The UK government has announced the launch of a Laboratory for AI Security Research (LASR), an initiative to protect against emerging AI-driven threats and bolster Britain’s cyber resilience. The lab, backed by an initial £8.22 million in government funding, will bring together experts from academia, industry, and government to address AI’s evolving challenges to national security.
Speaking at the NATO Cyber Defence Conference in London, the Chancellor of the Duchy of Lancaster emphasised that AI is revolutionising national security and noted that ‘[…]as we develop this technology, there’s a danger it could be weaponised against us. Our adversaries are exploring how to use AI on the physical and cyber battlefield’.
LASR will collaborate with leading institutions, including the Alan Turing Institute, Oxford University, Queen’s University Belfast, and Plexal, alongside government agencies such as GCHQ, the National Cyber Security Centre, and the MOD’s Defence Science and Technology Laboratory. Partnerships will extend to NATO allies and Five Eyes countries, fostering an international approach to AI security.
In addition to LASR, the government announced a £1 million incident response project to help allies respond more effectively to cyberattacks. This initiative will further enhance international cooperation in managing cyber incidents.
The official communication highlights that this announcement aligns with the government’s broader agenda, including the forthcoming Cyber Security and Resilience Bill (to be introduced to Parliament in 2025) and the designation of data centres as critical national infrastructure (CNI) to secure the UK’s position as a global leader in cybersecurity and AI innovation.
Italy is ramping up its fight against cybercrime with a draft decree aimed at tackling unauthorised access to sensitive computer systems. The move follows high-profile breaches, including incidents involving state and financial databases, prompting urgent government action. The legislation, which will be discussed by the cabinet on 25 November 2024, focuses on systems critical to military, public safety, health, and civil protection.
The draft gives Italy’s chief anti-mafia prosecutor expanded authority to oversee investigations into cases of extortion linked to data breaches. This comes on the heels of several arrests tied to illicit access to state systems, with dozens more under investigation, including individuals connected to prominent figures like Leonardo Maria Del Vecchio.
Separately, authorities in Bari are probing a potential breach at Italy‘s largest bank, Intesa Sanpaolo, which may have compromised Prime Minister Giorgia Meloni’s account. These incidents underscore the urgency of the proposed crackdown as Italy seeks to safeguard its digital infrastructure.
US authorities have revealed a massive cyberattack on American telecommunications networks, describing it as the ‘worst telecom hack in our nation’s history.’ Linked to Chinese hackers, the breach targeted multiple telecom companies and allowed the interception of surveillance data meant for US law enforcement. According to a joint FBI and CISA statement, the hackers accessed sensitive call records and communications, particularly involving individuals in government and political roles.
The attack also raised alarms after reports suggested telephones belonging to Donald Trump, JD Vance, and other high-profile political figures were compromised. Senator Mark Warner, chairman of the Senate Intelligence Committee, warned that China’s long-term efforts to infiltrate global telecom systems pose a grave security risk. Hackers reportedly managed to listen to phone calls and read text messages, going beyond what the Biden administration has publicly acknowledged.
China has consistently denied allegations of hacking foreign systems, and its embassy in Washington declined to comment on the latest claims. Warner criticised the lack of sufficient safeguards, stating, “The barn door is still wide open,” as concerns over US telecom infrastructure security intensify.
South Korean police have confirmed that hackers linked to North Korea’s military intelligence agency were behind a 2019 Ethereum cryptocurrency theft valued at 58 billion won ($41.5 million at the time). Hackers infiltrated a crypto exchange and stole 342,000 Ethereum tokens, which are now worth over 1.4 trillion won ($1 billion).
The stolen funds were laundered through three hacker-controlled crypto exchanges and 51 other platforms, according to South Korea’s National Police Agency. While the exchange targeted was not officially named, South Korea-based Upbit had reported a similar transfer to an unidentified wallet during the incident. The investigation, conducted with the FBI, used IP address analysis and asset tracking to trace the theft to groups reportedly tied to North Korea’s Reconnaissance General Bureau.
This marks the first confirmed instance of North Korean hackers targeting a South Korean crypto exchange. Previously, a UN report linked North Korea to nearly $3.6 billion in crypto heists from 2017 to 2024. South Korean investigators recovered a small fraction of the stolen assets, equivalent to 600 million won, which were returned to the exchange. North Korea denies involvement in such activities despite mounting evidence to the contrary.
The EU Council, along with its member states, has adopted a declaration for the first time on this specific topic establishing a unified understanding of how international law applies to cyberspace. This declaration underscores that cyberspace is not a lawless realm and reaffirms that international law, including the UN Charter, international human rights law, and international humanitarian law, is fully applicable to activities conducted in cyberspace.
The declaration highlights the escalating threat of malicious cyber activities, such as ransomware, which have grown in scale, sophistication, and impact, posing significant risks to European societies and economies. Recognising these challenges, the EU emphasizes that adherence to the UN framework of responsible state behavior in cyberspace is essential for preserving international peace, security, and stability.
In the declaration, the EU and its member states have commented on principle of non-intervention, state sovereignty, due diligence, attribution, and countermeasures. In particular, the document highlights that “States exercise territorial jurisdiction over Information and Communications Technology (ICT) infrastructure located in their territory, and persons engaged in cyber activities, within their territory”.
The official press release notes that the declaration’s foundation was laid in April 2024, when the European External Action Service (EEAS) presented a non-paper on the topic. After careful deliberation and collaboration between the Horizontal Working Party on Cyber Issues (HWPCI) and the Working Party on Public International Law (COJUR), the text was finalized and approved by the Permanent Representatives Committee (COREPER) on 13 November 2024.
The US Senate Judiciary subcommittee will convene a hearing on Tuesday to investigate recent Chinese cyberattacks targeting American telecommunications companies. The hearing, led by Senator Richard Blumenthal, will delve into the national security threats posed by these breaches and their impact on the US economy.
Authorities allege that China-linked hackers accessed surveillance data from telecom networks, intercepting sensitive communications tied to government and political figures. This breach has heightened concerns over the security of critical infrastructure, especially as bipartisan lawmakers scrutinise the role of major providers like AT&T and Verizon.
The session will also include discussions on Elon Musk’s business ties with China amid his growing involvement in US government affairs. Witnesses, including cybersecurity and industry experts, are expected to shed light on the scale and potential consequences of these incidents. Beijing, however, has denied any involvement in cyber espionage activities.
Russian security experts have uncovered a new deepfake scam exploiting the image of Donald Trump, targeting English-speaking audiences. FACCT, a Moscow-based cybercrime prevention firm, reported that scammers are using a bot to create deepfake videos of prominent figures like Trump, Elon Musk, and Tucker Carlson. These videos are being shared on platforms such as TikTok and YouTube to promote fraudulent crypto exchanges.
The bot allows users to generate customised videos with text up to 400 characters long, which fraudsters use to advertise fake trading platforms. FACCT identified three primary scams: fake exchanges where victims’ tokens are stolen, malware links that compromise crypto wallets, and bogus tokens that can’t be sold.
This warning follows a rise in crypto-related scams in Russia, including digital ruble frauds. Authorities are urging vigilance as the Russian Central Bank prepares to launch its central bank digital currency nationwide next year.
Japan, the United States, and South Korea concluded a three-day joint military exercise, Freedom Edge, showcasing their commitment to strengthening multi-domain defence cooperation amidst escalating tensions in East Asia. Select training sessions were open to media in the second iteration of Freedom Edge. The drills spanned maritime, aerial, and cyber domains, and operations were conducted in strategic areas, including the East China Sea near South Korea’s Jeju Island.
Designed to counter various threats — from ballistic missiles and cyberattacks to fighter jets and submarines — the drills emphasised seamless coordination among the three nations’ forces. By refining joint response procedures, the exercise bolstered deterrence and preparedness for complex regional challenges.
President Joe Biden and China’s President Xi Jinping held a two-hour meeting on the sidelines of the APEC summit on Saturday. Both leaders reached a significant agreement to prevent AI from controlling nuclear weapons systems and made progress on securing the release of two US citizens wrongfully detained in China. Biden also pressured Xi to reduce North Korea’s support for Russia in the ongoing Ukraine conflict.
The breakthrough in nuclear safety, particularly the commitment to maintain human control over nuclear decisions, was reported as an achievement for Biden’s foreign policy. Xi, in contrast, called for greater dialogue and cooperation with the US and cautioned against efforts to contain China. His remarks also acknowledged rising geopolitical challenges, hinting at the difficulties that may arise under a Trump presidency. The meeting showcased a shift in tone from their previous encounter in 2023, reflecting a more constructive dialogue despite underlying tensions.
Reuters reported that it remains uncertain whether the statement will result in additional talks or concrete actions on the issue. The US has long held the position that AI should assist and enhance military capabilities, but not replace human decision-making in high-stakes areas such as nuclear weapons control. Last year, the Biden-Harris administration announced the Political declaration on responsible military use of AI and autonomy, and more than 20 countries endorsed the declaration. The declaration specifically underlines that “military use of AI capabilities needs to be accountable, including through such use during military operations within a responsible human chain of command and control”.
The National Cyber Security Centre (NCSC) and its international partners have issued an urgent advisory highlighting the growing trend of threat actors exploiting zero-day vulnerabilities, emphasising the importance of proactive security measures.
This joint advisory has been published by NCSC (UK), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau of Investigation (FBI), US National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NCSC-NZ), and CERT NZ.
The UK NCSC, in collaboration with cybersecurity agencies from the United States, Australia, Canada, New Zealand, and others, identified the top 15 most commonly exploited vulnerabilities of 2023. A majority of these vulnerabilities were initially targeted as zero-days—newly discovered flaws without immediate patches, allowing cybercriminals to strike high-priority targets before fixes were available.
The advisory highlights a notable shift compared to 2022, when fewer than half of the top vulnerabilities were exploited as zero-days. The rise in zero-day attacks has continued into 2024, underlining the evolving tactics of cyber adversaries.
The advisory urges organisations to stay vigilant in their vulnerability management practices, prioritising the timely application of security updates and ensuring that all assets are identified and protected. It also calls on technology vendors and developers to adopt secure-by-design principles to minimise product vulnerabilities from the outset.
