Cybersecurity

Balancing security and usability in digital authentication

A report by the FIDO Alliance revealed that 53% of consumers observed an increase in suspicious messages in 2024, with SMS, emails, and phone calls being the primary vectors.

As digital scams and AI-driven fraud rise, businesses face growing pressure to strengthen authentication methods without compromising user experience.

No clear standard has emerged despite the range of available authentication options—including passkeys, one-time passwords (OTP), multi-factor authentication (MFA), and biometric systems.

Industry experts warn that focusing solely on advanced tools can lead to overlooking basic user needs. Minor authentication hurdles such as CAPTCHA errors have led to customer drop-offs and failed transactions.

Organisations are exploring risk-based, adaptive authentication models that adjust security levels based on user behaviour and context. The systems could eventually replace static logins with continuous, behind-the-scenes verification.

AI complicates the landscape further. As autonomous assistants handle tasks like booking tickets or making purchases, distinguishing legitimate user activity from malicious bots becomes increasingly tricky.

With no universal solution, experts say businesses must offer a flexible range of secure options tailored to user preferences. The challenge remains to find the right balance between security and usability in an evolving threat environment.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ahold Delhaize breach hits 2 million with data theft

A ransomware attack on Dutch retailer Ahold Delhaize resulted in a significant data breach affecting more than 2.2 million individuals across US businesses.

The breach occurred in November 2024 following network disruptions at supermarket chains, including Giant Food, Food Lion, and Stop & Shop.

The Inc Ransom group claimed responsibility in April 2025, stating it exfiltrated around 6 TB of data. The company confirmed that stolen files included employment records containing sensitive personal and financial information, with some data already posted on the dark web.

Affected individuals are now notified and offered two years of free identity protection services. The compromised data includes names, Social Security numbers, contact details, and medical and employment information.

Supermarkets have become a growing target in recent cyber campaigns. In April, UK retailers such as M&S and Harrods were also attacked, while distributor UNFI faced major disruptions earlier this month.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ransomware victims still paying, Sophos finds

Nearly half of ransomware victims paid the attackers last year, according to Sophos. In its 2025 survey of 3,400 IT pros, 49% admitted to making payments—just below last year’s record.

Ransom amounts dropped significantly, with median payments falling 50% and demand amounts down a third. Yet backup usage also hit a six-year low, used by just 54% of firms for recovery.

Attackers often exploited known vulnerabilities (32%) or unknown security gaps (40%), highlighting persistent weaknesses. Sophos noted many companies now accept ransomware as a business risk.

CISA warned that CVE-2024-54085 in AMI MegaRAC firmware is under active exploitation elsewhere. The bug allows attackers to bypass authenticating remotely.

Varonis flagged abuse of Microsoft’s Direct Send email feature in a phishing campaign affecting over 70 organisations. Disabling it is advised if not essential.

Rapid7 also found critical vulnerabilities in Brother printers. One flaw rated CVSS 9.8, allows password theft and cannot be patched—users must change defaults.

Finally, Google will roll out new Gemini AI features to Android users starting on July 7, even for those with app activity disabled.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cybercrime surge hits airlines across North America

According to the FBI and cybersecurity experts, a well-known cybercrime group has launched fresh attacks on the airline industry, successfully breaching the networks of several airlines in the US and Canada.

The hackers, identified as ‘Scattered Spider’, are known for aggressive extortion tactics and are now shifting their focus to aviation instead of insurance or retail, their previous targets.

Airline security teams remain on high alert despite no flights or operations being disrupted. Hawaiian Airlines and Canada’s WestJet have acknowledged recent cyber incidents, while sources suggest more affected companies may step forward soon.

Both airlines reported no impact on day-to-day services, likely due to solid internal defences and continuity planning.

The attackers often exploit help desks by impersonating employees or customers to access corporate systems. Experts warn that airline call centres are especially vulnerable, given their importance to customer support.

Cybersecurity firms, including Mandiant, are now supporting the response and advising firms to reinforce these high-risk entry points.

Scattered Spider has previously breached major casinos, insurance, and retail companies. The FBI confirmed it is working with aviation partners to contain the threat and assist victims.

Industry leaders remain alert, noting that airlines, IT contractors, and vendors across the aviation sector are at risk from the escalating threat.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Hacktivist attacks surge in Iran–Israel tensions

The Iran–Israel conflict has now expanded into cyberspace, with rival hacker groups launching waves of politically driven attacks.

Following Israel’s military operation against Iran, pro-Israeli hackers known as ‘Predatory Sparrow‘ struck Iran’s Sepah Bank, deleting data and causing significant service disruption.

A day later, the same group targeted Nobitex, Iran’s largest crypto exchange, stealing and destroying over $90 million in assets.

Cyber attacks intensified in the days before and after Israeli strikes. According to NSFOCUS, cyberattacks on Iran peaked three days before the military operation, suggesting pre-attack reconnaissance.

In retaliation, pro-Iranian hackers escalated attacks on Israel on 16 June, focusing on government systems, aerospace, and education.

While attacks on Iran have been fewer, Israeli systems have faced over 1,300 attacks in 2025 alone, with 37% of all global hacktivist activity aimed at Israel since the conflict began.

However, analysts note these attacks have been high in volume but limited in impact. Their malware tactics involve evading antivirus software, deleting data, and turning off recovery systems.

NSFOCUS warns that geopolitical tensions are turning hacktivist groups into informal cyber proxies. Though not formally state-backed, these loosely organised actors align closely with national interests.

As traditional defences lag, cybersecurity experts argue that national infrastructure must adopt more strategic, coordinated defence measures instead of fragmented responses, especially during crises and conflicts.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google Doppl, the new AI app, turns outfit photos into try-on videos

Google has unveiled Doppl, a new AI-powered app that lets users create short videos of themselves wearing any outfit they choose.

Instead of relying on imagination or guesswork, Doppl allows people to upload full-body photos and apply outfits seen on social media, thrift shops, or friends, creating animated try-ons that bring static images to life.

The app builds on Google’s earlier virtual try-on tools integrated with its Shopping Graph. Doppl pushes things further by transforming still photos into motion videos, showing how clothes flow and fit in movement.

Users can upload their full-body image or choose an AI model to preview outfits. However, Google warns that the fit and details might not always be accurate at an early stage.

Doppl is currently only available in the US for Android and iOS users aged 18 or older. While Google encourages sharing videos with friends and followers, the tool raises concerns about misuse, such as generating content using photos of others.

Google’s policy requires disclosure if someone impersonates another person, but the company admits that some abuse may occur. To address the issue, Doppl content will include invisible watermarks for tracking.

In its privacy notice, Google confirmed that user uploads and generated videos will be used to improve AI technologies and services. However, data will be anonymised and separated from user accounts before any human review is allowed.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Dutch government to build AI plant with €70 million pledge

The Dutch government has pledged €70 million to build a new AI facility in Groningen to establish a European hub for AI research and development.

A consortium of Dutch organisations will manage the plant and focus on healthcare, agriculture, defence and energy applications.

The government is also seeking an additional €70 million in EU co-financing and has welcomed a separate €60 million contribution from the Groningen regional administration.

The plant is expected to be commissioned in 2026 and reach operation by early 2027 if funding is secured.

Minister of Economic Affairs Vincent Karremans emphasised the need to develop domestic AI capacity, warning that dependence on foreign technologies could threaten national competitiveness and digital independence.

‘Those who do not develop the technology themselves depend on others, ’ Karremans said on the government’s website.

European countries have grown increasingly concerned over their reliance on AI technologies developed by US companies.

The Groningen initiative marks a broader effort by the EU to build its own AI infrastructure instead of leaving strategic control in foreign hands.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Path forward for global digital cooperation debated at IGF 2025

At the 20th Internet Governance Forum (IGF) in Lillestrøm, Norway, policymakers, civil society, and digital stakeholders gathered to chart the future of global internet governance through the WSIS+20 review. With a high-level UN General Assembly meeting scheduled for December, co-facilitators from Kenya and Albania emphasised the need to update the World Summit on the Information Society (WSIS) framework while preserving its original, people-centred vision.

They underscored the importance of inclusive consultations, highlighting a new multistakeholder sounding board and upcoming joint sessions to enhance dialogue between governments and broader communities. The conversation revolved around the evolving digital landscape and how WSIS can adapt to emerging technologies like AI, data governance, and digital public infrastructure.

While some participants favoured WSIS as the primary global framework, others advocated for closer synergy with the Global Digital Compact (GDC), stressing the importance of coordination to avoid institutional duplication. Despite varied views, there was widespread consensus that the existing WSIS action lines, being technology-neutral, can remain relevant by accommodating new innovations.

Speakers from the government, private sector, and civil society reiterated the call to permanently secure the IGF’s mandate, praising its unique ability to foster open, inclusive dialogue without the pressure of binding negotiations. They pointed to IGF’s historical success in boosting internet connectivity and called for more tangible outputs to influence policymaking.

National-level participation, especially from developing countries, women, youth, and marginalised communities, was identified as crucial for meaningful engagement.

The session ended on a hopeful note, with participants expressing a shared commitment to a more inclusive and equitable digital future. As the December deadline looms, the global community faces the task of turning shared principles into concrete action, ensuring digital governance mechanisms remain cooperative, adaptable, and genuinely representative of all voices.

Track all key moments from the Internet Governance Forum 2025 on our dedicated IGF page.

How can technical standards bridge or broaden the digital divide?

At the Internet Governance Forum 2025 in Lillestrøm, Norway, the Freedom Online Coalition convened a diverse panel to explore how technical standards shape global connectivity and inclusion. The session, moderated by Laura O’Brien, Senior International Counsel at Access Now, highlighted how open and interoperable standards can empower underserved communities.

Divine Agbeti, Director General of the Cybersecurity Authority of Ghana, shared how mobile money systems helped bring over 80% of Ghana’s adult population into the digital financial fold—an example of how shared standards translate into real-world impact, especially across Africa. However, the conversation quickly turned to the systemic barriers that exclude many from the standard-setting process itself.

ICANN’s At-Large Advisory Committee member emphasised challenges like high membership fees, lack of transparency, English-only proceedings, and complex technical jargon.

Stephanie Borg Psaila, Director of Digital Policy at Diplo, presented detailed research mapping these hurdles across bodies like ITU, ICANN, and IETF, and called for reforms such as multilingual interpretation, hybrid meeting formats, and adjusted membership models to enable broader civil society participation.

Stephanie Borg Psaila

Security and infrastructure governance also featured prominently. Rose Payne, Policy and Advocacy Lead at Global Partners Digital, spotlighted the role of technical standards in safeguarding subsea cables—which carry 95–99% of transnational data—but also pointed to the limitations of technical solutions when facing geopolitical threats.

She underscored the urgency of updating international legal frameworks like UNCLOS and fostering cooperation between governments, the private sector, and civil society. Alex Walden, Global Head of Human Rights at Google, also reaffirmed the private sector’s role in investing in global connectivity while advocating for human rights-based frameworks and inclusive multistakeholder participation.

While the session closed on a constructive note, tensions emerged during the Q&A. Technical community members like Colin Perkins (University of Glasgow) and Harold, a technologist and civil society advocate, challenged the panel’s framing, arguing that distinctions between technical and civil society actors are often artificial and counterproductive.

Panellists responded diplomatically, acknowledging the need for more nuanced engagement and mutual understanding. Despite differing views, the forum concluded with shared commitments: dismantling barriers to participation, building cross-sectoral capacity, and grounding technical governance in international human rights from the outset.

Track all key moments from the Internet Governance Forum 2025 on our dedicated IGF page.

DeepSeek struggles to launch R2 amid NVIDIA chip shortage

The launch of DeepSeek’s next-generation AI model, R2, is expected to face delays due to a shortage of NVIDIA H20 chips in China.

These chips, designed specifically for the Chinese market following US export restrictions, are essential for running DeepSeek’s highly optimised models.

The ban on H20 shipments in April has triggered widespread concern among cloud providers about the scalability of R2, especially if it outperforms existing open-source models.

CEO Liang Wenfeng has reportedly held back the model’s release, expressing dissatisfaction with its current performance.

Engineers continue refining R2, but the lack of compatible hardware poses a deeper challenge. DeepSeek’s reliance on NVIDIA architecture makes switching to Chinese chips inefficient, as the models are tightly built for NVIDIA’s software and hardware ecosystem.

Some Chinese firms have begun using workarounds by flying engineers to Malaysia, where NVIDIA chips are still available in local data centres.

After training their models abroad, teams return to China with trained systems. Others rely on gaming GPUs like the RTX 5090, which are easier to access via grey markets despite restrictions.

While Chinese tech giants ordered 1.2 million H20 chips earlier in 2025 to meet demand sparked by R1’s success, inventory is still unlikely to support a full R2 rollout.

Companies outside China may launch R2 more easily without facing the same export hurdles.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!