commanders Conference.

The High Representative, in collaboration with the Commission and relevant entities, should facilitate information flow with strategic partners during identified incidents and enhance coordination against malicious cyber activities using the cyber diplomacy toolbox. Joint exercises should be organized to test cooperation between civilian and military components during significant incidents, including those affecting NATO allies and candidate countries.

The Commission noted that a significant cybersecurity incident could overwhelm the response capabilities of individual Member States and impact multiple EU countries, potentially leading to a crisis that disrupts the internal market and poses risks to public safety. It encourages the establishment of voluntary collaborative clusters to foster cooperation and trust in cybersecurity. Member States can create these clusters based on existing information-sharing frameworks, focusing on common threats while adhering to the mandates of participating actors.

The document emphasizes the importance of a comprehensive and integrated approach to crisis management across all sectors and levels of government. It highlights that if cybersecurity incidents are part of a broader hybrid campaign, stakeholders should collaborate to develop a unified situational awareness across sectors.

Within twelve months of adopting the cybersecurity blueprint, Member States must develop a unified taxonomy for cyber crisis management and establish guidelines for the secure handling of cybersecurity information. The proposal emphasises avoiding over-classification to promote the sharing of non-classified information through established cooperation platforms.

To enhance preparedness for crises and improve organizational efficiency, Member States and relevant entities should conduct ongoing cyber exercises based on scenarios derived from EU-coordinated risk assessments, aligning with existing crisis response mechanisms. Smaller exercises should test interactions during escalating incidents, while the Commission, EEAS, and ENISA will organize an exercise within eighteen months to evaluate the cybersecurity blueprint, involving all relevant stakeholders, including the private sector.

The proposal also recommends that Member States and critical infrastructure operators integrate at least one Union-based DNS infrastructure, such as DNS4EU, to ensure reliable services during crises. ENISA and EU-CyCLONe are tasked with creating emergency failover guidelines for transitioning to Union-based DNS in case of service failures.

While the cybersecurity blueprint does not interfere with how entities define their internal procedures, each entity should clearly define the interfaces used for working with other entities. These interfaces should be jointly agreed upon between the entities concerned and documented.

National and cross-border cyber hubs should share threat information to bolster protection against Union-specific threats, and Member States are encouraged to engage in a multistakeholder forum to identify best practices and standards for securing critical Internet infrastructure. Public and private entities should implement threat-informed detection strategies to proactively identify potential disruptions. They must share information about covert operations with partners before crises escalate and report potential cyber crises to relevant networks, while the CSIRTs Network and EU-CyCLONe establish procedures for coordinating responses to large-scale incidents.

For more information on these topics, visit diplomacy.edu.

Competition heats up for Musk’s Starlink in satellite internet

Elon Musk’s Starlink is facing mounting competition from several ambitious satellite internet projects, including China’s SpaceSail and Jeff Bezos’s Project Kuiper. SpaceSail, backed by the Chinese government, recently expanded its reach to Brazil and Kazakhstan, with plans for a 15,000-satellite constellation by 2030. Meanwhile, Bezos’s Project Kuiper is in talks with Brazilian officials to establish its own LEO satellite network.

These developments come as Beijing accelerates its investment in satellite technology, having launched a record 263 satellites last year. With SpaceSail aiming to deploy 648 satellites in 2025 alone, it is positioning itself as a serious challenger to Starlink’s current fleet of around 7,000 satellites. SpaceSail’s plans are seen as part of China’s broader push to expand its digital influence, sparking concerns about potential censorship capabilities.

For more information on these topics, visit diplomacy.edu.

Musk’s X wins court motion to remove judge in German election data case

Elon Musk-owned social media platform X has succeeded in removing a judge from a German court case concerning demands for real-time election data.

The case, brought by activist groups Democracy Reporting International and the Society for Civil Rights, aimed to secure immediate access to data from the February 23 German election to monitor misinformation.

Although a Berlin court initially supported the activists’ request, X filed a motion arguing the judge had shown bias by interacting with the plaintiffs’ social media posts. The court approved the motion, though similar claims against two other judges were dismissed.

The ruling means that the activists will not receive the requested data within their critical timeframe. A hearing on the matter is set for February 27, but any ruling will come too late to influence their election monitoring efforts in Germany.

However, the decision could establish an important precedent for future transparency cases involving social media platforms. The activists had argued that while some election data is technically accessible, it is not realistically obtainable without direct access from X.

X has also announced plans to sue the German government over what it calls excessive user data requests, claiming these demands violate privacy and freedom of expression.

The German digital affairs ministry acknowledged X’s public statements but confirmed that no formal lawsuits had been filed yet. The escalating legal dispute highlights growing tensions between Musk and German authorities, particularly as the country prepares for key elections amid concerns over misinformation.

For more information on these topics, visit diplomacy.edu.

Russia fines Google over YouTube content on surrendering soldiers

A Russian court has fined Google 3.8 million roubles (£32,600) for hosting YouTube videos that allegedly instructed Russian soldiers on how to surrender. The ruling is part of Moscow’s ongoing crackdown on content it deems illegal, particularly regarding the war in Ukraine. Google has not yet responded to the decision.

Authorities in Russia have frequently ordered foreign tech companies to remove content they claim spreads misinformation. Critics argue that the government is deliberately slowing YouTube‘s download speeds to limit access to material critical of President Vladimir Putin. Moscow denies the accusation, blaming Google for failing to upgrade its infrastructure.

President Putin has previously accused Google of being used by Washington to serve political interests. The latest fine is one of many imposed on the company as part of Russia’s broader control over digital platforms.

For more information on these topics, visit diplomacy.edu.

Microsoft secures solar power deal with EDP renewables

Microsoft has deepened its commitment to clean energy by securing a long-term virtual power purchase agreement with EDP Renewables North America. As part of the deal, three large-scale solar projects in the United States will supply Microsoft with 389 megawatts of electricity and renewable energy credits. The agreement aligns with the tech giant’s push to power its expanding AI-driven data centres with sustainable energy sources.

The projects, located in Illinois and Texas, began operations between November and December last year. This includes a 140 MW solar installation in Jacksonville, a 110 MW site near Jerseyville, and a 150 MW park near Austin. EDP Renewables confirmed that this latest agreement brings its total number of operational projects with Microsoft in the US to five.

Big technology firms have significantly ramped up investments in renewable energy as they seek to offset the soaring electricity demand of AI infrastructure. Microsoft’s partnership with EDP Renewables marks another step towards the company’s sustainability targets, reinforcing its ambition to run entirely on renewable energy in the near future.

For more information on these topics, visit diplomacy.edu.

Workday lays off 8.5% of staff as it shifts focus to AI

Workday has announced plans to cut around 1,750 jobs, or 8.5% of its workforce, as it shifts focus towards AI and international expansion. CEO Carl Eschenbach said the layoffs would help prioritise investments in AI while also freeing up resources to strengthen the company’s presence in different markets. Shares of the California-based human capital management firm rose over 4% in premarket trading following the announcement.

The industry has faced a slowdown in enterprise spending due to high interest rates affecting tech budgets. Workday expects to incur charges of up to $270 million related to the job cuts, with $60 million to $70 million recognised in the fourth quarter. The company, which had around 18,800 employees as of January last year, also plans to close some of its office spaces as part of its cost-cutting strategy.

Workday faces growing competition in the human capital management sector as rivals consolidate through acquisitions. Recent deals include Paychex’s $4.1 billion purchase of Paycor and ADP‘s $1.2 billion acquisition of WorkForce Software. Despite the job cuts, Workday reaffirmed that its financial performance remains on track, with annual subscription revenue expected to reach $7.70 billion and fourth-quarter revenue forecasted at $2.03 billion.

FBI and Europol target cybercrime networks in global crackdown

A global law enforcement operation has shut down a series of cybercrime websites used for selling stolen data, pirated software, and hacking tools. The FBI and Europol coordinated the takedown as part of ‘Operation Talent’, targeting platforms associated with Cracked, Nulled, StarkRDP, Sellix, and MySellix.

Seizure notices appeared on the affected websites, and officials confirmed that information on customers and victims had also been obtained. Europol stated that further details would be released within 24 hours, while the FBI has not yet commented on the operation.

Reports suggest that the targeted sites played various roles in the cybercrime ecosystem, facilitating the trade of stolen login credentials, compromised credit card details, and video game cheats. A message in a Cracked Telegram channel acknowledged the seizure, with administrators expressing uncertainty over the next steps.

Authorities continue to investigate, with the crackdown highlighting ongoing efforts to disrupt cybercriminal networks. More updates are expected as officials analyse the seized data and determine potential follow-up actions.

Smiths Group hit by cybersecurity breach

Smiths Group, the British engineering firm known for its baggage-screening and explosive detection equipment, is addressing a cybersecurity breach involving unauthorised access to its systems. The company confirmed on Tuesday that it had isolated the affected systems as soon as the incident was detected.

Efforts are underway with cybersecurity experts to recover impacted systems and assess the broader implications of the breach. Smiths Group assured it is adhering to all regulatory requirements and promised to provide updates as necessary.

The incident, disclosed in the morning, sent the company’s shares down by as much as 2.3% in early trading. No further details have been provided about the breach or its potential consequences.