Critical infrastructure

INTERPOL cracks down on global cybercrime networks

Over 20,000 malicious IP addresses and domains linked to data-stealing malware have been taken down during Operation Secure, a coordinated cybercrime crackdown led by INTERPOL between January and April 2025.

Law enforcement agencies from 26 countries worked together to locate rogue servers and dismantle criminal networks instead of tackling threats in isolation.

The operation, supported by cybersecurity firms including Group-IB, Kaspersky and Trend Micro, led to the removal of nearly 80 per cent of the identified malicious infrastructure. Authorities seized 41 servers, confiscated over 100GB of stolen data and arrested 32 suspects.

More than 216,000 individuals and organisations were alerted, helping them act quickly by changing passwords, freezing accounts or blocking unauthorised access.

Vietnamese police arrested 18 people, including a group leader found with cash, SIM cards and business records linked to fraudulent schemes. Sri Lankan and Nauruan authorities carried out home raids, arresting 14 suspects and identifying 40 victims.

In Hong Kong, police traced 117 command-and-control servers across 89 internet providers. INTERPOL hailed the effort as proof of the impact of cross-border cooperation in dismantling cybercriminal infrastructure instead of allowing it to flourish undisturbed.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Europe’s new digital diplomacy: From principles to power

In a decisive geopolitical shift, the European Union has unveiled its 2025 International Digital Strategy, signalling a turn from a values-first diplomacy to a focus on security and competitiveness. As Jovan Kurbalija explains in his blog post titled ‘EU Digital Diplomacy: Geopolitical shift from focus on values to economic security‘, the EU is no longer simply exporting its regulatory ideals — often referred to as the ‘Brussels effect’ — but is now positioning digital technology as central to its economic and geopolitical resilience.

The strategy places special emphasis on building secure digital infrastructure, such as submarine cables and AI factories, and deepening digital partnerships across continents. Unlike the 2023 Council Conclusions, which promoted a human-centric, rights-based approach to digital transformation, the 2025 Strategy prioritises tech sovereignty, resilient supply chains, and strategic defence-linked innovations.

Human rights, privacy, and inclusivity still appear, but mainly in supporting roles to broader goals of power and resilience. The EU’s new path reflects a realpolitik understanding that its survival in the global tech race depends on alliances, capability-building, and a nimble response to the rapid evolution of AI and cyber threats.

In practice, this means more digital engagement with key partners like India, Japan, and South Korea and coordinated global investments through the ‘Tech Team Europe’ initiative. The strategy introduces new structures like a Digital Partnership Network while downplaying once-central instruments like the AI Act.

With China largely sidelined and relations with the US in ‘wait and see’ mode, the EU seems intent on building an independent but interconnected digital path, reaching out to the Global South with a pragmatic offer of secure digital infrastructure and public-private investments.

Why does it matter?

Yet, major questions linger: how will these ambitious plans be implemented, who will lead them, and can the EU maintain coherence between its internal democratic values and this outward-facing strategic assertiveness? As Kurbalija notes, the success of this new digital doctrine will hinge on whether the EU can fuse its soft power legacy with the hard power realities of a turbulent tech-driven world.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Massive leak exposes data of millions in China

Cybersecurity researchers have uncovered a brief but significant leak of over 600 gigabytes of data, exposing information on millions of Chinese citizens.

The haul, containing WeChat, Alipay, banking, and residential records, is part of a centralised system, possibly aimed at large-scale surveillance instead of a random data breach.

According to research from Cybernews and cybersecurity consultant Bob Diachenko, the data was likely used to build individuals’ detailed behavioural, social and economic profiles.

They warned the information could be exploited for phishing, fraud, blackmail or even disinformation campaigns instead of remaining dormant. Although only 16 datasets were reviewed before the database vanished, they indicated a highly organised and purposeful collection effort.

The source of the leak remains unknown, but the scale and nature of the data suggest it may involve government-linked or state-backed entities rather than lone hackers.

The exposed information could allow malicious actors to track residence locations, financial activity and personal identifiers, placing millions at risk instead of keeping their lives private and secure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Digital Social Security cards coming this summer

The US Social Security Administration is launching digital access to Social Security numbers in the summer of 2025 through its ‘My Social Security’ portal. The initiative aims to improve convenience, reduce physical card replacement delays, and protect against identity theft.

The digital rollout responds to the challenges of outdated paper cards, rising fraud risks, and growing demand for remote access to US government services. Cybersecurity experts also recommend using VPNs, antivirus software, and identity monitoring services to guard against phishing scams and data breaches.

While it promises faster and more secure access, experts urge users to bolster account protection through strong passwords, two-factor authentication, and avoidance of public Wi-Fi when accessing sensitive data.

Users should regularly check their credit reports and SSA records and consider requesting an IRS PIN to prevent tax-related fraud. The SSA says this move will make Social Security more efficient without compromising safety.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Workers struggle as ChatGPT goes down

The temporary outage of ChatGPT this morning left thousands of users struggling with their daily tasks, highlighting a growing reliance on AI.

Social media was flooded with humorous yet telling posts from users expressing their inability to perform even basic functions without AI. This incident has reignited concerns about society’s increasing dependence on closed-source AI tools for work and everyday life.

OpenAI, the developer of ChatGPT, is currently investigating the technical issues that led to ‘elevated error rates and latency.’ The widespread disruption underscores a broader debate about AI’s impact on critical thinking and productivity.

While some research suggests AI chatbots can enhance efficiency, others, like Paul Armstrong, argue that frequent reliance on generative tools may diminish critical thinking skills and understanding.

The discussion around AI’s role in the workplace was a key theme at the recent SXSW London event. Despite concerns about job displacement, exemplified by redundancies at Canva, firms like Lloyd’s Market Association are increasingly adopting AI, with 40% of London market companies now using it.

Industry leaders maintain that AI aims to rethink workflows and empower human creativity, with a ‘human layer’ remaining essential for refining and adding nuanced value.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

M&S resumes online orders after cyberattack

Marks & Spencer has resumed online clothing orders following a 46-day pause triggered by a cyberattack. The retailer restarted standard home delivery across England, Scotland and Wales, focusing initially on best-selling and new items instead of the full range.

A spokesperson stated that additional products will be added daily, enabling customers to gradually access a wider selection. Services such as click and collect, next-day delivery, and international orders are expected to be reintroduced in the coming weeks, while deliveries to Northern Ireland will resume soon.

The disruption began on 25 April when M&S halted clothing and home orders after issues with contactless payments and app services during the Easter weekend. The company revealed that the breach was caused by hackers who deceived staff at a third-party contractor, bypassing security defences.

M&S had warned that the incident could reduce its 2025/26 operating profit by around £300 million, though it aims to limit losses through insurance and internal cost measures. Shares rose 3 per cent as the online service came back online.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Trump Executive Order revises US cyber policy and sanctions scope

US President Donald J. Trump signed a new Executive Order (EO) aimed at amending existing federal cybersecurity policies. The EO modifies selected provisions of previous executive orders signed by former Presidents Barack Obama and Joe Biden, introducing updates to sanctions policy, digital identity initiatives, and secure technology practices.

One of the main changes involves narrowing the scope of sanctions related to malicious cyber activity. The new EO limits the applicability of such sanctions to foreign individuals or entities involved in cyberattacks against US critical infrastructure. It also states that sanctions do not apply to election-related activities, though this clarification is included in a White House fact sheet rather than the EO text itself.

The order revokes provisions from the Biden-era EO that proposed expanding the use of federal digital identity documents, including mobile driver’s licenses. According to the fact sheet, this revocation is based on concerns regarding implementation and potential for misuse. Some analysts have expressed concerns about the implications of this reversal on broader digital identity strategies.

In addition to these policy revisions, the EO outlines technical measures to strengthen cybersecurity capabilities across federal agencies. These include:

  • Developing new encryption standards to prepare for advances in quantum computing, with implementation targets set for 2030.
  • Directing the National Security Agency (NSA) and Office of Management and Budget (OMB) to issue updated federal encryption requirements.
  • Refocusing artificial intelligence (AI) and cybersecurity initiatives on identifying and mitigating vulnerabilities.
  • Assigning the National Institute of Standards and Technology (NIST) responsibility for updating and guiding secure software development practices. This includes the establishment of an industry consortium and a preliminary update to its secure software development framework.

The EO also includes provisions for improving vulnerability tracking and mitigation in AI systems, with coordination required among the Department of Defence, the Department of Homeland Security, and the Office of the Director of National Intelligence.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cybersecurity alarm after 184 million credentials exposed

A vast unprotected database containing over 184 million credentials from major platforms and sectors has highlighted severe weaknesses in data security worldwide.

The leaked credentials, harvested by infostealer malware and stored in plain text, pose significant risks to consumers and businesses, underscoring an urgent need for stronger cybersecurity and better data governance.

Cybersecurity researcher Jeremiah Fowler discovered the 47 GB database exposing emails, passwords, and authorisation URLs from tech giants like Google, Microsoft, Apple, Facebook, and Snapchat, as well as banking, healthcare, and government accounts.

The data was left accessible without any encryption or authentication, making it vulnerable to anyone with the link.

The credentials were reportedly collected by infostealer malware such as Lumma Stealer, which silently steals sensitive information from infected devices. The stolen data fuels a thriving underground economy involving identity theft, fraud, and ransomware.

The breach’s scope extends beyond tech, affecting critical infrastructure like healthcare and government services, raising concerns over personal privacy and national security. With recurring data breaches becoming the norm, industries must urgently reinforce security measures.

Chief Data Officers and IT risk leaders face mounting pressure as regulatory scrutiny intensifies. The leak highlights the need for proactive data stewardship through encryption, access controls, and real-time threat detection.

Many organisations struggle with legacy systems, decentralised data, and cloud adoption, complicating governance efforts.

Enterprise leaders must treat data as a strategic asset and liability, embedding cybersecurity into business processes and supply chains. Beyond technology, cultivating a culture of accountability and vigilance is essential to prevent costly breaches and protect brand trust.

The massive leak signals a new era in data governance where transparency and relentless improvement are critical. The message is clear: there is no room for complacency in safeguarding the digital world’s most valuable assets.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU launches global digital strategy

The European Union has launched a sweeping international digital strategy to bolster its global tech leadership and secure a human-centric digital transformation. With the digital and AI revolution reshaping economies and societies worldwide, the EU is positioning itself as a reliable partner in building resilient, open, and secure digital ecosystems.

The strategy prioritises collaboration with international partners to scale digital infrastructure, strengthen cybersecurity, and support emerging technologies like AI, quantum computing, and semiconductors while promoting democratic values and human rights in digital governance. The EU will deepen and expand its global network of Digital Partnerships and Dialogues to remain competitive and secure in a fast-changing geopolitical landscape.

These collaborations focus on research, industrial innovation, regulatory cooperation, and secure supply chains, while engaging countries across Africa, Latin America, Asia, and the EU’s own neighbourhood. The strategy also leverages trade instruments and investment frameworks such as the Global Gateway to support secure 5G and 6G networks, submarine cables, and digital public infrastructure, helping partner countries improve connectivity, resilience, and sustainability.

To enhance global digital governance, the EU is pushing for international standards that uphold privacy, security, and openness, and opposing efforts to fragment the internet. It supports inclusive multilateralism, working through institutions like the UN, G7, and OECD to shape rules for the digital age.

With initiatives ranging from AI safety cooperation and e-signature mutual recognition to safeguarding children online and combating disinformation, the EU aims to set the benchmark for ethical and secure digital transformation. At the heart of this vision is the EU Tech Business Offer—a modular, cross-border platform combining technology, capacity-building, and financing.

Through Team Europe and partnerships with industry, the EU seeks to bridge the digital divide, export trusted digital solutions, and foster an interconnected world aligned with European democratic principles. The strategy underscores that in today’s interconnected world, the EU’s prosperity and security hinge on shaping a digital future that is competitive, inclusive, and values-driven.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

M&S CEO targeted by hackers in abusive ransom email

Marks & Spencer has been directly targeted by a ransomware group calling itself DragonForce, which sent a vulgar and abusive ransom email to CEO Stuart Machin using a compromised employee email address.

The message, laced with offensive language and racist terms, demanded that Machin engage via a darknet portal to negotiate payment. It also claimed that the hackers had encrypted the company’s servers and stolen customer data, a claim M&S eventually acknowledged weeks later.

The email, dated 23 April, appears to have been sent from the account of an Indian IT worker employed by Tata Consultancy Services (TCS), a long-standing M&S tech partner.

TCS has denied involvement and stated that its systems were not the source of the breach. M&S has remained silent publicly, neither confirming the full scope of the attack nor disclosing whether a ransom was paid.

The cyber attack has caused major disruption, costing M&S an estimated £300 million and halting online orders for over six weeks.

DragonForce has also claimed responsibility for a simultaneous attack on the Co-op, which left some shelves empty for days. While nothing has yet appeared on DragonForce’s leak site, the group claims it will publish stolen information soon.

Investigators believe DragonForce operates as a ransomware-as-a-service collective, offering tools and platforms to cybercriminals in exchange for a 20% share of any ransom.

Some experts suspect the real perpetrators may be young hackers from the West, linked to a loosely organised online community called Scattered Spider. The UK’s National Crime Agency has confirmed it is focusing on the group as part of its inquiry into the recent retail hacks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!