Cybercrime

CISA highlights failures after US agency cyber breach

The US Cybersecurity and Infrastructure Security Agency (CISA) has published lessons from its response to a federal agency breach.

Hackers exploited an unpatched vulnerability in GeoServer software, gaining access to multiple systems. CISA noted that the flaw had been disclosed weeks earlier and added to its Known Exploited Vulnerabilities catalogue, but the agency had not patched it in time.

Investigators also found that incident response plans were outdated and had not been tested. The lack of clear procedures delayed third-party support and restricted access to vital security tools during the investigation.

CISA added that endpoint detection alerts were not continuously reviewed and some US public-facing systems had no protection, leaving attackers free to install web shells and move laterally through the network.

The agency urged all organisations to prioritise patching, maintain and rehearse incident response plans, and ensure comprehensive logging to strengthen resilience against future cybersecurity attacks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Secrets sprawl flagged as top software supply chain risk in Australia

Avocado Consulting urges Australian organisations to boost software supply chain security after a high-alert warning from the Australian Cyber Security Centre (ACSC). The alert flagged threats, including social engineering, stolen tokens, and manipulated software packages.

Dennis Baltazar of Avocado Consulting said attackers combine social engineering with living-off-the-land techniques, making attacks appear routine. He warned that secrets left across systems can turn small slips into major breaches.

Baltazar advised immediate audits to find unmanaged privileged accounts and non-human identities. He urged embedding security into workflows by using short-lived credentials, policy-as-code, and default secret detection to reduce incidents and increase development speed for users in Australia.

Avocado Consulting advises organisations to eliminate secrets from code and pipelines, rotate tokens frequently, and validate every software dependency by default using version pinning, integrity checks, and provenance verification. Monitoring CI/CD activity for anomalies can also help detect attacks early.

Failing to act could expose cryptographic keys, facilitate privilege escalation, and result in reputational and operational damage. Avocado Consulting states that secure development practices must become the default, with automated scanning and push protection integrated into the software development lifecycle.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Canadian probe finds TikTok failing to protect children’s privacy

A Canadian privacy investigation has found that TikTok has not taken sufficient measures to prevent children under 13 from accessing its platform or to protect their personal data.

Despite stating that the app is not intended for young users, the report states that hundreds of thousands of Canadian children use it yearly.

The investigation also found that TikTok collects vast amounts of data from users, including children, and uses it for targeted ads and content, potentially harming youth.

In response, TikTok agreed to strengthen safeguards and clarify data practices but disagreed with some findings.

The probe is part of growing global scrutiny over TikTok’s privacy and security practices, with similar actions taken in the USA and EU amid ongoing concerns about the Chinese-owned app’s data handling and national security implications.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UK government AI tool recovers £500m lost to fraud

A new AI system developed by the UK Cabinet Office has helped reclaim nearly £500m in fraudulent payments, marking the government’s most significant recovery of public funds in a single year.

The Fraud Risk Assessment Accelerator analyses data across government departments to identify weaknesses and prevent scams before they occur.

It uncovered unlawful council tax claims, social housing subletting, and pandemic-related fraud, including £186m linked to Covid support schemes. Ministers stated the savings would be redirected to fund nurses, teachers, and police officers.

Officials confirmed the tool will be licensed internationally, with the US, Canada, Australia, and New Zealand among the first partners expected to adopt it.

The UK announced the initiative at an anti-fraud summit with these countries, describing it as a step toward global cooperation in securing public finances through AI.

However, civil liberties groups have raised concerns about bias and oversight. Previous government AI systems used to detect welfare fraud were found to produce disparities based on age, disability, and nationality.

Campaigners warned that the expanded use of AI in fraud detection risks embedding unfair outcomes if left unchecked.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

UN General Assembly highlights threats of unregulated technology

World leaders opened the 80th UN General Debate with a strong call to keep technology in the service of humanity, warning that without safeguards, rapid advances could widen divides and fuel insecurity. Speakers highlighted the promise of AI, digital innovation, and new technologies, but stressed that global cooperation is essential to ensure they promote development, dignity, and peace.

A recurring theme was the urgent need for universal guardrails on AI, with concerns over regulation lagging behind its fast-paced growth. Delegates from across regions supported multilateral governance, ethical standards, and closing global capacity gaps so that all countries can design, use, and benefit from AI.

While some warned of risks such as inequality, social manipulation, and autonomous weapons, others emphasised AI’s potential for prosperity, innovation, and inclusive growth.

Cybersecurity and cybercrime also drew attention, with calls for collective security measures and anticipation of a new UN convention against cybercrime. Leaders further raised alarms over disinformation, digital authoritarianism, and the race for critical minerals, urging fair access and sustainability.

Across the debate, the unifying message was clear. The technology must uplift humanity, protect rights, and serve as a force for peace rather than domination.

For more information from the 80th session of the UN General Assembly, visit our dedicated page.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Arrest made in Heathrow airport cyberattack case

A 40-year-old man has been arrested in West Sussex in connection with a cyberattack that caused major disruption across several European airports, including London’s Heathrow. The arrest was confirmed by the UK’s National Crime Agency (NCA), which is leading the investigation.

The incident targeted Collins Aerospace, a key provider of airline baggage and check-in software. The attack triggered system failures that forced staff at multiple airports to revert to manual check-in processes, resulting in hundreds of flight delays and frustration for passengers.

The NCA described the case as being in its early stages, with inquiries ongoing into the scale of the attack and the suspect’s potential role. Authorities have not yet confirmed whether others may be involved or what the broader motives behind the cyber-attack were.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU demands answers from Apple, Google, Microsoft and Booking.com on scam risks

The European Commission has asked Apple, Booking.com, Google and Microsoft how they tackle financial scams under the Digital Services Act. The inquiry covers major platforms and search engines, including Apple App Store, Google Play, Booking.com, Bing and Google Search.

Officials want to know how these companies detect fraudulent content and what safeguards they use to prevent scams. For app stores, the focus is on fake financial applications imitating legitimate banking or trading services.

For Booking.com, attention is paid to fraudulent accommodation listings, while Bing and Google Search face scrutiny over links and ads, leading to scam websites.

The Commission asked platforms how they verify business identities under ‘Know Your Business Customer’ rules to prevent harm from suspicious actors. Companies must also share details of their ad repositories, enabling regulators and researchers to spot fraudulent ads and patterns.

By taking these steps, the Commission aims to ensure that actions under the DSA complement broader consumer protection measures already in force across the European Union.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

European action targets major cryptocurrency investment scam

Eurojust has coordinated a large-scale operation to dismantle a cryptocurrency fraud scheme worth more than €100 million across Europe. The action, requested by Spanish and Portuguese authorities, resulted in the arrest of five suspects, including the alleged mastermind.

Victims from Germany, France, Italy, Spain and other countries were lured into false investment platforms promising high returns.

Investigations revealed that funds were funnelled mainly through Lithuanian bank accounts to launder the illicit proceeds. Victims were later asked to pay additional fees to recover their money, after which the fraudulent websites vanished, leaving many with severe losses.

The scheme has been running since 2018, affecting people in 23 countries.

Authorities in Spain, Portugal, Italy, Romania and Bulgaria conducted searches and froze bank accounts and financial assets. Eurojust backed a Spain-Lithuania investigation team, while Europol sent a cryptocurrency expert to support operations in Portugal.

The coordinated action also relied on European Arrest Warrants, Investigation Orders and freezing orders. National agencies and prosecutors across Europe united in one of the most significant efforts against cryptocurrency fraud.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Stellantis hit by breach affecting millions of customers

Stellantis, the parent company of Jeep, Chrysler and Dodge, has disclosed a data breach affecting its North American customer service operations.

The company said it recently discovered unauthorised access to a third-party service platform and confirmed that customer contact details were exposed. Stellantis stressed that no financial information was compromised and that affected customers and regulators are being notified.

Cybercriminal group ShinyHunters has claimed responsibility, telling tech site BleepingComputer it had stolen over 18 million Salesforce records from the automaker, including names and contact information. Stellantis has not confirmed the number of records involved.

ShinyHunters has targeted several global firms this year, including Google, Louis Vuitton and Allianz Life, often using voice phishing to trick employees into downloading malicious software. The group claims to have stolen 1.5 billion Salesforce records from more than 700 companies worldwide.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Jaguar shutdown extended as ministers meet suppliers

Jaguar Land Rover (JLR) has confirmed its factories will remain closed until at least 1 October, extending a shutdown triggered by a cyber-attack in late August.

Business Secretary Peter Kyle and Industry Minister Chris McDonald are meeting JLR and its suppliers, as fears mount that small firms in the supply chain could collapse without the support of the August cyberattack.

The disruption, estimated to cost JLR £50m per week, affects UK plants in Solihull, Halewood and Wolverhampton. About 30,000 people work directly for JLR, with a further 100,000 in its supply chain.

Unions say some supplier staff have been laid off with little or no pay, forcing them to seek Universal Credit. Unite has called for a furlough-style scheme, while MPs have pressed the government to consider emergency loans.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot