Critical infrastructure

Cloud and AI growth fuels EU push for greener data centres

Europe’s growing demand for cloud and AI services is driving a rapid expansion of data centres across the EU.

Policymakers now face the difficulty of supporting digital growth instead of undermining climate targets, yet reliable sustainability data remains scarce.

Operators are required to report on energy consumption, water usage, renewable sourcing and heat reuse, but only around one-third have submitted complete data so far.

Brussels plans to introduce a rating scheme from 2026 that grades data centres on environmental performance, potentially rewarding the most sustainable new facilities with faster approvals under the upcoming Cloud and AI Development Act.

Industry groups want the rules adjusted so operators using excess server heat to warm nearby homes are not penalised. Experts also argue that stronger auditing and stricter application of standards are essential so reported data becomes more transparent and credible.

Smaller data centres remain largely untracked even though they are often less efficient, while colocation facilities complicate oversight because customers manage their own servers. Idle machines also waste vast amounts of energy yet remain largely unmeasured.

Meanwhile, replacing old hardware may improve efficiency but comes with its own environmental cost.

Even if future centres run on cleaner power and reuse heat, the manufacturing footprint of the equipment inside them remains a major unanswered sustainability challenge.

Policymakers say better reporting is essential if the EU is to balance digital expansion with climate responsibility rather than allowing environmental blind spots to grow.

Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI tool helps find new treatments for heart disease

A new ΑΙ system developed at Imperial College London could accelerate the discovery of treatments for heart disease by combining detailed heart scans with huge medical databases.

Cardiovascular disease remains the leading cause of death across the EU, accounting for around 1.7 million deaths every year, so researchers believe smarter tools are urgently needed.

The AI model, known as CardioKG, uses imaging data from thousands of UK Biobank participants, including people with heart failure, heart attacks and atrial fibrillation, alongside healthy volunteers.

By linking information about genes, medicines and disease, the system aims to predict which drugs might work best for particular heart conditions instead of relying only on traditional trial-and-error approaches.

Among the medicines highlighted were methotrexate, normally used for rheumatoid arthritis, and diabetes drugs known as gliptins, which the AI suggested could support some heart patients.

The model also pointed to a possible protective effect from caffeine among people with atrial fibrillation, although researchers warned that individuals should not change their caffeine intake based on the findings alone.

Scientists say the same technology could be applied to other health problems, including brain disorders and obesity.

Work is already under way to turn the knowledge graph into a patient-centred system that follows real disease pathways, with the long-term goal of enabling more personalised and better-timed treatment.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Data breach exposes users of major patient portal ManageMyHealth

More than 108,000 users of ManageMyHealth may have had their information exposed following a data breach affecting one of the country’s largest patient portals. The incident occurred on Wednesday and is believed to have affected between 6% and 7% of the platform’s 1.8 million registered users.

ManageMyHealth said affected users will be contacted within 48 hours with details about whether and how their data was accessed. Chief executive Vino Ramayah said the company takes the protection of health information extremely seriously and acknowledged the stress such incidents can cause.

He confirmed that the Office of the Privacy Commissioner has been notified and is working with the company to meet legal obligations.

Health Minister Simeon Brown described the breach as concerning but stated that there was no evidence to suggest that Health New Zealand systems, including My Health Account, had been compromised. He added that health services were continuing to operate as normal and that there had been no clinical impact on patient care.

Health New Zealand said it is coordinating with the National Cyber Security Centre and other agencies to understand the scope of the breach and ensure appropriate safeguards are in place.

Officials stressed expectations around security standards, transparency and clear communication, while ongoing engagement with primary care providers and GPs continues.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Hawaii warns residents about phishing using fake government sites

State officials have warned the public about a phishing campaign using the fake domain codify.inc to impersonate official government websites. Cybercriminals aim to steal personal information and login credentials from unsuspecting users.

Several state agencies are affected, including the departments of Labor and Industrial Relations, Education, Health, Transportation, and many others. Fraudulent websites often mimic official URLs, such as dlir.hi.usa.codify.inc, and may use AI-based services to entice users.

Residents are urged to verify website addresses carefully. Official government portals will always end in .gov, and any other extensions like .inc or .co are not legitimate. Users should type addresses directly into their browsers rather than clicking links in unsolicited emails or texts.

Suspicious websites should be reported to the State of Hawaii at soc@hawaii.gov to help protect other residents from falling victim to the scam.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

AI malware emerges as major cybersecurity threat

Cybersecurity experts are raising alarms as AI transitions from a theoretical concern to an operational threat. The H2 2025 ESET Threat Report shows AI-powered malware is now targeting systems globally, raising attack sophistication.

PromptLock, the first AI-driven ransomware, uses a dual-component system to generate unique scripts for each target. The malware autonomously decides to exfiltrate, encrypt, or destroy data, using a feedback loop to ensure reliable execution.

Other AI threats include PromptFlux, which rewrites malware for persistence, and PromptSteal, which harvests sensitive files. These developments highlight the growing capabilities of attackers using machine learning models to evade traditional defences.

The ransomware-as-a-service market is growing, with Qilin, Akira, and Warlock using advanced evasion techniques. The convergence of AI-driven malware and thriving ransomware economies presents an urgent challenge for organisations globally.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Romania’s Oltenia Energy Complex reports a serious ransomware breach

A ransomware attack has disrupted the Oltenia Energy Complex, Romania’s largest coal-based power producer, after hackers encrypted key IT systems in the early hours of 26 December.

The state-controlled company confirmed that the Gentlemen ransomware strain locked corporate files and disabled core services, including ERP platforms, document management tools, email and the official website.

The organisation isolated affected infrastructure and began restoring services from backups on new systems instead of paying a ransom. Operations were only partially impacted and officials stressed that the national energy system remained secure, despite the disruption across business networks.

A criminal complaint has been filed. Additionally, both the National Directorate of Cyber Security of Romania and the Ministry of Energy have been notified.

Investigators are still assessing the scale of the breach and whether sensitive data was exfiltrated before encryption. The Gentlemen ransomware group has not yet listed the energy firm on its dark-web leak site, a sign that negotiations may still be underway.

An attack that follows a separate ransomware incident that recently hit Romania’s national water authority, underlining the rising pressure on critical infrastructure organisations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China proposes strict AI rules to protect children

China has proposed stringent new rules for AI aimed at protecting children and preventing chatbots from providing advice that could lead to self-harm, violence, or gambling.

The draft regulations, published by the Cyberspace Administration of China (CAC), require developers to include personalised settings, time limits, and parental consent for services offering emotional companionship.

High-risk chats involving self-harm or suicide must be passed to a human operator, with guardians or emergency contacts alerted. AI providers must not produce content that threatens national security, harms national honour, or undermines national unity.

The rules come as AI usage surges, with platforms such as DeepSeek, Z.ai, and Minimax attracting millions of users in China and abroad. The CAC supports safe AI use, including tools for local culture and elderly companionship.

The move reflects growing global concerns over AI’s impact on human behaviour. Notably, OpenAI has faced legal challenges over alleged chatbot-related harm, prompting the company to create roles focused on tracking AI risks to mental health and cybersecurity.

China’s draft rules signal a firm approach to regulating AI technology as its influence expands rapidly.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Lawsuit against Roskomnadzor over WhatsApp and Telegram calls dismissed

A Moscow court has dismissed a class action lawsuit filed against Russia’s state media regulator Roskomnadzor and the Ministry of Digital Development by users of WhatsApp and Telegram. The ruling was issued by a judge at the Tagansky District Court.

The court said activist Konstantin Larionov failed to demonstrate he was authorised to represent messaging app users. The lawsuit claimed call restrictions violated constitutional rights, including freedom of information and communication secrecy.

The case followed Roskomnadzor’s decision in August to block calls on WhatsApp and Telegram, a move officials described as part of anti-fraud efforts. Both companies criticised the restrictions at the time.

Larionov and several dozen co-plaintiffs said the measures were ineffective, citing central bank data showing fraud mainly occurs through traditional calls and text messages. The plaintiffs also argued the restrictions disproportionately affected ordinary users.

Larionov said the group plans to appeal the decision and continue legal action. He has described the lawsuit as an attempt to challenge what he views as politically motivated restrictions on communication services in Russia.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Health insurer Aflac suffers breach affecting 22.6 million

Aflac, a health and life insurer in the US, revealed that a cyberattack discovered in June affected over 22.6 million individuals. Personal and claims information, including social security numbers, may have been accessed.

The investigation found the attack likely originated from the Scattered Spider cybercrime group. Authorities were notified, and third-party cybersecurity experts were engaged to contain the incident.

Systems remained operational, and no ransomware was detected, with containment achieved within hours. Notifications have begun, and the insurer continues to monitor for potential fraudulent use of data.

Class-action lawsuits have been filed in response to the incident, which also affected employees, agents, and other related individuals. Erie and Philadelphia Insurance previously reported network issues linked to similar threats.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Europe tightens cybersecurity around satellites

European governments are intensifying their efforts to safeguard satellites from cyberattacks as space becomes an increasingly vital front in modern security and hybrid warfare. Once seen mainly as technical infrastructure, satellites are now treated as strategic assets, carrying critical communications, navigation, and intelligence data that are attractive targets for espionage and disruption.

Concerns intensified after a 2022 cyberattack on the Viasat satellite network coincided with Russia’s invasion of Ukraine, exposing how vulnerable space systems can be during geopolitical crises. Since then, the EU institutions have warned of rising cyber and electronic interference against satellites and ground stations, while several European countries have flagged growing surveillance activities linked to Russia and China.

To reduce risks, Europe is investing in new infrastructure and technologies. One example is a planned satellite ground station in Greenland, backed by the European Space Agency, designed to reduce dependence on the highly sensitive Arctic hub in Svalbard. That location currently handles most European satellite data traffic but relies on a single undersea internet cable, making it a critical point of failure.

At the same time, the EU is advancing with IRIS², a secure satellite communication system designed to provide encrypted connectivity and reduce reliance on foreign providers, such as Starlink. Although the project promises stronger security and European autonomy, it is not expected to be operational for several years.

Experts warn that technology alone is not enough. European governments are still clarifying who is responsible for defending space systems, while the cybersecurity industry struggles to adapt tools designed for Earth-based networks to the unique challenges of space. Better coordination, clearer mandates, and specialised security approaches will be essential as space becomes more contested.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!