Critical infrastructure

Quantum tech could break online security, warns India

The Indian Computer Emergency Response Team (CERT-In), alongside cybersecurity firm SISA, cautions that these powerful machines could soon break the encryption used to protect everything from online banking to personal identity systems.

CERT-In’s new white paper outlines how attackers may already be stockpiling encrypted data to unlock later using quantum tools, a tactic called ‘harvest now, decrypt later’. If left unaddressed, this strategy could expose sensitive data stored today once quantum technology matures.

AI is adding to the urgency. As it becomes more embedded in digital systems, it also increases access to user data, raising the stakes if encryption is compromised. The biggest digital systems in India, including Aadhaar, cryptocurrencies, and smart devices, are seen as particularly exposed to this looming risk.

Everyday users are advised to take precautions: update devices regularly, use strong passwords with multi-factor authentication, and avoid storing sensitive data online long-term. Services like Signal or ProtonMail, which use strong encryption, are also recommended.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Hackers hide malware using DNS TXT records

Hackers are increasingly exploiting DNS records to deliver malware undetected, according to new research from DomainTools.

Instead of relying on typical delivery methods such as emails or downloads, attackers now hide malicious code within DNS TXT records, part of the Domain Name System, often overlooked by security systems.

The method involves converting malware into hexadecimal code, splitting it into small segments, and storing each chunk in the TXT record of subdomains under domains like whitetreecollective.com.

Once attackers gain limited access to a network, they retrieve these chunks via ordinary-looking DNS queries, reassembling them into functioning malware without triggering antivirus or firewall alerts.

The rising use of encrypted DNS protocols like DNS-over-HTTPS and DNS-over-TLS makes detecting such queries harder, especially without in-house DNS resolvers equipped for deep inspection.

Researchers also noted that attackers are using DNS TXT records for malware and embedding harmful text designed to manipulate AI systems through prompt injection.

Ian Campbell of DomainTools warns that even organisations with strong security measures struggle to detect such DNS-based threats due to the hidden nature of the traffic.

Instead of focusing solely on traditional defences, organisations are advised to monitor DNS traffic closely, log and inspect queries through internal resolvers, and restrict DNS access to trusted sources. Educating teams on these emerging threats remains essential for maintaining robust cybersecurity.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

xAI eyes data centre deal with Humain

Elon Musk’s AI venture, xAI, has entered early discussions with Humain to secure data centre capacity instead of relying solely on existing infrastructure.

According to Bloomberg, the arrangement could involve several gigawatts of capacity, although Humain has yet to start building its facilities, meaning any deal would take years to materialise.

Humain is backed by Saudi Arabia’s Crown Prince Mohammed bin Salman and the Public Investment Fund (PIF). xAI is reportedly considering a fresh funding round where PIF might also invest.

At the same time, xAI is negotiating with a smaller company constructing a 200-megawatt data centre, offering a more immediate solution while waiting for larger projects.

Rather than operating in isolation, xAI joins AI competitors like Google, Meta and Microsoft in racing to secure vast computing power for training large AI models. The push for massive data centre capacity reflects the escalating demands of advanced AI systems.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Quantum sector surges as Rigetti unveils modular machine

Quantum computing is progressing faster than expected, with Rigetti Computing achieving a major breakthrough. The company reached 99.5% median 2-qubit gate fidelity using a modular 36-qubit system—halving its error rate and moving closer to fault-tolerant computing.

The new machine, built from four 9-qubit chiplets, represents the industry’s largest multichip quantum system. Its modular design addresses the scalability challenges of single-chip models.

Rigetti’s superconducting qubits also outperform rivals by operating at significantly faster speeds.

Plans are in place to launch a 100+-qubit system before the end of 2025. Backing from DARPA, the US Air Force, and the UK government further validates Rigetti’s approach. Partnerships with Nvidia and Quanta Computer add commercial strength.

Despite modest revenue, Rigetti holds $575 million in cash with no debt and owns the sector’s first dedicated quantum chip factory. True commercial quantum advantage is expected between 2026 and 2028.

Shares of Rigetti, along with other quantum computing firms like IonQ and D-Wave, have surged in recent months, outperforming the broader market.

Rigetti offers strong potential—but remains a high-risk pick in a competitive field.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU helps Vietnam prepare for cyber emergencies

The European Union and Vietnam have conducted specialised cyber‑defence training to enhance the resilience of key infrastructure sectors such as power, transportation, telecoms and finance.

Participants, including government officials, network operators and technology experts, engaged in interactive threat-hunting exercises and incident simulation drills designed to equip teams with practical cyber‑response skills.

This effort builds on existing international partnerships, including collaboration with the US Cybersecurity and Infrastructure Security Agency, to align Vietnam’s security posture with global standards.

Vietnam faces an alarming shortfall of more than 700,000 cyber professionals, with over half of organisations reporting at least one breach in recent years.

The training initiative addresses critical skills gaps and contributes to national digital security resilience.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

South Korea’s new Science Minister pledges AI-led national transformation

South Korea’s new Science and ICT Minister, Bae Kyung-hoon, has pledged to turn the nation into one of the world’s top three AI powerhouses.

Instead of following outdated methods, Bae outlined a bold national strategy centred on AI, science and technology, aiming to raise Korea’s potential growth rate to 3 per cent and secure a global economic leadership position.

Bae, a leading AI expert and former president of LG AI Research, officially assumed office on Thursday.

Drawing from experience developing hyperscale AI models like LG’s Exaone, he emphasised the need to build a unique competitive advantage rooted in AI transformation, talent development and technological innovation.

Rather than focusing only on industrial growth, Bae’s policy agenda targets a broad AI ecosystem, revitalised research and development, world-class talent nurturing, and addressing issues affecting daily life.

His plans include establishing AI-centred universities, enhancing digital infrastructure, promoting AI semiconductors, restoring grassroots research funding, and expanding consumer rights in telecommunications.

With these strategies, Bae aims to make AI accessible to all citizens instead of limiting it to large corporations or research institutes. His vision is for South Korea to lead in AI development while supporting social equity, cybersecurity, and nationwide innovation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU confirms AI Act rollout and releases GPAI Code of Practice

The European Commission has confirmed it will move forward with the EU AI Act exactly as scheduled, instead of granting delays requested by tech giants and businesses.

On 10 July 2025, it published the final General-Purpose AI (GPAI) Code of Practice alongside FAQs to guide organisations aiming to comply with the new law.

Rather than opting for a more flexible timetable, the Commission is standing firm on its regulatory goals. The GPAI Code of Practice, now in its final form, sets out voluntary but strongly recommended steps for companies that want reduced administrative burdens and clearer legal certainty under the AI Act.

The document covers transparency, copyright, and safety standards for advanced AI models, including a model documentation form for providers.

Key dates have already been set. From 2 August 2025, rules covering notifications, governance, and penalties will come into force. By February 2026, official guidelines on classifying high-risk AI systems are expected.

The remaining parts of the legislation will take effect by August 2026, instead of being postponed further.

With the publication of the GPAI Code of Practice, the EU takes another step towards building a unified ethical framework for AI development and deployment across Europe, focusing on transparency, accountability, and respect for fundamental rights.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

US moves to block Chinese tech in undersea Internet cables

The United States is moving to strengthen the security of its digital infrastructure by proposing new regulations on undersea internet cables.

The Federal Communications Commission (FCC) plans to ban the connection of submarine cables to the US if they involve Chinese technology or equipment. It also aims to prohibit companies that are flagged as national security threats, including Huawei and ZTE.

Additionally, the FCC will seek public comments on further measures to protect undersea cable infrastructure, as part of an ongoing review of regulations overseeing the global network of submarine cables that carry 99% of international internet traffic.

These policy moves reflect US concerns over China’s role in internet infrastructure and potential espionage. Since 2020, regulators have blocked multiple cable projects linking the US to Hong Kong due to security risks.

Recent incidents, such as suspected sabotage in the Baltic Sea, Taiwan’s accusations of cable cutting by Chinese vessels, and Houthi-linked damage to cables in the Red Sea, highlight the growing vulnerability of global communications networks.

These steps guard against foreign adversary ownership, cyber threats, and physical sabotage.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Salt Typhoon compromises critical US infrastructure

A US state’s Army National Guard network was thoroughly compromised by the Chinese cyberespionage group Salt Typhoon from March to December 2024. According to a confidential federal memo, hackers extracted highly sensitive information, including administrator credentials, network maps, and interstate communication data, raising alarm over data leaked across all 50 states and four US territories.

Security analysts caution that the breach goes beyond intelligence gathering. With access to National Guard systems, integral to state-level threat response and civilian support, the group is poised to exploit vulnerabilities in critical infrastructure, particularly during crises or conflict.

Salt Typhoon, linked to China’s Ministry of State Security, has a track record of penetrating telecommunications, energy grids, transport systems, and water utilities. Often leveraging known vulnerabilities in Cisco and Palo Alto equipment, the group has exfiltrated over 1,400 network configuration files from more than 70 US critical infrastructure providers.

Federal agencies, including DHS and CISA, are sounding the alarm: this deep infiltration presents a serious national security threat and indicates a strategic shift in cyber warfare. Navigating Sun Typhoon’s persistent access through local and federal networks is now a top priority in defending the critical systems on which communities rely.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Broadcom challenges Nvidia with Tomahawk Ultra AI networking chip

Broadcom has introduced a new networking chip designed to boost AI data centre performance, positioning itself against Nvidia in the AI hardware race.

Called Tomahawk Ultra, the chip helps link hundreds of processors within close range, ensuring fast communication vital for large AI models.

Instead of using Nvidia’s proprietary NVLink system, Broadcom’s Tomahawk Ultra operates on an accelerated version of Ethernet and connects up to four times more chips within a server rack.

The chip acts as a traffic controller, enabling what the industry refers to as ‘scale-up’ computing — where AI models tap into combined computing power from tightly grouped chips.

According to Broadcom senior vice president Ram Velaga, it took engineers around three years to design the Tomahawk Ultra, which was originally aimed at high-performance computing but adapted for AI workloads as demand surged.

Taiwan Semiconductor Manufacturing Company (TSMC) is producing the processors using its five-nanometre process, and the chips are already shipping to customers.

Rather than requiring major hardware overhauls, the Tomahawk Ultra offers a scalable, Ethernet-based alternative for AI firms looking to build faster, more flexible data centres.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!