SpaceX is set to invest $1.5 billion in Vietnam, boosting Starlink’s satellite internet services in the country. The government has restarted discussions after talks paused at the end of 2023. Officials are now working closely with SpaceX to finalise plans.
The investment could improve internet access in mountainous regions and strengthen infrastructure for activities such as education and disaster response. SpaceX is particularly interested in supporting the country’s development and improving connectivity.
Disputes over strict regulations on foreign ownership of internet service firms previously stalled discussions. Vietnam limits foreign control to 50%, whereas SpaceX had sought a controlling stake, which may still pose challenges.
While South Korean memory giants Samsung Electronics and SK hynix experienced a significant sales increase in China during the first half of this year, the report by the Korea Eximbank Overseas Economic Research Institute indicates that South Korea’s reliance on China for critical semiconductor raw materials is also growing. Key materials such as silicon, germanium, gallium, and indium have seen notable increases in demand, with South Korea’s dependence on silicon rising from 68.8% to 75.4% in 2022.
The report emphasises an increasing reliance on rare earth elements, crucial for semiconductor abrasives, and a slight uptick in dependence on tungsten, which is vital for semiconductor wiring. This trend is occurring against the backdrop of export restrictions enacted by the Chinese government on critical minerals such as germanium and gallium, in response to US sanctions. Currently, China dominates the global supply, producing 98% of the world’s gallium and 60% of its germanium, underscoring its pivotal role in the semiconductor supply chain.
Dependence on germanium rose significantly by 17.4 percentage points to 74.3% in 2022, and reliance on gallium and indium also increased by 20.5 percentage points to 46.7%. Despite the Chinese government’s export restrictions, local production among major Chinese firms has remained stable. For example, Samsung’s NAND flash facility in Xi’an has boosted its share of the company’s total NAND capacity from 29% in 2021 to 37% in 2023, with expectations to reach 40% this year.
Nokia and Viettel Group have embarked on a transformative partnership to deploy 5G infrastructure across Vietnam, marking a significant milestone in the country’s digital evolution. The landmark agreement will span 22 provinces, facilitating Viettel’s ambitious strategy to enhance its 5G capabilities and drive digital transformation nationwide.
In addition to rolling out new 5G technology, Nokia will modernise Viettel’s existing 4G infrastructure, ensuring a seamless transition and optimised performance. The deployment will begin this year and will involve installing advanced equipment across 2,500 sites, including AirScale baseband solutions and Massive MIMO radios, all powered by Nokia’s innovative and energy-efficient ReefShark System-on-Chip technology.
That collaboration aligns with the Vietnamese government’s vision of establishing 5G as a critical national infrastructure, anticipated to play a vital role in boosting the digital economy, which is projected to contribute between 20% and 30% of the nation’s GDP by 2030. Together, Nokia and Viettel Group are poised to create new opportunities for economic growth and increased productivity, fostering a robust digital service ecosystem that will benefit consumers and businesses alike.
A senior executive at CrowdStrike apologised to a US House of Representatives subcommittee for a software update that caused a global IT outage in July. Adam Meyers, the company’s senior vice president for counter-adversary operations, explained that a faulty content configuration update to the Falcon Sensor security software led to widespread system crashes. Meyers assured lawmakers that CrowdStrike has reviewed its systems and is improving its update procedures to prevent future issues.
The 19 July incident, though not caused by a cyberattack or AI, led to widespread disruptions across various industries, including airlines, healthcare, media, and banks. Millions of Microsoft Windows devices were impacted, with the outage causing flight cancellations and service interruptions globally. Delta Air Lines, which cancelled 7,000 flights, is pursuing legal action against CrowdStrike, although the company denies responsibility for the airline’s losses.
In the wake of the incident, CrowdStrike lowered its revenue and profit forecasts, acknowledging that the financial impact of the faulty update could affect the company for up to a year.
In a report released on 19 September, Google-owned Mandiant detailed the activities of a group it identified as UNC1860. The report highlighted the group’s advanced tools and hidden backdoors, which continue to be leveraged by other Iranian hacking operations.
The report notes that an Iranian cyber unit within the Ministry of Intelligence and Security (MOIS) has emerged as a key facilitator for the nation’s hackers, offering persistent access to critical systems in the Middle East, particularly in telecommunications and government sectors.
Mandiant adds that these groups allegedly provided initial access for cyberattacks, including operations in late 2023 against Israel using BABYWIPER malware and in 2022 against Albania with ROADSWEEP. While Mandiant couldn’t verify UNC1860’s direct involvement, they identified software designed to support such handoff operations.
UNC1860’s toolkit includes a variety of utilities that enable initial access and lateral movement within networks. These tools are engineered to bypass security software and provide covert access, which could be used for espionage or network attacks.
Mandiant describes UNC1860 as a highly capable threat actor that likely supports a range of goals, from spying to direct network assaults. The firm also reported UNC1860’s collaboration with other MOIS-associated groups like APT34, known for breaching government systems in countries like Jordan, Israel, and Saudi Arabia. A recent APT34 operation was uncovered targeting Iraqi officials.
America’s Three Mile Island energy plant, infamous for the worst nuclear accident in US history, is preparing to reopen after Microsoft signed a 20-year deal to purchase power from the facility. The plant is scheduled to restart in 2028 following upgrades and will supply clean energy to support Microsoft’s growing data centres, especially those focused on AI. The agreement is pending regulatory approval.
Constellation Energy, the plant owner, confirmed that the reactor set to restart is separate from the unit involved in the 1979 accident, which, while not fatal, created significant public fear surrounding nuclear power. This deal represents a revival of interest in atomic energy, driven by increasing concerns about climate change and rising energy needs. The CEO of Constellation described this move as a “rebirth” of nuclear power, highlighting its potential as a dependable source of carbon-free energy.
The plant’s reopening is projected to create 3,400 jobs and add over 800 megawatts of carbon-free electricity to the grid, driving significant economic activity. Although the revival has faced some protests, it underscores a growing trend among tech companies, with Amazon also exploring nuclear energy to meet its expanding energy demands.
The NCSC has collaborated with cybersecurity agencies from the United States, Australia, Canada, and New Zealand to effectively address the global botnet threat. That joint effort underscores the importance of international cooperation in tackling cyber threats that span multiple countries.
By combining their expertise and resources, these agencies have been able to produce a comprehensive advisory that provides detailed information on the botnet’s operation, its impact, and the types of devices it targets. Consequently, this collaboration ensures a robust and unified response to the threat, reflecting the global commitment to enhancing cybersecurity.
Moreover, the advisory issued by these agencies details how the botnet, managed by Integrity Technology Group and used by the cyber actor Flax Typhoon, exploits vulnerabilities in internet-connected devices. It includes technical information on the botnet’s activities, such as malware distribution and Distributed Denial of Service (DDoS) attacks, and offers practical mitigation strategies.
Therefore, it underscores the need for updating and securing devices to prevent them from becoming part of the botnet, providing crucial guidance to individuals and organisations seeking to protect their digital infrastructure. In addition, this international collaboration serves to promote proactive security measures and raise awareness about cybersecurity best practices. The joint advisory encourages users to safeguard their devices and avoid contributing to malicious activities immediately.
The United States is pushing Vietnam to avoid using Chinese firm HMN Technologies in its plan to build 10 new undersea cables by 2030, amid concerns over national security and sabotage. Vietnam’s current cables, essential for global internet connectivity, have suffered repeated failures, prompting the government to prioritise new projects.
Washington is lobbying Hanoi to select more experienced and trusted suppliers for the cables, citing concerns about espionage and security threats linked to HMN Technologies, which the US views as associated with Chinese tech giant Huawei. The US has also raised concerns about possible sabotage of Vietnam’s current subsea cables.
Vietnamese authorities have remained open to working with Chinese firms, but United States officials have stressed that choosing HMN Tech could discourage American companies from investing in Vietnam. Meanwhile, Vietnam’s top telecoms company, Viettel, is already planning a cable with Singapore, bypassing disputed waters in the South China Sea.
The US and China are vying for influence in Vietnam as the Southeast Asian nation looks to expand its undersea cable infrastructure. Both countries are heavily invested in Vietnam, with subsea cables becoming a critical element in the broader US-China technology rivalry.
The US Federal Bureau of Investigation has disrupted another major Chinese hacking group, dubbed ‘Flax Typhoon,’ which had compromised thousands of devices globally. The FBI and officials from several allied countries accused a Chinese company, the Integrity Technology Group, of running the operation under the guise of an IT firm. FBI Director Christopher Wray revealed that the group was gathering intelligence and conducting surveillance for Chinese security agencies, targeting critical infrastructure as well as corporations, media organisations, and universities.
Cybersecurity officials from the UK, Canada, Australia, and New Zealand also joined the US in condemning the hacking group, noting that over 250,000 devices had been compromised as of June. The operation involved hijacking devices through a botnet—a network of infected cameras and storage devices—and was reportedly part of China’s broader cyber-sabotage efforts. Flax Typhoon’s activities mirrored those of another China-backed group, Volt Typhoon, which has been scrutinised for targeting US infrastructure.
The Chinese Embassy in Washington denied the accusations, claiming that the US had made baseless allegations. Despite China’s dismissal, the FBI remains firm, with Wray emphasising that this takedown is only one part of a longer struggle to counter Chinese cyberattacks. The operation faced some retaliation from the hackers, who launched a cyberattack in response but eventually retreated, leaving the FBI in control of the botnet’s infrastructure.
The American Cybersecurity and Infrastructure Security Agency (CISA) has introduced the Federal Civilian Executive Branch (FCEB) Operational Cybersecurity Alignment (FOCAL) Plan, a key initiative designed to enhance federal cybersecurity across over 100 FCEB agencies. That plan establishes a framework for coordinated support and services, aiming to reduce cyber risks through a unified defence strategy.
The FOCAL Plan prioritises five key areas to advance operational cybersecurity: Asset Management, which focuses on understanding and managing the cyber environment and interconnected assets; Vulnerability Management, aimed at proactively protecting against threats and assessing defensive capabilities; Defensible Architecture, which emphasises building resilient infrastructure; Cyber Supply Chain Risk Management (C-SCRM), to identify and mitigate risks from third parties; and Incident Detection and Response, designed to enhance Security Operations Centers (SOCs) in managing and limiting the impact of security incidents.
The US Cybersecurity and Infrastructure Security Agency (CISA) also notes that while the FOCAL Plan is tailored for federal agencies, it provides valuable insights for public and private sector organisations. It is a practical guide for developing effective cybersecurity strategies and improving coordination across enterprise security capabilities. Rather than offering an exhaustive checklist, the FOCAL Plan prioritises key actions that will drive significant advancements in cybersecurity and alignment goals within the federal sector.
