According to Lumen Technologies, a Chinese hacking group has exploited a software flaw, compromising several internet companies in the US and abroad. Researchers at Lumen revealed that the hackers targeted a previously unknown vulnerability in Versa Director, a software platform used by Santa Clara-based Versa Networks. The attack began early in June and affected four US firms and one in India.
Versa Networks acknowledged the flaw and urged customers to update their software. Lumen’s researchers believe the hacking campaign was conducted by the Chinese government-backed group, ‘Volt Typhoon.’
Allegedly, the attackers aimed to surveil the customers of the compromised internet companies. Cybersecurity experts warn that such access could enable broad, undetected surveillance.
The US Cybersecurity and Infrastructure Security Agency added the Versa vulnerability to its list of known exploited weaknesses. Concerns over China’s cyber activities have grown, with US officials noting an increase in the intensity of these efforts. In April, the FBI warned that China was developing the capability to disrupt critical infrastructure.
Microsoft plans to host a cybersecurity summit in September following a global IT outage caused by a flawed update from CrowdStrike in July. The outage disrupted nearly 8.5 million Windows devices and had widespread impacts across sectors, including airlines, banks, and healthcare. In response, Microsoft’s summit, scheduled for 10 September at its Redmond, Washington headquarters, will focus on strengthening cybersecurity systems and include discussions with government representatives and industry stakeholders.
The July outage highlighted the risks of relying on single-vendor cybersecurity solutions, as many organisations struggled to manage the disruption. CrowdStrike, the company at the centre of the incident, faces multiple legal challenges, including a lawsuit from shareholders alleging that the company failed to test its software, leading to the massive disruption properly. Delta Air Lines, one of the companies severely affected, has also initiated legal action, citing at least $500 million in losses due to flight cancellations.
CrowdStrike’s market value has dropped by approximately $9 billion since the outage, and the company is under intense scrutiny as it prepares to report its second-quarter financial results. The upcoming summit is seen as a critical step in addressing the vulnerabilities exposed by the incident and fostering a more resilient cybersecurity ecosystem.
Oilfield services company Halliburton disclosed on Friday that an unauthorised third party had breached some of its systems. The company, which discovered the breach two days prior, has initiated an internal investigation and taken affected systems offline to safeguard its data.
Halliburton is currently assessing the impact of the incident, but as of now, there is no evidence of any disruption to energy services. The US Department of Energy confirmed on Thursday that the breach had not affected the provision of energy services.
The EU is facing a significant divide among its member states regarding the regulation of high-risk telecom suppliers, particularly Huawei and ZTE, in the context of 5G network infrastructure. Eleven of the 27 EU countries have enacted legal measures to restrict these suppliers following the European Commission’s adoption of the 5G Cybersecurity Toolbox in 2020.
The following divide reflects varying levels of concern about national security, economic interests, and diplomatic relations. Scepticism surrounding Huawei and ZTE intensified in 2018 when numerous countries, including the US and Japan, began excluding these companies from public tenders due to allegations of espionage and their ties to the Chinese government.
Sweden was among the first EU nations to ban Huawei, mandating the removal of its equipment from 5G networks by 1 January 2025. Despite Huawei’s denials of wrongdoing, distrust persists within the EU. Responses to these security concerns vary significantly. Germany has announced that components from Huawei and ZTE must be removed from its 5G core networks by the end of 2026, aligning with its National Security Strategy.
In contrast, Italy has taken a more cautious approach, evaluating cases involving Huawei individually. Despite signing a 5G security declaration with the US, Slovenia rejected a bill to exclude high-risk manufacturers, indicating a more lenient stance.
NATO’s initiative to enhance global internet resilience through satellite communications has made significant strides since its launch on 31 July 2024. With a $2.5 million investment from NATO’s Science for Peace and Security (SPS) programme, the project aims to create a hybrid network that can reroute data during emergencies when undersea cables are compromised.
Collaborating with prestigious institutions like Cornell University and Johns Hopkins University, the consortium known as HEIST is focused on developing a working prototype within the next two years, with a demonstration planned at the Blekinge Institute of Technology in Sweden.
The initiative seeks to bolster internet security by integrating satellite and submarine cable technologies and addresses the complex legal challenges associated with international telecommunications. By promoting collaboration among NATO Allies and partners, this project represents a proactive approach to safeguarding critical infrastructure and ensuring the stability of global communications in an increasingly digital landscape.
The Defense Advanced Research Projects Agency (DARPA) announced the finalists for its AI Cyber Challenge (AIxCC) at DEF CON, a competition that rewards teams for training large language models (LLMs) to identify and fix vulnerabilities in open-source code. BigTech companies like Google, Microsoft, Anthropic, and OpenAI supported participants with AI model credits. The challenge saw about 40 teams submit projects, which were tested on their ability to detect and remediate injected vulnerabilities in open-source coding projects.
Experts say that generative AI can help automate the detection and patching of security flaws in code, and this development can be critical as unsophisticated yet harmful cyberattacks increasingly target critical facilities such as hospitals and water systems. Automating basic cybersecurity practices, such as scanning and fixing code bugs, could significantly reduce these incidents.
Despite running these tests in a controlled, sandboxed environment, the semifinalists’ LLM projects managed to discover 22 unique vulnerabilities and automatically patch 15 of them. DARPA, which has invested over $2 billion in AI research since 2018, plays a unique role in cybersecurity innovation: it created a mock city under cyberattack within DEF CON, attracting over 12,500 visitors. The seven finalist teams will compete in the challenge’s final round at next year’s DEF CON conference, with government officials hoping these AI tools will soon be applied to protect real-life critical infrastructure.
Anne Neuberger, the Biden administration’s deputy national security advisor for cyber and emerging technology, emphasised the goal of using AI for defense as swiftly as adversaries use it for offense. The White House is already collaborating with the Department of Energy to explore deploying these AI tools within the energy sector and hopes to eventually apply them to proprietary company code.
An international operation has dismantled the criminal ransomware group Radar/Dispossessor, which had been targeting companies across various sectors, including healthcare and transport. Authorities from the United States and Germany led the effort to bring down the group, which was founded in August 2023 and initially focused on the US before expanding its attacks globally.
The investigation has identified 43 companies as victims, spanning countries such as the UK, Germany, Brazil, and Australia. The group, led by an individual using the alias ‘Brain’, primarily targeted small to medium-sized enterprises. Many more companies are believed to have been affected, with some cases still under investigation.
Radar/Dispossessor exploited vulnerable computer systems, often through weak passwords and the absence of two-factor authentication, to hold data for ransom. Authorities successfully dismantled servers and domains associated with the group in Germany, the US, and Britain.
Twelve suspects have been identified, hailing from various countries, including Germany, Russia, Ukraine, and Kenya. Investigations are ongoing to identify further suspects and uncover more companies that may have been victimised.
Elon Musk’s Starlink has been granted a licence to offer satellite broadband services in Sri Lanka. This development follows the country’s recent amendment to its telecommunications law, the first change in 28 years, which allowed Starlink Lanka to establish its presence.
Sri Lanka’s parliament passed the updated telecommunications bill last month, clearing the way for new players like Starlink to enter the market. The satellite service, a subsidiary of SpaceX, owns around 60% of the 7,500 satellites currently in orbit, solidifying its dominance in the satellite internet sector.
In March, Starlink proposed to set up operations in Sri Lanka, with officials confirming the company will need to pay a tariff for the licence. While Starlink has shown interest in expanding into South Asia, including India, no concrete plans have been revealed.
Starlink has not yet commented on the recent developments, leaving questions about its next steps in the region.
IBM has teamed up with WWF-Germany to develop an AI-driven solution aimed at safeguarding African forest elephants, a species facing severe threats from poaching and habitat loss. This new technology will use AI to accurately identify individual elephants from camera trap photos, enhancing conservation efforts and allowing for more precise tracking of these endangered animals.
The partnership will combine IBM’s technological expertise with WWF’s conservation knowledge to create an AI-powered tool that could revolutionise how elephants are monitored. By focusing on image recognition, the technology aims to identify elephants by their unique physical features, such as heads and tusks, much like human fingerprints.
Additionally, the collaboration will employ IBM Environmental Intelligence to monitor and analyse biomass and vegetation in elephant habitats. The data will be crucial in predicting elephant movements and assessing the ecosystem services provided by these animals, such as carbon sequestration. Such insights could also pave the way for sustainable finance investments by quantifying the carbon services offered by elephants.
IBM emphasised the broader potential of this initiative, highlighting its role in supporting nature restoration and contributing to global climate change efforts. By integrating advanced technology with conservation strategies, the partnership seeks to make a lasting positive impact on both the environment and sustainable development.
The Australian gold mining company has confirmed it was targeted by a cyberattack last week, joining a growing list of domestic firms hit by similar breaches. The incident comes as Australia continues to grapple with a wave of cyber attacks that have exposed vulnerabilities in the country’s cyber security infrastructure. Although Evolution Mining has stated that the security breach has been contained, it has not provided further details about the extent of the damage or the nature of the attack.
The company has reported the incident to the Australian Cyber Security Centre, which has acknowledged the report but noted that Evolution Mining did not supply much information on the breach. Despite the attack, Evolution Mining assured that its operations would not be materially impacted. The Australian government has recently strengthened its cyber defences by increasing law enforcement funding and mandating the reporting of cyber attacks as part of a broader security overhaul.
Cyber crime has been on the rise in Australia, with reports increasing by nearly 25% in the year leading up to June 2023. The average cost to victims has also surged by 14%. Experts have pointed out that the country’s cyber security industry is under-resourced and may not be fully equipped to handle the growing threat. The increased collaboration between Australia, the US, and Britain under a new defence agreement has also made Australia a more prominent target for cyber attacks.
The attack on Evolution Mining echoes a series of breaches that have affected major Australian companies in recent years, including Optus, Woolworths, Medibank, DP World Australia and the Australian unit of Shell. These incidents have brought attention to the urgent need for stronger cyber defences as Australia continues to face significant digital security challenges.
