The US Justice Department has removed malware from over 4,200 computers worldwide in an operation targeting a hacking group linked to the Chinese government. The malware, known as ‘PlugX,’ was used to steal information and compromise systems across the United States, Europe, and Asia. Investigators identified the cybercriminals behind the attack as ‘Mustang Panda’ and ‘Twill Typhoon,’ groups believed to have received financial support from China.
Court documents filed in the US District Court for the Eastern District of Pennsylvania allege that the Chinese government paid Mustang Panda to develop PlugX. The malware has been active since at least 2014 and was used not only to target governments and businesses but also Chinese political dissidents. Officials described the operation as a critical step in neutralising cyber threats backed by foreign states.
Authorities emphasised the growing risks posed by state-sponsored hacking groups and their ability to infiltrate global networks. The Justice Department remains committed to dismantling cyber threats and preventing adversaries from exploiting sensitive information. The scale of the attack highlights the persistent threat of cyber espionage and the need for international cooperation in addressing cybersecurity challenges.
A massive data breach has hit Gravy Analytics, a major US location data broker, compromising precise smartphone location data and internal company information. Hackers claim to have gained access to the company’s systems since 2018, exposing sensitive coordinates that track individuals’ movements. The stolen data includes customer details from prominent firms like Uber, Apple, and government contractors.
Gravy Analytics, through its subsidiary Venntel, has previously sold large amounts of location data to US government agencies. The breach highlights significant security lapses, with the stolen data now at risk of being sold on the dark web. The precise latitude and longitude records could put individuals, especially those in vulnerable positions, in danger.
The incident has sparked fresh scrutiny over data brokers, who often collect and sell sensitive information with little transparency. In December, the FTC moved to restrict Gravy Analytics from selling location data except in cases of national security or law enforcement. Critics argue that these companies prioritise profits over privacy and have called for stricter regulations to hold them accountable.
The UK‘s prisons watchdog has warned that drones are becoming a serious national security threat due to a surge in the smuggling of weapons, drugs, and other contraband into high-security jails. Charlie Taylor, the chief inspector of prisons, called for immediate action from the police and government following investigations into two of England and Wales’ most dangerous prisons, HMP Manchester and HMP Long Lartin. Both facilities, holding notorious criminals and terrorism suspects, have seen an increase in illicit deliveries by drones, putting staff, inmates, and public safety at risk.
Taylor’s report highlights how gangs have exploited weaknesses in security, including the deterioration of basic anti-drone measures like protective netting and CCTV. At Long Lartin, inspectors found that large quantities of illicit items were being delivered, fueling violence and unrest among prisoners. At HMP Manchester, inmates were burning holes in windows to facilitate drone deliveries, raising concerns about potential escapes and further disruptions.
The growing use of sophisticated drones, capable of carrying large payloads and flying under the radar, has made it increasingly difficult for prison authorities to control the flow of contraband. While some prisons have deployed counter-drone technology, most do not block drones from approaching, leaving many vulnerable to this growing threat.
Prison officials are now under mounting pressure to confront this new challenge, with experts warning that the situation is a matter of national security. Taylor also highlighted the need for a more robust approach to tackling gang activity and reducing the supply of illegal items that undermine prison safety.
The US government has announced new restrictions on exporting AI chips and technology, seeking to safeguard its dominance in AI development while limiting China’s access to advanced computing capabilities. The regulations, unveiled during the final days of President Biden’s administration, impose strict caps on AI chip exports to most countries, with exemptions for close allies such as Japan, the UK, and South Korea. Countries like China, Russia, Iran, and North Korea remain barred from accessing this critical technology.
Commerce Secretary Gina Raimondo emphasised the importance of maintaining US leadership in AI to support national security and economic interests. The regulations, which build on a four-year effort to block China’s acquisition of advanced chips, also close existing loopholes and enforce tighter controls. New limits target advanced graphics processing units (GPUs), essential for training AI models, and introduce worldwide licensing requirements for cutting-edge AI technologies. Major cloud providers like Microsoft and Amazon will face new authorisation processes to establish data centres globally under stringent conditions.
Industry leaders, including Nvidia, have expressed concerns over the broad scope of the rules, warning of potential harm to innovation and market dynamics. Nvidia called the restrictions an “overreach,” while Oracle cautioned that the measures could inadvertently benefit Chinese competitors. Despite this criticism, US officials argue the rules are vital for maintaining a competitive edge, given AI’s transformative potential in sectors like healthcare, cybersecurity, and defence. China’s Commerce Ministry condemned the move, vowing to protect its interests in response to the escalating technology standoff.
Italy is exploring a potential agreement with Elon Musk’s Starlink to provide secure satellite communications for government and defence officials. The proposed five-year deal, worth €1.5 billion, would enable encrypted communications in high-risk areas. An Italian representative for Musk’s aerospace businesses stated that the country would retain full control over its data while using the technology.
Opposition parties have criticised the project, questioning whether a company owned by the US billionaire should handle sensitive Italian communications. Prime Minister Giorgia Meloni, who has faced scrutiny over her ties with Musk, dismissed concerns, insisting that discussions about the deal began before her government took office in 2022.
Starlink, a subsidiary of SpaceX, operates 6,700 satellites in low-Earth orbit and is a dominant player in global satellite communications. While the Italian government evaluates the deal, officials maintain that national interests and data security would remain protected.
President Joe Biden is preparing to introduce a new executive order aimed at strengthening cybersecurity standards for federal agencies and contractors. The proposed measures address growing threats from Chinese-linked cyber operations and criminal cyberattacks, which have targeted critical infrastructure, government emails, and major telecom firms. Under the draft order, contractors must adhere to stricter secure software development practices and provide documentation to be verified by the Cybersecurity and Infrastructure Security Agency (CISA).
The order highlights vulnerabilities exposed by recent cyber incidents, including the May 2023 breach of US government email accounts, attributed to Chinese hackers. New guidelines will also focus on securing access tokens and cryptographic keys, which were exploited during the attack. Contractors whose security practices fail to meet standards may face legal consequences, with referrals to the attorney general for further action.
While experts like Tom Kellermann of Contrast Security support the initiative, some criticise the timeline as insufficient given the immediate threats posed by adversaries like China and Russia. Brandon Wales of SentinelOne views the order as a continuation of efforts across the past two administrations, emphasising the need to enhance existing cybersecurity frameworks while addressing a broad range of threats.
The order underscores Biden’s commitment to cybersecurity as a pressing national security issue. It comes amid escalating concerns about foreign cyber operations and aims to solidify protections for critical US systems before the transition to new leadership.
Business email compromise (BEC) scams are on the rise, targeting companies through highly deceptive tactics. These scams involve cybercriminals hacking into legitimate email accounts and tricking victims into transferring large sums of money. Recently, a small business narrowly avoided a major financial loss when a scammer posed as its owner, sending fraudulent wiring instructions to the company’s bank. Quick action by the business owner and a vigilant banker prevented the funds from being transferred.
Experts warn that BEC scams rely less on technical vulnerabilities and more on exploiting trust between businesses and their partners. Hackers often gain access through phishing attacks, installing malicious software, or guessing weak passwords. Once inside an email account, they may create hidden rules to intercept or forward messages, concealing their activities until it’s too late.
To counter these threats, cybersecurity professionals recommend measures such as enabling two-factor authentication, regularly updating passwords, and monitoring email account activity for unusual changes. Businesses are also advised to verify financial transactions using secondary methods, such as phone calls, to confirm the legitimacy of requests.
With global losses from BEC scams amounting to billions, the stakes are high. By taking proactive steps to enhance security, businesses can protect themselves from falling victim to these sophisticated schemes.
Dragos and Singapore’s Digital and Intelligence Service (DIS) are collaborating to enhance cybersecurity capabilities through a strategic partnership focusing on planning, training, and exchanging information about cyber threats. The agreement, announced during the Critical Infrastructure Defence Exercise (CIDeX) 2024, aims to fortify the defence of Singapore’s critical infrastructure and increase its resilience to cyber attacks.
The partnership builds on Dragos’s long-standing collaboration with Singapore, including a previous agreement in August 2023 with the Cyber Security Agency (CSA) to improve operational technology (OT) cybersecurity. DIS emphasised the importance of expanding cybersecurity partnerships across sectors, while Dragos commended Singapore’s proactive approach to cybersecurity as an example for other nations to follow.
That partnership underscores the shared commitment of both parties to secure critical infrastructure amid an evolving cyber threat landscape. By leveraging their expertise, Dragos and DIS aim to provide Singapore with the necessary tools and knowledge to navigate emerging challenges, ensuring the protection of its infrastructure and citizens.
Elon Musk is working to expand his aerospace firm SpaceX and its satellite broadband service Starlink in Italy. Talks are underway for potential supply agreements, with Musk offering Italy secure and advanced connectivity. Prime Minister Giorgia Meloni has built a close relationship with Musk, aligning with her ties to incoming US President Donald Trump.
Starlink, operating 6,700 satellites, dominates the low-Earth orbit market and provides broadband to over four million customers worldwide, including around 55,000 in Italy. The Italian government is considering using Starlink’s technology for secure communications among diplomats and defence personnel, a project valued at €1.5 billion over five years.
A prominent technology trade group has urged the Biden administration to reconsider a proposed rule that would restrict global access to US-made AI chips, warning that the measure could undermine America’s leadership in the AI sector. The Information Technology Industry Council (ITI), representing major companies like Amazon, Microsoft, and Meta, expressed concerns that the restrictions could unfairly limit US companies’ ability to compete globally while allowing foreign rivals to dominate the market.
The proposed rule, expected to be released as soon as Friday, is part of the Commerce Department’s broader strategy to regulate AI chip exports and prevent misuse, particularly by adversaries like China. The restrictions aim to curb the potential for AI to enhance China’s military capabilities. However, in a letter to Commerce Secretary Gina Raimondo, ITI CEO Jason Oxman criticised the administration’s urgency in finalising the rule, warning of ‘significant adverse consequences’ if implemented hastily. Oxman called for a more measured approach, such as issuing a proposed rule for public feedback rather than enacting an immediate policy.
Industry leaders have been vocal in their opposition, describing the draft rule as overly broad and damaging. The Semiconductor Industry Association raised similar concerns earlier this week, and Oracle’s Executive Vice President Ken Glueck slammed the measure as one of the most disruptive ever proposed for the US tech sector. Glueck argued the rule would impose sweeping regulations on the global commercial cloud industry, stifling innovation and growth.
While the administration has yet to comment on the matter, the growing pushback highlights the tension between safeguarding national security and maintaining US dominance in the rapidly evolving field of AI.
