Critical infrastructure

NHS patient death linked to cyber attack delays

A patient has died after delays caused by a major cyberattack on NHS services, King’s College Hospital NHS Foundation Trust has confirmed. The attack, targeting pathology services, resulted in a long wait for blood test results that contributed to the patient’s death.

The June 2024 ransomware attack on Synnovis, a provider of blood test services, also delayed 1,100 cancer treatments and postponed more than 1,000 operations. The Russian group Qilin is believed to have been behind the attack that impacted multiple hospital trusts across London.

Healthcare providers struggled to deliver essential services, resorting to using universal O-type blood, which triggered a national shortage. Sensitive data stolen during the attack was later published online, adding to the crisis.

Cybersecurity experts warned that the NHS remains vulnerable because of its dependence on a vast network of suppliers. The incident highlights the human cost of cyber attacks, with calls for stronger protections across critical healthcare systems in the UK.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

IGF and WSIS platforms must be strengthened, not replaced, say leaders

At the Internet Governance Forum 2025 in Lillestrøm, Norway, stakeholders gathered to assess the International Telecommunication Union’s (ITU) role in the WSIS Plus 20 review process.

The session, moderated by Cynthia Lesufi of South Africa, invited input on the achievements and future direction of the World Summit on the Information Society (WSIS), now marking its 20th year.

Speakers from Brazil, Australia, Korea, Germany, Japan, Cuba, South Africa, Ghana, Nigeria, and Bangladesh offered their national and regional insights.

There was strong consensus on maintaining and strengthening existing platforms like the Internet Governance Forum (IGF) and WSIS Forum, rather than creating new mechanisms that might burden developing countries.

Renata Santoyo, representing Brazil’s telecommunications regulator ANATEL, affirmed ITU’s coordinating role: ‘The WSIS architecture remains valuable, and ITU has been instrumental in supporting its action lines.’

Australia’s William Lee echoed this, commending ITU’s work on integrating WSIS with the SDGs and the Global Digital Compact, and noted: ‘The digital divide is now less about access and more about usability.’

Korean vice chair of the ITU Council Working Group, Mina Seonmin Jun, stressed the continued inequality in her region: ‘One third of Asia-Pacific remains offline. WSIS must go beyond infrastructure and focus on equity.’

People, Person, Cinema, Adult, Female, Woman, Male, Man, Crowd, Face, Head, Indoors, Audience, Chair, Furniture

Swantje Jager Lindemann from Germany backed extending the IGF mandate without renegotiation, saying: ‘The mandate is broad enough. What we need is better support and sustainable funding.’

Japan’s Yoichi Iida, former vice minister and now special advisor, also warned against reopening existing mandates, instead calling for a stronger IGF secretariat. ‘We must focus on inclusivity, not duplicating structures,’ he said.

ITU’s Gitanjali Sah outlined its leadership on WSIS action lines, noting the organisation’s collaboration with over 50 UN bodies. ‘2.6 billion people are still offline. Connectivity must be meaningful and inclusive,’ she said, highlighting ITU’s technical support on cybersecurity, capacity building, and standards.

Cuba’s representative stressed that the WSIS outcome documents remain fully valid and should be reaffirmed rather than rewritten. ‘Creating new mechanisms risks excluding countries with limited resources,’ they argued.

Local voices called for grassroots inclusion. Louvo Gray from the South African IGF asked, ‘How do we ensure marginalised voices from the Global South are truly heard?’ Ghana’s Kweku Enchi proposed tapping retired language teachers to bridge digital and generational divides.

Abdul Karim from Nigeria raised concerns about public access to the review documents. Sah confirmed that most contributions are published on the ITU website unless requested otherwise.

The UNDP representative reiterated UN-wide support for an inclusive WSIS review, while Mohamed Abdulla Konu of Bangladesh IGF pressed for developing countries’ voices to be meaningfully reflected.

Speakers agreed that the WSIS Plus 20 review is a key opportunity to refocus digital governance on inclusion, equity, and sustainability. The ITU will submit the compiled inputs to the UN General Assembly in December, while South Africa will include the session’s outcomes in its high-level report.

Track all key moments from the Internet Governance Forum 2025 on our dedicated IGF page.

SpaceX rocket carries first quantum satellite into space

A groundbreaking quantum leap has taken place in space exploration. The world’s first photonic quantum computer has successfully entered orbit aboard SpaceX’s Transporter 14 mission.

Launched from Vandenberg Space Force Base in California on 23 June, the quantum device was developed by an international research team led by physicist Philip Walther of the University of Vienna.

The miniature quantum computer, designed to withstand harsh space conditions, is now orbiting 550 kilometres above Earth. It was part of a 70-payload cargo, including microsatellites and re-entry capsules.

Uniquely, the system performs ‘edge computing’, processing data like wildfire detection directly on board rather than transmitting raw information to Earth. The innovation drastically reduces energy use and improves response time.

Assembled in just 11 working days by a 12-person team at the German Aerospace Center in Trauen, the quantum processor is expected to transmit its first results within a week of reaching orbit.

The project’s success marks a significant milestone in quantum space technology, opening the door to further experiments in fundamental physics and applied sciences.

The Transporter 14 mission also deployed satellites from Capella Space, Starfish Space, and Varda Space, among others. Following its 26th successful flight, the Falcon 9 rocket safely landed on a Pacific Ocean platform after a nearly two-hour satellite deployment.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

North Korea-linked hackers deploy fake Zoom malware to steal crypto

North Korean hackers have reportedly used deepfake technology to impersonate executives during a fake Zoom call in an attempt to install malware and steal cryptocurrency from a targeted employee.

Cybersecurity firm Huntress identified the scheme, which involved a convincingly staged meeting and a custom-built AppleScript targeting macOS systems—an unusual move that signals the rising sophistication of state-sponsored cyberattacks.

The incident began with a fraudulent Calendly invitation, which redirected the employee to a fake Zoom link controlled by the attackers. Weeks later, the employee joined what appeared to be a routine video call with company leadership. In reality, the participants were AI-generated deepfakes.

When audio issues arose, the hackers convinced the user to install what was supposedly a Zoom extension but was, in fact, malware designed to hijack cryptocurrency wallets and steal clipboard data.

Huntress traced the attack to TA444, a North Korean group also known by names like BlueNoroff and STARDUST CHOLLIMA. Their malware was built to extract sensitive financial data while disguising its presence and erasing traces once the job was done.

Security experts warn that remote workers and companies have to be especially cautious. Unfamiliar calendar links, sudden platform changes, or requests to install new software should be treated as warning signs.

Verifying suspicious meeting invites through alternative contact methods — like a direct phone call — is a vital but straightforward way to prevent damage.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI data risks prompt new global cybersecurity guidance

A coalition of cybersecurity agencies, including the NSA, FBI, and CISA, has issued joint guidance to help organisations protect AI systems from emerging data security threats. The guidance explains how AI systems can be compromised by data supply chain flaws, poisoning, and drift.

Organisations are urged to adopt security measures throughout all four phases of the AI life cycle: planning, data collection, model building, and operational monitoring.

The recommendations include verifying third-party datasets, using secure ingestion protocols, and regularly auditing AI system behaviour. Particular emphasis is placed on preventing model poisoning and tracking data lineage to ensure integrity.

The guidance encourages firms to update their incident response plans to address AI-specific risks, conduct audits of ongoing projects, and establish cross-functional teams involving legal, cybersecurity, and data science experts.

With AI models increasingly central to critical infrastructure, treating data security as a core governance issue is essential.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Salt Typhoon exploits critical Cisco flaw to breach Canadian network

Canadian and US authorities have attributed a cyberattack on a Canadian telecommunications provider to state-sponsored actors allegedly linked to China. The attack exploited a critical vulnerability that had been patched 16 months earlier.

According to a statement issued on Monday by Canada’s Communications Security Establishment (CSE), the breach is attributed to a threat group known as Salt Typhoon, believed to be operating on behalf of the Chinese government.

‘The Cyber Centre is aware of malicious cyber activities currently targeting Canadian telecommunications companies,’ the CSE stated, adding that Salt Typhoon was ‘almost certainly’ responsible. The US FBI released a similar advisory.

Salt Typhoon is one of several threat actors associated with the People’s Republic of China (PRC), with a history of conducting cyber operations against telecommunications and infrastructure targets globally.

In late 2023, security researchers disclosed that over 10,000 Cisco devices had been compromised by exploiting CVE-2023-20198—a vulnerability rated 10/10 in severity.

The exploit targeted Cisco devices running iOS XE software with HTTP or HTTPS services enabled. Despite Cisco releasing a patch in October 2023, the vulnerability remained unaddressed in some systems.

In mid-February 2025, three network devices operated by an unnamed Canadian telecom company were compromised, with attackers retrieving configuration files and modifying at least one to create a GRE tunnel—allowing network traffic to be captured.

Cisco has also linked Salt Typhoon to a broader campaign using multiple patched vulnerabilities, including CVE-2018-0171, CVE-2023-20273, and CVE-2024-20399.

The Cyber Centre noted that the compromise could allow unauthorised access to internal network data or serve as a foothold to breach additional targets. Officials also stated that some activity may have been limited to reconnaissance.

While neither agency commented on why the affected devices had not been updated, the prolonged delay in patching such a high-severity flaw highlights ongoing challenges in maintaining basic cyber hygiene.

The authorities in Canada warned that similar espionage operations are likely to continue targeting the telecom sector and associated clients over the next two years.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

NCSC issues new guidance for EU cybersecurity rules

The National Cyber Security Centre (NCSC) has published new guidance to assist organisations in meeting the upcoming EU Network and Information Security Directive (NIS2) requirements.

Ireland missed the October 2024 deadline but is expected to adopt the directive soon.

NIS2 broadens the scope of covered sectors and introduces stricter cybersecurity obligations, including heavier fines and legal consequences for non-compliance. The directive aims to improve security across supply chains in both the public and private sectors.

To help businesses comply, the NCSC unveiled Risk Management Measures. It also launched Cyber Fundamentals, a practical framework designed for organisations of varying sizes and risk levels.

Joseph Stephens, NCSC’s Director of Resilience, noted the challenge of broad application and praised cooperation with Belgium and Romania on a solution for the EU.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Cloudflare blocks the largest DDoS attack in internet history

Cloudflare has blocked what it describes as the largest distributed denial-of-service (DDoS) attack ever recorded after nearly 38 terabytes of data were unleashed in just 45 seconds.

The onslaught generated a peak traffic rate of 7.3 terabits per second and targeted nearly 22,000 destination ports on a single IP address managed by an undisclosed hosting provider.

Instead of relying on a mix of tactics, the attackers primarily used UDP packet floods, which accounted for almost all attacks. A small fraction employed outdated diagnostic tools and methods such as reflection and amplification to intensify the network overload.

These techniques exploit how some systems automatically respond to ping requests, causing massive data feedback loops when scaled.

Originating from 161 countries, the attack saw nearly half its traffic come from IPs in Brazil and Vietnam, with the remainder traced to Taiwan, China, Indonesia, and the US.

Despite appearing globally orchestrated, most traffic came from compromised devices—often everyday items infected with malware and turned into bots without their owners’ knowledge.

To manage the unprecedented data surge, Cloudflare used a decentralised approach. Traffic was rerouted to data centres close to its origin, while advanced detection systems identified and blocked harmful packets without disturbing legitimate data flows.

The incident highlights the scale of modern cyberattacks and the growing sophistication of defences needed to stop them.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Banks and tech firms create open-source AI standards

A group of leading banks and technology firms has joined forces to create standardised open-source controls for AI within the financial sector.

The initiative, led by the Fintech Open Source Foundation (FINOS), includes financial institutions such as Citi, BMO, RBC, and Morgan Stanley, working alongside major cloud providers like Microsoft, Google Cloud, and Amazon Web Services.

Known as the Common Controls for AI Services project, the effort seeks to build neutral, industry-wide standards for AI use in financial services.

The framework will be tailored to regulatory environments, offering peer-reviewed governance models and live validation tools to support real-time compliance. It extends FINOS’s earlier Common Cloud Controls framework, which originated with contributions from Citi.

Gabriele Columbro, Executive Director of FINOS, described the moment as critical for AI in finance. He emphasised the role of open source in encouraging early collaboration between financial firms and third-party providers on shared security and compliance goals.

Instead of isolated standards, the project promotes unified approaches that reduce fragmentation across regulated markets.

The project remains open for further contributions from financial organisations, AI vendors, regulators, and technology companies.

As part of the Linux Foundation, FINOS provides a neutral space for competitors to co-develop tools that enhance AI adoption’s safety, transparency, and efficiency in finance.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU and Australia to begin negotiations on security and defence partnership

Brussels and Canberra begin negotiations on a Security and Defence Partnership (SDP). The announcement follows a meeting between European Commission President Ursula von der Leyen, European Council President António Costa, and Australian Prime Minister Anthony Albanese.

The proposed SDP aims to establish a formal framework for cooperation in a range of security-related areas.

These include defence industry collaboration, counter-terrorism and cyber threats, maritime security, non-proliferation and disarmament, space security, economic security, and responses to hybrid threats.

SDPs are non-binding agreements facilitating enhanced political and operational cooperation between the EU and external partners. They do not include provisions for military deployment.

The European Union maintains SDPs with seven other countries: Albania, Japan, Moldova, North Macedonia, Norway, South Korea, and the United Kingdom. The forthcoming negotiations with Australia would expand this network, potentially increasing coordination on global and regional security issues.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!