FCC Chairwoman Jessica Rosenworcel has proposed requiring US communications providers to certify annually that they have plans to defend against cyberattacks. The move comes amid growing concerns over espionage by ‘Salt Typhoon,’ a hacking group allegedly linked to Beijing that has infiltrated several American telecom companies to steal call data.
Rosenworcel highlighted the need for a modern framework to secure networks as US intelligence agencies assess the impact of Salt Typhoon’s widespread attack. A senior US official confirmed the hackers had stolen metadata from numerous Americans, breaching at least eight telecom firms.
The FCC proposal, which Rosenworcel has circulated to other commissioners, would take effect immediately if approved. The announcement follows a classified Senate briefing on the breach, but industry giants like Verizon, AT&T, and T-Mobile have yet to comment.
Romania has been subjected to ‘aggressive hybrid Russian attacks’ during a series of recent elections, according to declassified documents from the country’s security council. The revelations come ahead of a presidential runoff between pro-Russian far-right candidate Calin Georgescu and pro-European centrist Elena Lasconi. Georgescu’s unexpected rise, attributed in part to coordinated promotion on TikTok, has raised alarms in this European Union and NATO member state.
Romanian intelligence reported over 85,000 cyber attacks exploiting vulnerabilities, including the publication of election website access data on Russian cybercrime platforms. The attacks persisted on election day and beyond, with officials concluding they stemmed from resources typical of a state actor. Russia has denied any involvement in the election.
If Georgescu wins, his anti-NATO stance and opposition to aiding Ukraine could isolate Romania from Western allies, marking a significant geopolitical shift. The alleged cyber campaigns have intensified concerns about election integrity in the region, drawing attention to the role of foreign interference in shaping democratic outcomes.
With organisations facing an average of 1,300 cyberattacks per week, Axiado is stepping up with a novel defence: a specialised security chip designed to protect digital infrastructure. Founded in 2017, the Silicon Valley-based startup recently secured $60M in Series C funding led by Maverick Silicon, with participation from Samsung Catalyst Fund and other investors. This brings Axiado’s total funding to $140M.
Axiado’s chip defends against boot-level and runtime security threats, ensuring the integrity of devices from data centres to 5G base stations. It uses root-of-trust technology to prevent hardware tampering and leverages AI-powered analytics to detect malicious data patterns. The company’s chip is positioned as a complement to existing software-based cybersecurity measures, acting as a last line of defence against sophisticated attacks.
The new funds will support Axiado’s go-to-market efforts and help transition its products into mass production by 2025. CEO Gopi Sirineni highlights the growing need for hardware-based security solutions, particularly as the stakes rise in the fight against cybercrime. With partnerships like the one with Jabil to develop server cybersecurity solutions, Axiado is set to expand its reach while competing with industry heavyweights and open-source projects such as Google’s OpenTitan.
European authorities have dismantled a sophisticated encrypted messaging app called Matrix, allegedly designed ‘by criminals for criminals,’ according to Europol. Discovered on the phone of a suspect involved in the 2021 murder of a Dutch journalist, Matrix was accessible by invitation only, hosted on 40 servers across multiple countries, and provided features like anonymous internet access, video calls, and transaction tracking. Subscription costs ranged from €1,300 to €1,600 for six months.
During a three-month investigation, authorities intercepted and analysed over 2.3 million messages exchanged on the platform in 33 languages. These communications revealed links to major crimes, including international drug and arms trafficking, as well as money laundering. The operation, led by law enforcement in the Netherlands, France, Lithuania, Italy, and Spain, resulted in the seizure of €145,000 in cash and half a million euros in cryptocurrency.
This takedown follows similar actions against encrypted platforms such as Ghost, Exclu, and EncroChat, highlighting a trend of criminals adopting smaller, more complex communication services. Europol emphasised that these platforms are increasingly used for illicit activities, while Dutch authorities warned that serious criminals ‘wrongly believe they can still operate in secret.’
Arrests were made in France and Spain, while main servers were seized in France and Germany, signalling an intensified effort to disrupt organised crime networks.
US agencies have briefed senators on ‘Salt Typhoon,’ a Chinese cyber-espionage campaign allegedly targeting American telecommunications networks. Officials claim the hackers stole call metadata and other sensitive information, affecting at least eight US telecom firms and dozens of companies worldwide. The breaches have sparked bipartisan concern, with some senators pressing for stronger preventive measures and legislation.
Telecom giants like Verizon, AT&T, and T-Mobile acknowledged the incidents but downplayed the impact on customer data. Federal agencies, including the FBI and Cybersecurity and Infrastructure Security Agency, emphasised the challenge of fully removing hackers from networks, while incoming FCC Chair Brendan Carr pledged to strengthen cybersecurity defences.
China has denied the allegations, calling them disinformation. Meanwhile, a Senate subcommittee hearing on December 11 will focus on the risks posed by such cyber threats and explore ways to protect US communications infrastructure.
A senior United States cybersecurity official has urged Americans to embrace encryption to safeguard their communications, citing ongoing efforts to expel alleged Chinese hackers from US telecom networks. Jeff Greene, Executive Assistant Director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), emphasised the importance of avoiding plaintext communications and recommending encrypted apps like Signal and WhatsApp.
US authorities have accused hackers from China of infiltrating telecommunications companies, such as T-Mobile, to access sensitive data, including call records and intercepted audio, predominantly from Washington, DC. Beijing has denied the allegations, calling them disinformation. Greene acknowledged that removing the hackers entirely from the networks could take an unpredictable amount of time, further underscoring the need for encryption to ensure secure communications.
The advice marks a notable shift from previous US government positions that questioned strong encryption’s impact on public safety. As concerns over foreign cyber intrusions grow, Greene’s remarks highlight encryption as a critical tool for Americans facing prolonged cybersecurity threats.
The founder of Hydra, a notorious darknet marketplace and crypto mixing service has been sentenced to life in prison by a Russian court. Stanislav Moiseev and 15 accomplices were convicted of running a criminal network that handled over $5 billion in cryptocurrency transactions, while also producing and selling illegal drugs and psychotropic substances. Moiseev was also fined $38,100, with additional fines imposed on his accomplices.
Hydra, which was dismantled in 2022 by German authorities, accounted for 80% of all darknet-related cryptocurrency transactions at its peak. It sold stolen credit card data, counterfeit currencies, and fake identity documents. Despite its shutdown, Hydra’s criminal operations left a significant mark, with its user base reportedly including 17 million customers and 19,000 vendors.
The sentences include prison terms ranging from eight to 23 years for Moiseev’s accomplices, alongside the seizure of properties, vehicles, and nearly a ton of drugs. Russian officials have been investigating Hydra since 2016, but the convictions are subject to appeal.
Safe, the multsignature wallet and digital assets platform, has announced plans to launch a blockchain transaction processor network in 2025. Named Safenet, the network aims to provide instant cross-chain payments, eliminating the delays often experienced during blockchain transactions. Inspired by VisaNet, the network will act as a connecting layer for existing blockchains, allowing users to interact with multiple networks through a single account.
Safenet, which will be powered by processors, is designed to offer a seamless experience similar to traditional payment networks, where transactions are processed instantly. The system will also integrate fraud checks, compliance measures, and security protocols to ensure safe transactions. Initially, Safenet will support cross-chain accounts and liquidity functions, with plans to expand its services in the future.
The open system of Safenet allows more processors to join, offering additional services like security, compliance, and automation. Validators will earn rewards by validating transactions and staking in the ecosystem. Schor also mentioned that the platform could offer users the ability to access assets with partial collateral, similar to how traditional banks manage mortgages.
The Safenet network is expected to go live in 2025, with an alpha version set for the first quarter. A validator network is planned for the second quarter, and the full protocol will be launched later in the year, bringing new opportunities to the crypto space.
The SEC has settled allegations against ICBC Financial Services, a US-based unit of the Industrial and Commercial Bank of China, following a ransomware attack in November 2023.
The attack disrupted the company’s operations, including its ability to maintain accurate records and notify customers of securities-related transactions for nearly four months.
Regulators cited the firm’s lack of preparation for a significant cybersecurity incident as a factor leading to the breach. Despite this, the SEC refrained from imposing a civil fine, crediting the company’s meaningful cooperation and extensive remedial efforts in addressing the situation.
ICBC Financial Services neither admitted nor denied any wrongdoing in the settlement. The agreement highlights the SEC’s focus on ensuring firms take proactive steps to strengthen their cybersecurity defences.
Hostile cyber activity targeting the UK has surged, with incidents increasing by 16% in 2024 compared to the previous year. The National Cyber Security Centre (NCSC) reported handling 430 incidents, up from 371 in 2023. Of these, 347 involved data exfiltration, while 20 were linked to ransomware, underscoring the growing risks.
Richard Horne from the NCSC revealed that adversaries are exploiting society’s reliance on technology to maximise disruption. The centre issued 542 notifications to affected organisations, more than doubling the number of alerts from the previous year. Critical infrastructure sectors such as energy, transport, and health remain particularly vulnerable to ransomware attacks.
The annual review from the NCSC emphasised the evolving nature of threats, warning of the potential for AI to enhance cyberattack complexity. Officials also noted that the risks posed by state actors and cybercriminals remain underestimated. Horne urged against complacency, highlighting the severity of both immediate and long-term dangers.
Efforts to counter these threats are intensifying, but experts stress the importance of strengthening defences and maintaining vigilance as the cyber landscape becomes increasingly hostile.
