Critical infrastructure

AI fake news surge tests EU Digital Services Act

Europe is facing a growing wave of AI-powered fake news and coordinated bot attacks that overwhelm media, fact-checkers, and online platforms instead of relying on older propaganda methods.

According to the European Policy Centre, networks using advanced AI now spread deepfakes, hoaxes, and fake articles faster than they can be debunked, raising concerns over whether EU rules are keeping up.

Since late 2024, the so-called ‘Overload’ operation has doubled its activity, sending an average of 2.6 fabricated proposals each day while also deploying thousands of bot accounts and fake videos.

These efforts aim to disrupt public debate through election intimidation, discrediting individuals, and creating panic instead of open discussion. Experts warn that without stricter enforcement, the EU’s Digital Services Act risks becoming ineffective.

To address the problem, analysts suggest that Europe must invest in real-time threat sharing between platforms, scalable AI detection systems, and narrative literacy campaigns to help citizens recognise manipulative content instead of depending only on fact-checkers.

Publicly naming and penalising non-compliant platforms would give the Digital Services Act more weight.

The European Parliament has already acknowledged widespread foreign-backed disinformation and cyberattacks targeting EU countries. Analysts say stronger action is required to protect the information space from systematic manipulation instead of allowing hostile narratives to spread unchecked.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Azerbaijan government workers hit by cyberattacks

In the first six months of the year, 95 employees from seven government bodies in Azerbaijan fell victim to cyberattacks after neglecting basic cybersecurity measures and failing to follow established protocols. The incidents highlight growing risks from poor cyber hygiene across public institutions.

According to the State Service of Special Communication and Information Security (XRİTDX), more than 6,200 users across the country were affected by various cyberattacks during the same period, not limited to government staff.

XRİTDX is now intensifying audits and monitoring activities to strengthen information security and safeguard state organisations against both existing and evolving cyber threats instead of leaving vulnerabilities unchecked.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google Gemini flaw lets hackers trick email summaries

Security researchers have identified a serious flaw in Google Gemini for Workspace that allows cybercriminals to hide malicious commands inside email content.

The attack involves embedding hidden HTML and CSS instructions, which Gemini processes when summarising emails instead of showing the genuine content.

Attackers use invisible text styling such as white-on-white fonts or zero font size to embed fake warnings that appear to originate from Google.

When users click Gemini’s ‘Summarise this email’ feature, these hidden instructions trigger deceptive alerts urging users to call fake numbers or visit phishing sites, potentially stealing sensitive information.

Unlike traditional scams, there is no need for links, attachments, or scripts—only crafted HTML within the email body. The vulnerability extends beyond Gmail, affecting Docs, Slides, and Drive, raising fears of AI-powered phishing beacons and self-replicating ‘AI worms’ across Google Workspace services.

Experts advise businesses to implement inbound HTML checks, LLM firewalls, and user training to treat AI summaries as informational only. Google is urged to sanitise incoming HTML, improve context attribution, and add visibility for hidden prompts processed by Gemini.

Security teams are reminded that AI tools now form part of the attack surface and must be monitored accordingly.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI could save billions but healthcare adoption is slow

AI is being hailed as a transformative force in healthcare, with the potential to reduce costs and improve outcomes dramatically. Estimates suggest widespread AI integration could save up to 360 billion dollars annually by accelerating diagnosis and reducing inefficiencies across the system.

Although tools like AI scribes, triage assistants, and scheduling systems are gaining ground, clinical adoption remains slow. Only a small percentage of doctors, roughly 12%, currently rely on AI for diagnostic decisions. This cautious rollout reflects deeper concerns about the risks associated with medical AI.

Challenges include algorithmic drift when systems are exposed to real-world conditions, persistent racial and ethnic biases in training data, and the opaque ‘black box’ nature of many AI models. Privacy issues also loom, as healthcare data remains among the most sensitive and tightly regulated.

Experts argue that meaningful AI adoption in clinical care must be incremental. It requires rigorous validation, clinician training, transparent algorithms, and clear regulatory guidance. While the potential to save lives and money is significant, the transformation will be slow and deliberate, not overnight.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Italian defence firms hit by suspected Indian state-backed hackers

An advanced persistent threat (APT) group with suspected ties to India has been accused of targeting Italian defence companies in a cyber-espionage campaign.

Security researchers found that the hackers used phishing emails and malicious documents to infiltrate networks, stealing sensitive data.

The attacks, believed to be state-sponsored, align with growing concerns about nation state cyber operations targeting critical industries.

The campaign, dubbed ‘Operation Tainted Love,’ involved sophisticated malware designed to evade detection while exfiltrating confidential documents.

Analysts suggest the group’s motives may include gathering intelligence on military technology and geopolitical strategies. Italy has not yet issued an official response, but the breach underscores the escalating risks to national security posed by cyber-espionage.

This incident follows a broader trend of state-backed hacking groups increasingly focusing on the defence and aerospace sectors.

Cybersecurity experts urge organisations to strengthen defences, particularly against phishing and supply chain attacks. As geopolitical tensions influence cyberwarfare, such operations highlight the need for international cooperation in combating digital threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Enhancing email security through multi-factor authentication

Many users overlook one critical security setting that can stop hackers in their tracks: multi-factor authentication (MFA). Passwords alone are no longer enough. Easy-to-remember passwords are insecure, and strong passwords are rarely memorable or widely reused.

Brute-force attacks and credential leaks are common, especially since many users repeat passwords across different platforms. MFA solves this by requiring a second verification form, usually from your phone or an authenticator app, to confirm your identity.

The extra step can block attackers, even if they have your password, because they still need access to your second device. Two-factor authentication (2FA) is the most common form of MFA. It combines something you know (your password) with something you have.

Many email providers, including Gmail, Outlook, and Proton Mail, now offer built-in 2FA options under account security settings. On Gmail, visit your Google Account, select Security, and enable 2-Step Verification. Use Google Authenticator instead of SMS for better safety.

Outlook.com users can turn on 2FA through their Microsoft account’s Security settings, using an authenticator app for code generation. Proton Mail allows you to scan a QR code with Google Authenticator after enabling 2FA under Account and Password settings.

Authenticator apps are preferred over SMS, as they are vulnerable to SIM-swapping and phishing-based interception. Adding MFA is a fast, simple way to strengthen your email security and avoid becoming a victim of password-related breaches.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

CISA 2015 expiry threatens private sector threat sharing

Congress has under 90 days to renew the Cybersecurity Information Sharing Act (CISA) of 2015 and avoid a regulatory setback. The law protects companies from liability when they share cyber threat indicators with the government or other firms, fostering collaboration.

Before CISA, companies hesitated due to antitrust and data privacy concerns. CISA removed ambiguity by offering explicit legal protections. Without reauthorisation, fear of lawsuits could silence private sector warnings, slowing responses to significant cyber incidents across critical infrastructure sectors.

Debates over reauthorisation include possible expansions of CISA’s scope. However, many lawmakers and industry groups in the United States now support a simple renewal. Health care, finance, and energy groups say the law is crucial for collective defence and rapid cyber threat mitigation.

Security experts warn that a lapse would reverse years of progress in information sharing, leaving networks more vulnerable to large-scale attacks. With only 35 working days left for Congress before the 30 September deadline, the pressure to act is mounting.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Building digital resilience in an age of crisis

At the WSIS+20 High-Level Event in Geneva, the session ‘Information Society in Times of Risk’ spotlighted how societies can harness digital tools to weather crises more effectively. Experts and researchers from across the globe shared innovations and case studies that emphasised collaboration, inclusiveness, and preparedness.

Chairs Horst Kremers and Professor Ke Gong opened the discussion by reinforcing the UN’s all-of-society principle, which advocates cooperation among governments, civil society, tech companies, and academia in facing disaster risks.

The Singapore team unveiled their pioneering DRIVE framework—Digital Resilience Indicators for Veritable Empowerment—redefining resilience not as a personal skill set but as a dynamic process shaped by individuals’ environments, from family to national policies. They argued that digital resilience must include social dimensions such as citizenship, support networks, and systemic access, making it a collective responsibility in the digital era.

Turkish researchers analysed over 54,000 social media images shared after the 2023 earthquakes, showing how visual content can fuel digital solidarity and real-time coordination. However, they also revealed how the breakdown of communication infrastructure in the immediate aftermath severely hampered response efforts, underscoring the urgent need for robust and redundant networks.

Meanwhile, Chinese tech giant Tencent demonstrated how integrated platforms—such as WeChat and AI-powered tools—transform disaster response, enabling donations, rescues, and community support on a massive scale. Yet, presenters cautioned that while AI holds promise, its current role in real-time crisis management remains limited.

The session closed with calls for pro-social platform designs to combat polarisation and disinformation, and a shared commitment to building inclusive, digitally resilient societies that leave no one behind.

Track all key events from the WSIS+20 High-Level Event 2025 on our dedicated page.

Report shows China outpacing the US and EU in AI research

AI is increasingly viewed as a strategic asset rather than a technological development, and new research suggests China is now leading the global AI race.

A report titled ‘DeepSeek and the New Geopolitics of AI: China’s ascent to research pre-eminence in AI’, authored by Daniel Hook, CEO of Digital Science, highlights how China’s AI research output has grown to surpass that of the US, the EU and the UK combined.

According to data from Dimensions, a primary global research database, China now accounts for over 40% of worldwide citation attention in AI-related studies. Instead of focusing solely on academic output, the report points to China’s dominance in AI-related patents.

In some indicators, China is outpacing the US tenfold in patent filings and company-affiliated research, signalling its capacity to convert academic work into tangible innovation.

Hook’s analysis covers AI research trends from 2000 to 2024, showing global AI publication volumes rising from just under 10,000 papers in 2000 to 60,000 in 2024.

However, China’s influence has steadily expanded since 2018, while the EU and the US have seen relative declines. The UK has largely maintained its position.

Clarivate, another analytics firm, reported similar findings, noting nearly 900,000 AI research papers produced in China in 2024, triple the figure from 2015.

Hook notes that governments increasingly view AI alongside energy or military power as a matter of national security. Instead of treating AI as a neutral technology, there is growing awareness that a lack of AI capability could have serious economic, political and social consequences.

The report suggests that understanding AI’s geopolitical implications has become essential for national policy.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Europe moves to build its own digital infrastructure

France, Germany, Italy, and the Netherlands have taken a major step toward building Europe’s own digital infrastructure by signing the founding papers for a new European Digital Infrastructure Consortium for Digital Commons. The initiative reflects growing concern that Europe’s reliance on US technology companies, such as Microsoft, leaves its public administrations vulnerable to shifting geopolitical dynamics.

For years, countries like Germany and France have been working on alternatives, Berlin with its Open Desk project and Paris with La Suite Numérique. Now, by joining forces, the four governments aim to develop and maintain publicly built and publicly accessible digital tools that reduce dependence on foreign tech giants.

Markus Richter, Germany’s chief information officer, described the move as ‘a milestone on the way to more digital sovereignty in Europe.’ The consortium will focus on scaling strategic digital commons, securing financial backing, and fostering a strong European community committed to digital independence.

The new organisation, based in Paris, marks the start of a coordinated European effort to create sovereign digital services designed to serve governments and citizens alike, with long-term ambitions of strengthening Europe’s position in the global digital landscape.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!