Critical infrastructure

DeepSeek struggles to launch R2 amid NVIDIA chip shortage

The launch of DeepSeek’s next-generation AI model, R2, is expected to face delays due to a shortage of NVIDIA H20 chips in China.

These chips, designed specifically for the Chinese market following US export restrictions, are essential for running DeepSeek’s highly optimised models.

The ban on H20 shipments in April has triggered widespread concern among cloud providers about the scalability of R2, especially if it outperforms existing open-source models.

CEO Liang Wenfeng has reportedly held back the model’s release, expressing dissatisfaction with its current performance.

Engineers continue refining R2, but the lack of compatible hardware poses a deeper challenge. DeepSeek’s reliance on NVIDIA architecture makes switching to Chinese chips inefficient, as the models are tightly built for NVIDIA’s software and hardware ecosystem.

Some Chinese firms have begun using workarounds by flying engineers to Malaysia, where NVIDIA chips are still available in local data centres.

After training their models abroad, teams return to China with trained systems. Others rely on gaming GPUs like the RTX 5090, which are easier to access via grey markets despite restrictions.

While Chinese tech giants ordered 1.2 million H20 chips earlier in 2025 to meet demand sparked by R1’s success, inventory is still unlikely to support a full R2 rollout.

Companies outside China may launch R2 more easily without facing the same export hurdles.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cyber Command and Coast Guard establish task force for port cyber defence

US Cyber Command has joined forces with the Coast Guard in a major military exercise designed to simulate cyberattacks on key port infrastructure.

Known as Cyber Guard, the training scenario marked a significant evolution in defensive readiness, integrating for the first time with Pacific Sentry—an Indo-Pacific Command exercise simulating conflict over Taiwan.

The joint effort included the formation of Task Force Port, a temporary unit tasked with coordinating defence of coastal infrastructure.

The drill reflected real-world concerns over the vulnerability of US ports in times of geopolitical tension, and brought together multiple combatant commands under a unified operational framework.

Rear Admiral Dennis Velez described the move as part of a broader shift from isolated training to integrated joint force operations.

Cyber Guard also marked the activation of the Department of Defense Cyber Defense Command (DCDC), previously known as Joint Force Headquarters–DOD Information Network.

The unit worked closely with the Coast Guard, signalling the increasing importance of cyber coordination across military branches when protecting critical infrastructure.

Port security has featured in past exercises but was previously handled as a separate scenario. Its inclusion within the core structure of Cyber Guard suggests a strategic realignment, ensuring cyber defence is embedded in wider contingency planning for future conflicts.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Hawaiian Airlines confirms flights are safe despite cyberattack

Hawaiian Airlines has reported a cyberattack that affected parts of its IT infrastructure, though the carrier confirmed all flights remain unaffected and are operating as scheduled.

Now part of the Alaska Air Group, the airline stated it is actively working with authorities and cybersecurity experts to investigate and resolve the incident.

In a statement, the airline stressed that the safety and security of passengers and staff remain its highest priority. It has taken steps to protect its systems, restoring affected services while continuing full operations. No disruption to passenger travel has been reported.

The exact nature of the attack has not been disclosed, and no group has claimed responsibility so far. The Federal Aviation Administration (FAA) confirmed it monitors the situation closely and remains in contact with the airline. It added that there has been no impact on flight safety.

Cyberattacks in aviation are becoming increasingly common due to the sector’s heavy reliance on complex digital systems. Earlier incidents this year included cyberattacks on WestJet and Japan Airlines, which caused operational disruptions but did not compromise passenger data.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

NHS patient death linked to cyber attack delays

A patient has died after delays caused by a major cyberattack on NHS services, King’s College Hospital NHS Foundation Trust has confirmed. The attack, targeting pathology services, resulted in a long wait for blood test results that contributed to the patient’s death.

The June 2024 ransomware attack on Synnovis, a provider of blood test services, also delayed 1,100 cancer treatments and postponed more than 1,000 operations. The Russian group Qilin is believed to have been behind the attack that impacted multiple hospital trusts across London.

Healthcare providers struggled to deliver essential services, resorting to using universal O-type blood, which triggered a national shortage. Sensitive data stolen during the attack was later published online, adding to the crisis.

Cybersecurity experts warned that the NHS remains vulnerable because of its dependence on a vast network of suppliers. The incident highlights the human cost of cyber attacks, with calls for stronger protections across critical healthcare systems in the UK.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

IGF and WSIS platforms must be strengthened, not replaced, say leaders

At the Internet Governance Forum 2025 in Lillestrøm, Norway, stakeholders gathered to assess the International Telecommunication Union’s (ITU) role in the WSIS Plus 20 review process.

The session, moderated by Cynthia Lesufi of South Africa, invited input on the achievements and future direction of the World Summit on the Information Society (WSIS), now marking its 20th year.

Speakers from Brazil, Australia, Korea, Germany, Japan, Cuba, South Africa, Ghana, Nigeria, and Bangladesh offered their national and regional insights.

There was strong consensus on maintaining and strengthening existing platforms like the Internet Governance Forum (IGF) and WSIS Forum, rather than creating new mechanisms that might burden developing countries.

Renata Santoyo, representing Brazil’s telecommunications regulator ANATEL, affirmed ITU’s coordinating role: ‘The WSIS architecture remains valuable, and ITU has been instrumental in supporting its action lines.’

Australia’s William Lee echoed this, commending ITU’s work on integrating WSIS with the SDGs and the Global Digital Compact, and noted: ‘The digital divide is now less about access and more about usability.’

Korean vice chair of the ITU Council Working Group, Mina Seonmin Jun, stressed the continued inequality in her region: ‘One third of Asia-Pacific remains offline. WSIS must go beyond infrastructure and focus on equity.’

People, Person, Cinema, Adult, Female, Woman, Male, Man, Crowd, Face, Head, Indoors, Audience, Chair, Furniture

Swantje Jager Lindemann from Germany backed extending the IGF mandate without renegotiation, saying: ‘The mandate is broad enough. What we need is better support and sustainable funding.’

Japan’s Yoichi Iida, former vice minister and now special advisor, also warned against reopening existing mandates, instead calling for a stronger IGF secretariat. ‘We must focus on inclusivity, not duplicating structures,’ he said.

ITU’s Gitanjali Sah outlined its leadership on WSIS action lines, noting the organisation’s collaboration with over 50 UN bodies. ‘2.6 billion people are still offline. Connectivity must be meaningful and inclusive,’ she said, highlighting ITU’s technical support on cybersecurity, capacity building, and standards.

Cuba’s representative stressed that the WSIS outcome documents remain fully valid and should be reaffirmed rather than rewritten. ‘Creating new mechanisms risks excluding countries with limited resources,’ they argued.

Local voices called for grassroots inclusion. Louvo Gray from the South African IGF asked, ‘How do we ensure marginalised voices from the Global South are truly heard?’ Ghana’s Kweku Enchi proposed tapping retired language teachers to bridge digital and generational divides.

Abdul Karim from Nigeria raised concerns about public access to the review documents. Sah confirmed that most contributions are published on the ITU website unless requested otherwise.

The UNDP representative reiterated UN-wide support for an inclusive WSIS review, while Mohamed Abdulla Konu of Bangladesh IGF pressed for developing countries’ voices to be meaningfully reflected.

Speakers agreed that the WSIS Plus 20 review is a key opportunity to refocus digital governance on inclusion, equity, and sustainability. The ITU will submit the compiled inputs to the UN General Assembly in December, while South Africa will include the session’s outcomes in its high-level report.

Track all key moments from the Internet Governance Forum 2025 on our dedicated IGF page.

SpaceX rocket carries first quantum satellite into space

A groundbreaking quantum leap has taken place in space exploration. The world’s first photonic quantum computer has successfully entered orbit aboard SpaceX’s Transporter 14 mission.

Launched from Vandenberg Space Force Base in California on 23 June, the quantum device was developed by an international research team led by physicist Philip Walther of the University of Vienna.

The miniature quantum computer, designed to withstand harsh space conditions, is now orbiting 550 kilometres above Earth. It was part of a 70-payload cargo, including microsatellites and re-entry capsules.

Uniquely, the system performs ‘edge computing’, processing data like wildfire detection directly on board rather than transmitting raw information to Earth. The innovation drastically reduces energy use and improves response time.

Assembled in just 11 working days by a 12-person team at the German Aerospace Center in Trauen, the quantum processor is expected to transmit its first results within a week of reaching orbit.

The project’s success marks a significant milestone in quantum space technology, opening the door to further experiments in fundamental physics and applied sciences.

The Transporter 14 mission also deployed satellites from Capella Space, Starfish Space, and Varda Space, among others. Following its 26th successful flight, the Falcon 9 rocket safely landed on a Pacific Ocean platform after a nearly two-hour satellite deployment.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

North Korea-linked hackers deploy fake Zoom malware to steal crypto

North Korean hackers have reportedly used deepfake technology to impersonate executives during a fake Zoom call in an attempt to install malware and steal cryptocurrency from a targeted employee.

Cybersecurity firm Huntress identified the scheme, which involved a convincingly staged meeting and a custom-built AppleScript targeting macOS systems—an unusual move that signals the rising sophistication of state-sponsored cyberattacks.

The incident began with a fraudulent Calendly invitation, which redirected the employee to a fake Zoom link controlled by the attackers. Weeks later, the employee joined what appeared to be a routine video call with company leadership. In reality, the participants were AI-generated deepfakes.

When audio issues arose, the hackers convinced the user to install what was supposedly a Zoom extension but was, in fact, malware designed to hijack cryptocurrency wallets and steal clipboard data.

Huntress traced the attack to TA444, a North Korean group also known by names like BlueNoroff and STARDUST CHOLLIMA. Their malware was built to extract sensitive financial data while disguising its presence and erasing traces once the job was done.

Security experts warn that remote workers and companies have to be especially cautious. Unfamiliar calendar links, sudden platform changes, or requests to install new software should be treated as warning signs.

Verifying suspicious meeting invites through alternative contact methods — like a direct phone call — is a vital but straightforward way to prevent damage.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI data risks prompt new global cybersecurity guidance

A coalition of cybersecurity agencies, including the NSA, FBI, and CISA, has issued joint guidance to help organisations protect AI systems from emerging data security threats. The guidance explains how AI systems can be compromised by data supply chain flaws, poisoning, and drift.

Organisations are urged to adopt security measures throughout all four phases of the AI life cycle: planning, data collection, model building, and operational monitoring.

The recommendations include verifying third-party datasets, using secure ingestion protocols, and regularly auditing AI system behaviour. Particular emphasis is placed on preventing model poisoning and tracking data lineage to ensure integrity.

The guidance encourages firms to update their incident response plans to address AI-specific risks, conduct audits of ongoing projects, and establish cross-functional teams involving legal, cybersecurity, and data science experts.

With AI models increasingly central to critical infrastructure, treating data security as a core governance issue is essential.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Salt Typhoon exploits critical Cisco flaw to breach Canadian network

Canadian and US authorities have attributed a cyberattack on a Canadian telecommunications provider to state-sponsored actors allegedly linked to China. The attack exploited a critical vulnerability that had been patched 16 months earlier.

According to a statement issued on Monday by Canada’s Communications Security Establishment (CSE), the breach is attributed to a threat group known as Salt Typhoon, believed to be operating on behalf of the Chinese government.

‘The Cyber Centre is aware of malicious cyber activities currently targeting Canadian telecommunications companies,’ the CSE stated, adding that Salt Typhoon was ‘almost certainly’ responsible. The US FBI released a similar advisory.

Salt Typhoon is one of several threat actors associated with the People’s Republic of China (PRC), with a history of conducting cyber operations against telecommunications and infrastructure targets globally.

In late 2023, security researchers disclosed that over 10,000 Cisco devices had been compromised by exploiting CVE-2023-20198—a vulnerability rated 10/10 in severity.

The exploit targeted Cisco devices running iOS XE software with HTTP or HTTPS services enabled. Despite Cisco releasing a patch in October 2023, the vulnerability remained unaddressed in some systems.

In mid-February 2025, three network devices operated by an unnamed Canadian telecom company were compromised, with attackers retrieving configuration files and modifying at least one to create a GRE tunnel—allowing network traffic to be captured.

Cisco has also linked Salt Typhoon to a broader campaign using multiple patched vulnerabilities, including CVE-2018-0171, CVE-2023-20273, and CVE-2024-20399.

The Cyber Centre noted that the compromise could allow unauthorised access to internal network data or serve as a foothold to breach additional targets. Officials also stated that some activity may have been limited to reconnaissance.

While neither agency commented on why the affected devices had not been updated, the prolonged delay in patching such a high-severity flaw highlights ongoing challenges in maintaining basic cyber hygiene.

The authorities in Canada warned that similar espionage operations are likely to continue targeting the telecom sector and associated clients over the next two years.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

NCSC issues new guidance for EU cybersecurity rules

The National Cyber Security Centre (NCSC) has published new guidance to assist organisations in meeting the upcoming EU Network and Information Security Directive (NIS2) requirements.

Ireland missed the October 2024 deadline but is expected to adopt the directive soon.

NIS2 broadens the scope of covered sectors and introduces stricter cybersecurity obligations, including heavier fines and legal consequences for non-compliance. The directive aims to improve security across supply chains in both the public and private sectors.

To help businesses comply, the NCSC unveiled Risk Management Measures. It also launched Cyber Fundamentals, a practical framework designed for organisations of varying sizes and risk levels.

Joseph Stephens, NCSC’s Director of Resilience, noted the challenge of broad application and praised cooperation with Belgium and Romania on a solution for the EU.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot