Critical infrastructure

IHS Nigeria and NSCDC partner to secure telecom infrastructure

IHS Nigeria and the Nigeria Security and Civil Defence Corps (NSCDC) have partnered to enhance the protection of critical telecommunications infrastructure across Nigeria.

The partnership is grounded in national policies that classify telecommunications assets, such as towers and fibre optic networks, as critical national information infrastructure, requiring legal protection and proactive security enforcement.

By addressing issues such as theft, vandalism, and sabotage, the partnership aims to strengthen the reliability and security of telecom services that millions of Nigerians rely on daily.

The NSCDC will provide critical support to IHS Nigeria in essential operational areas including site surveillance, emergency response, incident reporting, and tower decommissioning.

Additionally, the Corps will take an active role in investigating, apprehending, and prosecuting those who violate laws protecting telecommunications infrastructure.

Commenting on the partnership, IHS Nigeria CEO highlighted the importance of working closely with law enforcement to create a safer environment for operations and improve service quality.

He described the initiative as a major step toward enhancing the resilience and availability of connectivity in Nigeria. Similarly, NSCDC Commandant underscored the Corps’ responsibility to protect national infrastructure and described IHS Nigeria as a strategic partner in achieving that mission.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AT&T hit by alleged 31 million record breach

A hacker has allegedly leaked data from 31 million AT&T customers, raising fresh concerns over the security of one of America’s largest telecom providers. The data, posted on a major dark web forum in late May 2025, is said to contain 3.1GB of customer information in both JSON and CSV formats.

Instead of isolated details, the breach reportedly includes highly sensitive data: full names, dates of birth, tax IDs, physical and email addresses, device and cookie identifiers, phone numbers, and IP addresses.

Cybersecurity firm DarkEye flagged the leak, warning that the structured formats make the data easy for criminals to exploit.

If verified, the breach would mark yet another major incident for AT&T. In March 2024, the company confirmed that personal information from 73 million users had been leaked.

Just months later, a July breach exposed call records and location metadata for nearly 110 million customers, with blame directed at compromised Snowflake cloud accounts.

AT&T has yet to comment on the latest claims. Experts warn that the combination of tax numbers and device data could enable identity theft, financial scams, and advanced phishing attacks.

For a company already under scrutiny for past security lapses, the latest breach could further damage public trust.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Victoria’s Secret website hit by cyber attack

Victoria’s Secret’s website has remained offline for three days due to a security incident the company has yet to fully explain. A spokesperson confirmed steps are being taken to address the issue, saying external experts have been called in and some in-store systems were also taken down as a precaution.

Instead of revealing specific details, the retailer has left users with only a holding message on a pink background. It has declined to comment on whether ransomware is involved, when the disruption began, or if law enforcement has been contacted.

The firm’s physical stores continue operating as normal, and payment systems are unaffected, suggesting the breach has hit other digital infrastructure. Still, the shutdown has rattled investors—shares fell nearly seven percent on Wednesday.

With online sales accounting for a third of Victoria’s Secret’s $6 billion annual revenue, the pressure to resolve the situation is high.

The timing has raised eyebrows, as cybercriminals often strike during public holidays like Memorial Day, when IT teams are short-staffed. The attack follows a worrying trend among retailers.

UK giants such as Harrods, Marks & Spencer, and the Co-op have all suffered recent breaches. Experts warn that US chains are becoming the next major targets, with threat groups like Scattered Spider shifting their focus across the Atlantic.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

UK and EU strengthen maritime and cyber security

The UK and the EU have agreed to step up cooperation on cybersecurity as part of a wider defence and security pact.

The new framework, signed on 19 May, marks a major shift towards joint efforts in countering digital threats and hybrid warfare.

Instead of managing these challenges separately, the UK and EU will hold structured dialogues to address cyberattacks, disinformation campaigns, and other forms of foreign interference.

The deal outlines regular exchanges between national security officials, supported by thematic discussions focused on crisis response, infrastructure protection, and online misinformation.

A key aim is to boost resilience against hostile cyber activity by working together on detection, defence, and prevention strategies. The agreement encourages joint efforts to safeguard communication networks, protect energy grids, and strengthen public awareness against information manipulation.

The cooperation is expected to extend into coordinated drills and real-time threat sharing.

While the UK remains outside the EU’s political structure, the agreement positions it as a close cyber security partner.

Future plans include exploring deeper collaboration through EU defence projects and potentially forming a formal link with the European Defence Agency, ensuring that both sides can respond more effectively to emerging digital threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

ABCI-Q goes live as Japan ramps up quantum tech investment

Japan has officially launched the world’s most powerful supercomputer dedicated to quantum computing research. Known as ABCI-Q, the system is housed within the newly opened G-QuAT research centre in Tsukuba, operated by the National Institute of Advanced Industrial Science and Technology (AIST).

G-QuAT (Global Research and Development Centre for Business by Quantum-AI Technology) opened earlier this month with a mission to advance hybrid computing technologies that combine classical computing, such as AI, with quantum systems.

Its work is structured around three main goals: developing use cases for hybrid computing, supporting the quantum technology supply chain, and enabling large-scale qubit integration.

ABCI-Q runs on 2,020 Nvidia H100 GPUs, connected using Nvidia’s Quantum-2 InfiniBand architecture, and integrated with CUDA-Q, Nvidia’s hybrid orchestration platform.

It supports multiple quantum processors, including superconducting qubits from Fujitsu, a neutral atom system by QuEra, and a photonic processor by OptQC—enabling diverse hybrid workloads across different qubit technologies.

The machine’s infrastructure includes 18 cryogenic systems supplied by Bluefors, built to support quantum computers with 1,000+ qubits and thousands of signal paths. G-QuAT has also partnered with IonQ to access its quantum systems via the cloud, bolstering research access and global collaboration.

The launch of ABCI-Q underscores Japan’s ambition to lead in next-generation computing. The government of Japan has committed over ¥330 billion (£1.7 billion) to quantum initiatives between 2020 and 2024.

AIST says the project aims to boost national industrial competitiveness, expand scientific capabilities, and foster a skilled quantum workforce.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EMSA given broader powers for digital maritime threats

The European Maritime Safety Agency (EMSA) is set to take on an expanded role in maritime security, following a provisional agreement between the European Parliament and the Council.

Instead of focusing solely on traditional safety tasks, EMSA will now help tackle modern challenges, including cyber attacks and hybrid threats that increasingly target critical maritime infrastructure across Europe.

The updated mandate enables EMSA to support EU member states and the European Commission with technical, operational and scientific assistance in areas such as cybersecurity, pollution response, maritime surveillance and decarbonisation.

Rather than remaining confined to its original scope, the agency may also adopt new responsibilities as risks evolve, provided such tasks are requested by the Commission or individual countries.

The move forms part of a broader EU legislative package aimed at reinforcing maritime safety rules, improving environmental protections and updating inspection procedures.

The reforms ensure EMSA is equipped with adequate human and financial resources to handle its wider remit and contribute to strategic resilience in an increasingly digital and geopolitically unstable world.

Created in 2002 and based in Lisbon, EMSA plays a central role in safeguarding maritime transport, which remains vital for Europe’s economy and trade.

With more than 2,000 marine incidents reported annually, the agency’s modernised mandate is expected to strengthen the EU’s ability to prevent disruptions at sea and support its broader green and security goals.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Taiwan rebuffs China’s hacking claims as disinformation

Taiwan has rejected accusations from Beijing that its ruling party orchestrated cyberattacks against Chinese infrastructure. Authorities in Taipei instead accused China of spreading false claims in an effort to manipulate public perception and escalate tensions.

On Tuesday, Chinese officials alleged that a Taiwan-backed hacker group linked to the Democratic Progressive Party (DPP) had targeted a technology firm in Guangzhou.

They claimed more than 1,000 networks, including systems tied to the military, energy, and government sectors, had been compromised across ten provinces in recent years.

Taiwan’s National Security Bureau responded on Wednesday, stating that the Chinese Communist Party is manipulating false information to mislead the international community.

Rather than acknowledging its own cyber activities, Beijing is attempting to shift blame while undermining Taiwan’s credibility, the agency said.

Taipei further accused China of long-running cyberattacks aimed at stealing funds and destabilising critical infrastructure. Officials described such campaigns as part of cognitive warfare designed to widen social divides and erode public trust within Taiwan.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Iranian hacker admits role in Baltimore ransomware attack

An Iranian man has pleaded guilty to charges stemming from a ransomware campaign that disrupted public services across several US cities, including a major 2019 attack in Baltimore.

The US Department of Justice announced that 37-year-old Sina Gholinejad admitted to computer fraud and conspiracy to commit wire fraud, offences that carry a maximum combined sentence of 30 years.

Rather than targeting private firms, Gholinejad and his accomplices deployed Robbinhood ransomware against local governments, hospitals and non-profit organisations from early 2019 to March 2024.

The attack on Baltimore alone resulted in over $19 million in damage and halted critical city functions such as water billing, property tax collection and parking enforcement.

Instead of simply locking data, the group demanded Bitcoin ransoms and occasionally threatened to release sensitive files. Cities including Greenville, Gresham and Yonkers were also affected.

Although no state affiliation has been confirmed, US officials have previously warned of cyber activity tied to Iran, allegations Tehran continues to deny.

Gholinejad was arrested at Raleigh-Durham International Airport in January 2025. The FBI led the investigation, with support from Bulgarian authorities. Sentencing is scheduled for August.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU workshop gathers support and scrutiny for the DSA

A packed conference centre in Brussels hosted over 200 stakeholders on 7 May 2025, as the European Commission held a workshop on the EU’s landmark Digital Services Act (DSA).

The pioneering law aims to protect users online by obliging tech giants—labelled as Very Large Online Platforms and Search Engines (VLOPSEs)—to assess and mitigate systemic risks their services might pose to society at least once a year, instead of waiting for harmful outcomes to trigger regulation.

Rather than focusing on banning content, the DSA encourages platforms to improve internal safeguards and transparency. It was designed to protect democratic discourse from evolving online threats like disinformation without compromising freedom of expression.

Countries like Ukraine and Moldova are working closely with the EU to align with the DSA, balancing protection against foreign aggression with open political dialogue. Others, such as Georgia, raise concerns that similar laws could be twisted into tools of censorship instead of accountability.

The Commission’s workshop highlighted gaps in platform transparency, as civil society groups demanded access to underlying data to verify tech firms’ risk assessments. Some are even considering stepping away from such engagements until concrete evidence is provided.

Meanwhile, tech companies have already rolled back a third of their disinformation-related commitments under the DSA Code of Conduct, sparking further concern amid Europe’s shifting political climate.

Despite these challenges, the DSA has inspired interest well beyond EU borders. Civil society groups and international institutions like UNESCO are now pushing for similar frameworks globally, viewing the DSA’s risk-based, co-regulatory approach as a better alternative to restrictive speech laws.

The digital rights community sees this as a crucial opportunity to build a more accountable and resilient information space.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China blames Taiwan for tech company cyberattack

Chinese authorities have accused Taiwan’s ruling Democratic Progressive Party of backing a cyberattack on a tech company based in Guangzhou.

According to public security officials in the city, an initial police investigation linked the attack to a foreign hacker group allegedly supported by the Taiwanese government.

The unnamed technology firm was reportedly targeted in the incident, with local officials suggesting political motives behind the cyber activity. They claimed Taiwan’s Democratic Progressive Party had provided backing instead of the group acting independently.

Taiwan’s Mainland Affairs Council has not responded to the allegations. The ruling DPP has faced similar accusations before, which it has consistently rejected, often describing such claims as attempts to stoke tension rather than reflect reality.

A development like this adds to the already fragile cross-strait relations, where cyber and political conflicts continue to intensify instead of easing, as both sides exchange accusations in an increasingly digital battleground.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!