Critical infrastructure

IIJ and Uzbektelecom join forces for enhanced network security

Internet Initiative Japan Inc. (IIJ) and JSC Uzbektelecom have forged a significant collaboration to strengthen network security services in Uzbekistan and throughout the Central Asian region. Central to this partnership is the integration of IIJ Safous, a sophisticated zero-trust access service that IIJ will provide to empower Uzbektelecom to launch its own security offerings.

The initiative builds upon a previous partnership established through the Telecommunication Infrastructure Development Project awarded in January 2023, which includes prominent players such as Toyota Tsusho, NEC Corporation, and NTT Communication Corporation. Together, they aim to address the growing demand for enhanced cybersecurity solutions in a rapidly evolving digital landscape.

That collaboration aligns closely with Uzbekistan’s ‘Digital Uzbekistan 2030‘ strategy, which aims to enhance the country’s digital infrastructure while highlighting the importance of cybersecurity. As the ICT market continues to expand, the partnership between IIJ and Uzbektelecom is set to foster innovations in managed security services and cloud solutions.

With the outsourcing services sector projected to grow by an annual rate of 12.53% from 2024 to 2029, this initiative strengthens Uzbekistan’s digital security landscape. It also serves as a model for similar partnerships that drive regional digital transformation.

Fortum reports suspicious activity around Finnish and Swedish plants

Fortum, Finland’s largest power utility, is dealing with a wave of cyber threats and security incidents targeting its energy facilities, CEO Markus Rauramo revealed. The utility, which manages hydro, wind, solar, nuclear, and combined heat and power plants, faces daily denial-of-service attacks, disruptions to satellite communications, drone sightings, and suspicious individuals around its sites. Fortum has sought assistance from Finnish authorities to investigate the incidents, which have also impacted its operations in Sweden.

Finnish and Swedish intelligence services have declined to comment on the cyber attacks or identify any potential perpetrators. Fortum’s head of security, Jari Stenius, noted an uptick in the frequency of such incidents but emphasised that their impact on operations has been minimal so far. To strengthen its defences, the company has enforced strict access controls, employed private security, set up backup systems, and conducted regular drills with authorities.

The Finnish National Bureau of Investigation (KRP) confirmed that police are currently conducting several investigations into activities near critical infrastructure sites.

Edge computing growth boosted by Duos and Accu-Tech partnership

Duos Technologies Group, through its subsidiary Duos Edge AI, has entered a strategic partnership with Accu-Tech to expand the deployment of edge data centres across the US. This collaboration aims to meet the rising demand for faster data processing and improved connectivity in underserved areas.

With Accu-Tech’s established distribution network, Duos Edge AI plans to accelerate the rollout of its advanced computing solutions. President Doug Recker sees this as a key moment in providing critical technology to local communities. The growing edge computing market, expected to reach $43.4 billion by 2027, highlights the importance of this venture.

CEO Chuck Ferry emphasises the alignment between Duos’ vision and the need for innovative infrastructure to support local businesses. By partnering with Accu-Tech, Duos ensures both reliable installation and efficient operation of its edge data centres.

The first edge data centres are expected to be operational by Q4 2024. The collaboration is set to improve connectivity and optimise performance, bringing advanced technology to underserved regions across the country.

Google AI to enhance Vodafone’s Giga TV

Vodafone has announced a significant development in its Giga TV service, as part of a renewed billion-dollar partnership with Google Cloud. Over the next ten years, Google’s artificial intelligence capabilities will be integrated into the platform to enhance personalisation and content discovery for its users.

The companies plan to leverage Google Cloud’s AI to improve Vodafone’s Android-based TV system in Germany. New features will help users find content more easily and deliver a more tailored viewing experience. Additionally, Google Ad Manager will be integrated into Giga TV, enhancing the advertising landscape within the platform.

Further collaboration will see YouTube become more deeply embedded in Vodafone’s TV devices, providing a richer video experience. These improvements are set to bring significant advancements in how viewers engage with television content, both in entertainment and beyond.

Margherita Della Valle, Vodafone Group CEO, expressed excitement about the partnership, emphasising how these AI-driven innovations will transform communication and learning. She highlighted the unprecedented scale on which the new content and services will be delivered to millions of users.

SpaceX and T-Mobile to aid hurricane recovery

The Federal Communications Commission (FCC) has granted permission to SpaceX and T-Mobile to activate Starlink’s direct-to-cell capability for hurricane-hit regions in North Carolina. This emergency measure aims to restore communication services in areas heavily impacted by Hurricane Helene, where over 74% of cell towers were initially knocked out.

SpaceX’s satellites have already begun transmitting emergency alerts to mobile networks across the state. Basic texting on T-Mobile’s network is also under testing as part of efforts to reconnect people in affected areas. According to the FCC, only 17% of cell towers now remain offline as restoration teams work to bring the infrastructure back online.

T-Mobile noted that, while the full deployment of Starlink’s direct-to-cell constellation has not yet occurred, even early access to the system is aiding first responders in their rescue missions. Their network is almost fully restored, with minimal disruptions persisting in some remote areas.

Major US telecoms reportedly hit by Chinese cyberattack on wiretap systems

Chinese hackers reportedly accessed US broadband networks, compromising systems used for government-authorised wiretapping. The Wall Street Journal revealed that major telecom providers, including Verizon, AT&T, and Lumen Technologies, were affected by the breach.

Hackers are believed to have maintained access for months, enabling them to intercept internet traffic and sensitive communications data. US investigators, who labelled the hacking group ‘Salt Typhoon’, indicated that the breach was intelligence-focused.

China’s foreign ministry responded to the accusations, denying knowledge of the incident and condemning the US for what they called ‘a false narrative’. Beijing had previously denied involvement in similar cyber-espionage claims.

Lumen Technologies declined to comment, while Verizon and AT&T did not respond immediately. The breach follows the exposure of another Chinese hacking group earlier this year, as part of a broader campaign by US law enforcement.

Starlink to test new satellite limits in Romania

In partnership with Romania’s National Authority for Communications Administration and Regulation (ANCOM) and the Ministry of National Defence, Starlink is conducting an innovative real-world test to assess whether its non-geostationary satellite (NGSO) systems can operate without interfering with geostationary satellite (GSO) networks. The test aims to investigate relaxed power flux density (EPFD) limits, which, if successful, could enable Starlink satellites to operate at up to eight times the current capacity allowed by the International Telecommunication Union (ITU) while ensuring the protection of GSO networks.

Moreover, the existing EPFD limits, established 25 years ago, were designed to prevent unacceptable interference with GSO Fixed Satellite Service (FSS) and Broadcasting Satellite Service (BSS) networks. However, many experts contend that these limits may no longer be relevant. Consequently, ANCOM has initiated this testing campaign to contribute valuable insights to ongoing ITU studies regarding EPFD limits and their implications for GSO networks.

Furthermore, the test includes installing equipment to monitor signal and interference levels, with specific protection criteria set at a 10% aggregate increase in service unavailability and a 3% increase in individual service unavailability. Over the course of at least six months, SpaceX will exceed the current EPFD limits in a designated area to collect essential operational data.

The findings will subsequently be presented at ITU meetings to demonstrate that efficient NGSO operations can coexist harmoniously with GSO networks. Additionally, Romania underscores the importance of establishing a regulatory framework that balances the protection of geostationary networks with the potential of NGSO networks to enhance connectivity. As a result, ITU is set to review EPFD limits at the upcoming World Radiocommunication Conference (WRC-27), where Romania will advocate for a collaborative approach to harness both types of satellites effectively.

US and Poland sign cybersecurity MOU to enhance global digital security and cooperation

The US Department of Homeland Security (DHS) and the Polish Ministry of Digital Affairs (MDA) have signed a Memorandum of Understanding (MOU) to bolster their collaboration in cybersecurity and emerging technology. This MOU strengthens the longstanding partnership between the United States and Poland, providing a structured framework for coordinated efforts in addressing global security challenges, including cyber threats and responsible technology development.

By focusing on key areas such as cyber policy, Secure by Design practices, information sharing, incident response, human capital development, and the safe deployment of AI and the Internet of Things (IoT), both nations demonstrate a shared commitment to transatlantic security. The timing of this MOU, which coincides with the Fourth Counter Ransomware Initiative Summit, reflects a united stance against the growing ransomware threat, as nearly 70 countries gathered to reinforce global resilience against cybercrime.

Various agencies will spearhead the implementation of the MOU as part of the agreement. In the United States, DHS entities like the Cybersecurity and Infrastructure Security Agency (CISA), the Office of Strategy, Policy, and Plans, and the Science and Technology Directorate will drive projects that enhance cybersecurity and support critical infrastructure. On the Polish side, the National Research Institute (NASK) will be instrumental in coordinating these efforts, positioning Poland for its upcoming EU Council presidency in 2025, where it aims to strengthen US-EU relations and prioritise European information security.

Why does it matter?

Together, these agencies will focus on collaborative initiatives that ensure safe technology practices, build critical skills, and enable a proactive response to digital threats, securing a stronger digital future for both nations.

FERMA calls on European institutions to simplify cyber reporting obligations

The Federation of European Risk Management Associations (FERMA) has called on European institutions to simplify cyber reporting requirements and consider the insurance implications of cyber legislation. This appeal follows the release of the Cyber Reporting Stack report, developed in collaboration with WTW, which offers risk managers vital guidance on navigating the landscape of cyber policy and reporting obligations.

The report outlines current and forthcoming regulations, along with incident reporting requirements, featuring the General Data Protection Regulation (GDPR), Network and Information Security (NIS) 2 Directive, the Digital Operational Resilience Act (DORA), and the Cyber Resilience Act (CRA).

Charlotte Hedemark, President of FERMA, highlighted the growing burden of cyber reporting and added that FERMA believes companies need a streamlined and consistent set of requirements for reporting cyber incidents. The report recommends establishing a ‘single point of entry’ for cyber incident notifications and guides EU member states to streamline their processes and participant involvement.

Philippe Cotelle, Chair of FERMA’s Digital Committee, emphasised there currently needs to be regulations specifying the necessary risk management measures or considering their insurance implications.

Forrester: Cybercrime to cost $12 trillion in 2025

Forrester’s 2025 Predictions report outlines critical cybersecurity, risk, and privacy challenges on the horizon. Cybercrime costs are expected to cost $12 trillion by 2025, with regulators stepping up efforts to protect consumer data. Organisations are urged to adopt proactive security measures to mitigate operational impacts, particularly as AI technologies and IoT devices expand.

Another major prediction is that Western governments plan to prohibit certain third-party or open-source software due to rising concerns over software supply chain attacks, which are a leading cause of worldwide data breaches. Increased pressure from Western governments has prompted private companies to produce software bills of materials (SBOMs), enhancing transparency regarding software components.

However, these SBOMs also reveal the reliance on third-party and open-source software in government purchases. In 2025, armed with this knowledge, Forrester says that a government will impose restrictions on a specific open-source component for national security reasons. Consequently, software suppliers will need to eliminate the problematic components and find alternatives to maintain functionality.

Among the key forecasts is the EU issuing its first fine under the new EU AI Act to a general-purpose AI (GPAI) model provider. Forrester warns that companies unprepared for AI regulations will face significant third-party risks. As generative AI models become more widespread, businesses must thoroughly vet providers and gather evidence to avoid fines and investigations. Another major prediction is a large-scale Internet of Things (IoT) device breach, with malicious actors finding it easier to compromise common IoT systems. Such breaches could lead to widespread disruption, forcing organisations to engage in costly remediation efforts.

Forrester also anticipates that Chief Information Security Officers (CISOs) will reduce their focus on generative AI applications by 10%, citing a need for measurable value. Currently, 35% of global CISOs and CIOs prioritise AI to boost employee productivity, but growing disillusionment and limited budgets are expected to hinder further AI adoption. The report reveals that 18% of global AI decision-makers already see budget limitations as a major barrier, a figure projected to increase as organisations struggle to justify investment in AI initiatives.

The report also highlights a rise in cybersecurity incidents. In 2023, 28% of security decision-makers reported six or more data breaches, up 16 percentage points from 2022. Additionally, 72% of those decision-makers experienced data breach costs exceeding $1 million. Despite these alarming statistics, only 16% of global security leaders prioritised testing and refining their incident response processes in 2023, leaving many organisations unprepared for future attacks.

Human-related cybersecurity risks, such as deepfakes, insider data theft, generative AI misuse, and human error, are expected to become more complex as communication channels expand. Forrester also explores how generative AI could reshape identity and access management, addressing challenges like identity administration, audit processes, lifecycle management, and authentication. In conclusion, the report urges companies to brace for evolving threats and adopt forward-thinking strategies to protect their assets as cybersecurity landscapes shift.