Critical infrastructure

EU prolongs sanctions for cyberattackers until 2026

The EU Council has extended its sanctions on cyberattacks until May 18, 2026, with the legal framework for enforcing these measures now lasting until 2028. The sanctions target individuals and institutions involved in cyberattacks that pose a significant threat to the EU and its members.

The extended measures will allow the EU to impose restrictions on those responsible for cyberattacks, including freezing assets and blocking access to financial resources.

These actions may also apply to attacks against third countries or international organisations, if necessary for EU foreign and security policy objectives.

At present, sanctions are in place against 17 individuals and four institutions. The EU’s decision highlights its ongoing commitment to safeguarding its digital infrastructure and maintaining its foreign policy goals through legal actions against cyber threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cyber attack disrupts Edinburgh school networks

Thousands of Edinburgh pupils were forced to attend school on Saturday after a phishing attack disrupted access to vital online learning resources.

The cyber incident, discovered on Friday, prompted officials to lock users out of the system as a precaution, just days before exams.

Approximately 2,500 students visited secondary schools to reset passwords and restore their access. Although the revision period was interrupted, the council confirmed that no personal data had been compromised.

Scottish Council staff acted swiftly to contain the threat, supported by national cyber security teams. Ongoing monitoring is in place, with authorities confident that exam schedules will continue unaffected.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft expands cloud push across Europe

Microsoft has unveiled a new set of commitments aimed at strengthening its digital presence across Europe, pledging to expand cloud and AI infrastructure while supporting the region’s economic competitiveness.

Announced by Microsoft President Brad Smith in Brussels, the ‘European Digital Commitments’ include a promise to increase European data centre capacity by 40% within two years, bringing the total to over 200 across 16 countries.

Smith explained that Microsoft’s goal is to provide technology that helps individuals and organisations succeed, rather than simply expanding its reach. He highlighted AI as essential to modern economies, describing it as a driving force behind what he called the ‘AI economy.’

Alongside job creation, Microsoft hopes its presence will spark wider economic benefits for customers and partners throughout the continent.

To ease concerns around data security, particularly in light of USEU geopolitical tensions, Microsoft has added clauses in agreements with European institutions allowing it to legally resist any external order to halt operations in Europe.

If such efforts failed, Microsoft has arranged for European partners to access its code stored securely in Switzerland, instead of allowing disruptions to affect vital digital services.

Although Microsoft’s investments stand to benefit Europe, they also underscore the company’s deep dependence on the region, with over a quarter of its business based there.

Smith insisted that Microsoft’s global success would not have been possible without its European footprint, and called for continued cooperation across the Atlantic—even in the face of potential tariff disputes or political strains.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Starkville Utilities hit by cyberattack

Starkville Utilities, a Mississippi-based electricity and water provider that also services Mississippi State University, has revealed a data breach that may have exposed sensitive information belonging to over 11,000 individuals.

The breach, which was first detected in late October last year, led the company to disconnect its network in an attempt to contain the intrusion.

Despite these efforts, an investigation later found that attackers may have accessed personal data, including full names and Social Security numbers. Details were submitted to the Maine Attorney General’s Office, confirming the scale of the breach and the nature of the data involved.

While no reports of identity theft have emerged since the incident, Starkville Utilities has chosen to offer twelve months of free identity protection services to those potentially affected. The company maintains that it is taking additional steps to improve its cybersecurity defences.

Stolen data such as Social Security numbers often ends up on underground marketplaces instead of staying idle, where it can be used for identity fraud and other malicious activities.

The incident serves as yet another reminder of the ongoing threat posed by cybercriminals targeting critical infrastructure and user data.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China’s quantum breakthroughs push urgent need for post-quantum security

The global cybersecurity community faces a ticking clock. China’s rapid advances in quantum computing, combined with insufficient global investment in quantum-safe cryptography, have placed Chief Information Security Officers (CISOs) at a critical crossroads.

With an estimated remediation timeline of seven years for most organisations, experts warn that critical systems are already at risk of future quantum attacks.

Quantum computing’s potential is often likened to a ‘Quantum Key’ capable of simultaneously testing every possible lock combination—effectively rendering today’s encryption obsolete.

If realised, such capabilities could expose every encrypted email, financial transaction, and state secret currently thought to be secure.

A 2024 report from the Global Risk Institute estimated a 5–14% chance that RSA-2048 encryption could be broken by 2029, rising to 19–34% by 2034. Those estimates, however, may already be outdated.

In early 2025, Chinese researchers unveiled breakthroughs in photonic quantum chips and a 72-qubit quantum processor named ‘Origin Wukong,’ capable of fine-tuning billion-parameter AI models. Earlier, in October 2024, Chinese scientists published a method for breaking RSA encryption.

With China reportedly investing $10–15 billion in quantum development—vastly outpacing the US, EU, and Microsoft’s combined commitments—there are growing fears that the West is losing the quantum arms race.

The geopolitical consequences of quantum dominance could be immediate and devastating. From unlocking encrypted communications to enabling undetectable weapons systems, a lead in quantum technology may deliver military and economic supremacy

The ‘harvest now, decrypt later’ strategy—where sensitive data is collected now to be decrypted when quantum computing is mature—presents an especially urgent concern for governments, banks, and healthcare providers.

Despite the looming threat, many organisations are underprepared. The long remediation period—estimated at over seven years for full transition—means that even proactive companies are not immune to future breaches.

The National Institute of Standards and Technology (NIST) has recommended the ML-KEM algorithm for post-quantum cryptography, with the HQC algorithm selected as a backup.

In contrast, China launched its own national cryptographic competition (NGCC) in early 2025, signalling distrust of foreign standards and intent to develop domestic alternatives.

To prepare for a post-quantum world, organisations should act now:

  • Conduct discovery: Identify systems reliant on RSA or ECC encryption, and catalogue keys based on risk.
  • Engage vendors: Ask suppliers about their post-quantum transition plans and expected compliance timelines.
  • Build a team: Assemble a multidisciplinary group including cryptography specialists, project managers, architects, and change leaders to lead a 5–7 year remediation program.

The systems most vulnerable to quantum threats include public-key cryptography (RSA, ECC), SSL/TLS protocols, secure messaging platforms, and cryptocurrency infrastructure.

By contrast, legacy and non-networked systems without encryption are generally considered low risk.

While some may compare this to the Y2K scare, there’s a critical difference: Y2K had a known deadline. The quantum threat has no set arrival date.

As with a surprise exam, unpreparedness can be far more dangerous. Still, the transition will likely unfold gradually rather than overnight, giving early movers a significant advantage.

The message is clear: the time to begin migrating to quantum-resistant cryptography is now. The future of national security, economic stability, and digital privacy may well depend on who gets there first.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft bans DeepSeek app for staff use

Microsoft has confirmed it does not allow employees to use the DeepSeek app, citing data security and propaganda concerns.

Speaking at a Senate hearing, company president Brad Smith explained the decision stems from fears that data shared with DeepSeek could end up on Chinese servers and be exposed to state surveillance laws.

Although DeepSeek is open source and widely available, Microsoft has chosen not to list the app in its own store.

Smith warned that DeepSeek’s answers may be influenced by Chinese government censorship and propaganda, and its privacy policy confirms data is stored in China, making it subject to local intelligence regulations.

Interestingly, Microsoft still offers DeepSeek’s R1 model via its Azure cloud service. The company argued this is a different matter, as customers can host the model on their servers instead of relying on DeepSeek’s infrastructure.

Even so, Smith admitted Microsoft had to alter the model to remove ‘harmful side effects,’ although no technical details were provided.

While Microsoft blocks DeepSeek’s app for internal use, it hasn’t imposed a blanket ban on all chatbot competitors. Apps like Perplexity are available in the Windows store, unlike those from Google.

The stance against DeepSeek marks a rare public move by Microsoft as the tech industry navigates rising tensions over AI tools with foreign links.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

LockBit ransomware Bitcoin addresses exposed

Nearly 60,000 Bitcoin addresses linked to LockBit’s ransomware operations have been exposed following a major breach of the group’s dark web affiliate panel.

The leak, which included a MySQL database dump, was shared publicly online and could assist blockchain analysts in tracing LockBit’s financial activity instead of leaving such transactions untracked.

Despite the scale of the breach, no private keys were leaked. A LockBit representative reportedly confirmed the incident in a message, stating that no sensitive access data was compromised.

However, the exposed database included 20 tables, such as one labelled ‘builds’ that contained details about ransomware created by affiliates and their targeted companies.

Another table, ‘chats,’ revealed over 4,400 messages from negotiations between victims and LockBit operators, offering a rare glimpse into the inner workings of ransomware extortion tactics.

Analysts believe the hack may be connected to a separate breach of the Everest ransomware site, as both featured identical messages, hinting at a possible link.

The incident has again underscored the central role of cryptocurrency in the ransomware economy. Each victim is typically given a unique address for payments, making tracking difficult.

Instead of remaining hidden, these addresses now give law enforcement and blockchain experts a chance to trace payments and potentially link them to previously unidentified actors.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AMD faces a $1.5 billion loss from US chip curbs

AMD expects to lose around US$1.5 billion in revenue this year because of new US export restrictions on advanced AI chips, which now require a licence to be sold to China.

The US government, under both the Biden and Trump administrations, has tightened curbs on chip exports in an effort to slow China’s progress in developing powerful AI systems, citing national security risks.

China makes up roughly a quarter of AMD’s total revenue, so these measures could reduce AMD’s expected annual earnings by almost 5 per cent.

Despite this setback, AMD posted stronger-than-expected second-quarter revenue guidance, forecasting around US$7.4 billion, likely driven by customers rushing to stockpile chips before the new rules fully take effect.

CEO Lisa Su said the impact from the curbs would be mostly felt during the second and third quarters, yet she still expects revenue from the company’s AI data centre chips to grow by strong double digits in 2024.

AMD’s finance chief Jean Hu clarified the projected US$1.5 billion revenue loss is tied directly to the latest export controls introduced in April.

Although AMD is under pressure, demand for its high-performance chips remains solid, with tech giants like Microsoft and Meta continuing to invest heavily in AI infrastructure.

The company’s data centre division saw sales jump 57 per cent to US$3.7 billion, helping push total revenue up 36 per cent to US$7.44 billion—both figures exceeding analyst expectations. Adjusted earnings stood at 96 cents per share, slightly above estimates.

Rival chipmaker Nvidia has also warned it now requires a licence to export to China and faces an even larger US$5.5 billion hit.

Meanwhile, other tech firms didn’t fare as well—Marvell Technology and Super Micro disappointed investors, with shares falling after they issued weaker outlooks, adding further signs of turbulence in the chip sector.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Hackers target UK retailers with fake IT calls

British retailers are facing a new wave of cyberattacks as hackers impersonate IT help desk staff to infiltrate company systems. The National Cyber Security Centre (NCSC) has issued an urgent warning following breaches at major firms including Marks & Spencer, Co-op, and Harrods.

Attackers use sophisticated social engineering tactics—posing as locked-out employees or IT support staff—to trick individuals into giving up passwords and security details. The NCSC urges companies to strengthen how their IT help desks verify employee identities, particularly when handling password resets for senior staff.

Security experts in the UK recommend using multi-step verification methods and even code words to confirm identities over the phone. These additional layers are vital, as attackers increasingly exploit trust and human error rather than technical vulnerabilities.

While the NCSC hasn’t named any group officially, the style of attack closely resembles the methods of Scattered Spider, a loosely connected network of young, English-speaking hackers. Known for high-profile cyber incidents—including attacks on Las Vegas casinos and public transport systems—the group often coordinates via platforms like Discord and Telegram.

However, those claiming responsibility for the latest breaches deny links to Scattered Spider, calling themselves ‘DragonForce.’ Speaking to the BBC, the group claimed to have stolen significant customer and employee data from Co-op and hinted at more disruptions in the future.

The NCSC is investigating with law enforcement to determine whether DragonForce is a new player or simply a rebranded identity of the same well-known threat actors.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Trump eases auto tariffs amid industry concerns

President Donald Trump has signed executive orders easing his controversial 25% tariffs on automobiles and parts, aiming to relieve pressure on carmakers struggling with rising costs.

The move follows warnings from manufacturers and analysts that the tariffs could inflate prices, harm domestic production and slow the industry’s recovery. Trump framed the measure as a temporary bridge, allowing automakers time to shift more manufacturing into the US instead of facing harsh penalties.

The changes include a short-term rebate system tied to the proportion of foreign parts used in vehicles assembled domestically. Automakers have been told they’ll have two years of reduced levies, giving them time to reconfigure supply chains and invest in new US-based facilities.

Officials claim announcements on job creation and plant expansion are expected soon, with companies like Stellantis, Ford, and GM praising the policy shift as a step toward competitiveness rather than an immediate fix.

However, some experts warn that the industry needs stability instead of unpredictable policy swings. They argue that relocating production takes years and billions in investment, not mere months.

With vehicle prices already high and supply chains stretched, economists question whether the tariff adjustments can offset the broader economic risks posed by Trump’s wider trade strategy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!