Cyberconflict and warfare

UK government announces new cyber bill to strengthen national defences and protect critical infrastructure

The UK government has unveiled plans for a new Cyber Security and Resilience Bill aimed at enhancing the country’s ability to defend against the growing risk of cyber threats. Scheduled to be introduced later this year, the Bill forms a key part of the government’s broader strategy to protect critical national infrastructure (CNI), support economic growth, and ensure the resilience of the UK’s digital landscape.

The forthcoming legislation will focus on bolstering the cyber resilience of essential services—such as healthcare, energy, and IT providers—that underpin the economy and daily life. Around 1,000 vital service providers will be required to meet strengthened cyber security standards under the new rules. These measures are designed to safeguard supply chains and key national functions from increasingly sophisticated cyber attacks affecting both public and private sectors.

In addition, the government is considering extending cyber security regulations to over 200 data centres across the country. These centres are integral to the functioning of modern finance, e-commerce, and digital communication. By improving their security, the government hopes to safeguard services that rely heavily on data, such as online banking, shopping platforms, and social media.

If adopted, the government’s proposals include:

  • Expanding the scope of the NIS Regulations. The scope of the Network and Information Systems (NIS) Regulations would be broadened to include a wider range of organisations and suppliers. This expansion would bring data centres, Managed Service Providers (MSPs), and other critical suppliers under the regulatory framework, ensuring that more entities are held to high standards of cyber security and resilience.
  • Enhanced regulatory powers. Regulators would be equipped with additional tools to strengthen cyber resilience within the sectors they oversee. This includes new obligations for organisations to report a broader range of significant cyber incidents, enabling faster and more informed responses to emerging threats.
  • Greater Flexibility to Adapt. The government would gain increased flexibility to update the framework in line with the evolving threat landscape. This means regulations could be swiftly extended to cover new and emerging sectors, ensuring the UK remains agile in the face of dynamic cyber risks.
  • New Executive Powers for National Security. In circumstances where national security is at stake, the government would be granted new executive powers to act decisively in response to serious cyber threats.

For more information on these topics, visit diplomacy.edu.

Japan passes landmark cyber defence bill

Japan has passed the Active Cyber Defence Bill, which permits the country’s military and law enforcement agencies to undertake pre-emptive measures in response to cyber threats.

The legislation adopts a two-pronged approach, focusing on both passive and active cyber defence. It includes the establishment of a cybersecurity council and an oversight committee to enhance threat analysis and information-gathering capabilities. The bill also introduces new requirements for critical infrastructure providers to report cybersecurity incidents promptly. Additionally, it enables the government to collect technical information—such as IP addresses and timestamps—from telecommunications providers in cases where a potential cyberattack is identified, to monitor communications between Japan and external actors.

The legislation also grants the military powers to carry out active measures against cyber threats. This includes the deployment of ‘cyber harm-prevention officers’, tasked with actions such as disrupting servers involved in cyberattacks and responding to critical incidents.

While the bill is positioned as part of Japan’s broader efforts to strengthen its cyber resilience, some commentary has raised questions about the balance between security and oversight.

For more information on these topics, visit diplomacy.edu.

ECB warns Euro zone banks on geopolitical risks

Euro zone banks must remain resilient and prepared for geopolitical shocks, including the risk of liquidity drying up amid volatile financial markets, according to Claudia Buch, the European Central Bank’s supervisory chief.

She highlighted concerns about the potential impact of policy reversals by the US government, particularly under President Donald Trump, which have unsettled investors and created uncertainty about future growth and stability.

Buch also pointed to the ongoing financial and political pressures arising from Russia’s war in Ukraine and the sanctions that followed.

She emphasised the need for banks to maintain sufficient capital, robust governance, and effective risk management systems in the face of potential asset quality deterioration and economic disruptions caused by geopolitical conflicts or sanctions.

Additionally, Buch noted the increasing threat of cybersecurity attacks, which have become more frequent and severe. The ECB’s annual report warned that geopolitical risks could strain liquidity and funding, particularly in foreign currencies, leading to higher borrowing costs and increased use of credit lines.

Buch called for progress in creating a crisis management and deposit insurance framework to protect depositors in the event of bank failures.

For more information on these topics, visit diplomacy.edu.

Trump dismisses Signal leak, supports Waltz

US President Donald Trump on Tuesday downplayed the incident in which sensitive military plans for a strike against Yemen’s Houthis were mistakenly shared in a group chat that included a journalist. Trump referred to it as ‘the only glitch in two months’ and insisted that it was ‘not a serious’ issue.

The development, which surprised him when first questioned by reporters, has sparked criticism from Democratic lawmakers accusing the administration of mishandling sensitive information.

The lapse occurred when US National Security Adviser Mike Waltz unintentionally included Jeffrey Goldberg, editor-in-chief of The Atlantic, in a group chat with 18 high-ranking officials discussing military strike plans.

Waltz admitted to the mistake and accepted full responsibility, stating that an aide had mistakenly added Goldberg’s contact to the conversation.

The incident, which took place over the Signal app, has raised concerns due to the app’s public availability and its use for discussing such sensitive matters.

While Trump continued to express support for Waltz, Democratic critics, including former Secretary of State Hillary Clinton, have voiced strong disapproval.

Clinton, commenting on the breach, highlighted the irony of the situation, given Trump’s previous criticisms of Hillary Clinton’s use of a private email server for sensitive material.

For more information on these topics, visit diplomacy.edu.

US report highlights China’s growing military capabilities

A US intelligence report has identified China as the top military and cyber threat, warning of Beijing’s growing capabilities in AI, cyber warfare, and conventional weaponry.

The report highlights China’s ambitions to surpass the US as the leading AI power by 2030 and its steady progress towards military capabilities that could be used to capture Taiwan.

It also warns that China could target US infrastructure through cyberattacks and space-based assets.

The findings, presented to the Senate Intelligence Committee, sparked tensions between Washington and Beijing. Chinese officials rejected the report, accusing the US of using outdated Cold War thinking and hyping the ‘China threat’ to maintain military dominance.

China’s foreign ministry also criticised US support for Taiwan, urging Washington to stop backing separatist movements.

Meanwhile, Beijing dismissed accusations that it has failed to curb fentanyl shipments, a key source of US overdose deaths.

The report also notes that Russia, Iran, and North Korea are working to challenge US influence through military and cyber tactics.

While China continues to expand its global footprint, particularly in Greenland and the Arctic, the report points to internal struggles, including economic slowdowns and demographic challenges, that could weaken the Chinese government’s stability.

The intelligence report underscores ongoing concerns in Washington about Beijing’s long-term ambitions and its potential impact on global security.

For more information on these topics, visit diplomacy.edu.

China warns US against ‘hegemonic thinking’

China’s foreign ministry has criticised the US for viewing China through a ‘hegemonic mentality’ after Washington labelled it the top military and cyber threat.

Ministry spokesperson Guo Jiakun accused the US of pushing the ‘China threat’ narrative as a means to contain and suppress the country.

The latest exchange highlights ongoing tensions between the two global powers, particularly over security, technology, and military influence. Beijing has consistently rejected US claims regarding cyber espionage and military expansion, arguing that such accusations are politically motivated.

Relations between China and the US have remained strained, with disputes spanning trade, Taiwan, and cybersecurity.

Despite diplomatic efforts to stabilise ties, the two nations continue to challenge each other’s policies and strategic moves on the global stage.

For more information on these topics, visit diplomacy.edu.

Canada warns of foreign election interference

Canada’s intelligence agency has warned that China and India are highly likely to interfere in the country’s general election on 28 April, with Russia and Pakistan also having the potential to do so.

The Canadian Security Intelligence Service (CSIS) stated that while previous interference attempts in the 2019 and 2021 elections did not alter the results, the country had been slow to respond at the time. Both China and India have denied previous allegations of meddling in Canada’s internal affairs.

Vanessa Lloyd, CSIS’s deputy director of operations, said hostile states are increasingly using AI to influence elections, with China being particularly likely to exploit such tools.

The warning comes amid tense diplomatic relations between Canada and Beijing, following China’s recent tariffs on $2.6 billion worth of Canadian agricultural products and Ottawa’s strong condemnation of China’s execution of four Canadian citizens on drug charges.

India has also been under scrutiny, with Canada expelling six Indian diplomats last year over allegations of involvement in a plot against Sikh separatists.

Lloyd stated that India has both the intent and capability to interfere in Canadian politics and communities, though the Indian diplomatic mission in Ottawa has yet to comment.

She added that while it is difficult to directly link foreign interference with election outcomes, such activities undermine public trust in Canada’s democratic institutions.

For more information on these topics, visit diplomacy.edu.

Ukrzaliznytsia shifts to offline ticket sales after IT system failure

Ukraine’s state-owned railway company, Ukrzaliznytsia, has been hit by a large-scale cyberattack, affecting its online systems.

While train services remain operational without delays, the company has been working to restore its IT infrastructure. Passengers were advised to buy tickets offline on Monday as backups were recovered.

The cyberattack, described by Ukrzaliznytsia as ‘systemic, non-trivial and multi-level,’ was first reported on Sunday.

The railway has become a critical part of Ukraine’s transport network since the Russian invasion in 2022, with airspace closed and trains serving as the primary mode of domestic and international travel. Last year, it transported 20 million passengers and 148 million tonnes of freight.

Efforts to fully restore online systems are ongoing as authorities investigate the incident.

Cyberattacks targeting Ukraine’s infrastructure have increased since the start of the war, with railways playing a crucial role in both civilian and military logistics. Officials have not yet attributed responsibility for the attack.

For more information on these topics, visit diplomacy.edu.

Hackers use fake Semrush ads to steal Google accounts

Cybercriminals are using fake adverts for popular SEO platform Semrush to trick users into giving up access to their Google accounts, researchers have warned.

The malvertising campaign features ads that link to a bogus Semrush login page, which only allows users to sign in via Google, a tactic designed to steal high-value credentials.

According to Malwarebytes, Semrush accounts are often linked to critical Google services such as Analytics and Search Console.

These tools store confidential business insights, which threat actors could exploit for strategic and financial gain. The scammers may also access names, phone numbers, business details, and partial card information through compromised Semrush accounts.

By impersonating Semrush support, attackers could deceive users into revealing full card details under the pretence of payment or billing updates. However, this may open the door to wider fraud, such as redirecting funds from vendors or business partners.

With Semrush serving over 117,000 customers, including a significant share of Fortune 500 firms, the attack underscores the growing risks of malvertising on platforms like Google.

Security experts are urging businesses to tighten account access controls and remain cautious when engaging with search ads, even from seemingly reputable brands.

For more information on these topics, visit diplomacy.edu.

US launches national security unit to combat cyberattacks on telecom sector

The Federal Communications Commission (FCC) has launched a national security unit in response to recent cyber incidents affecting US telecommunications firms.

These incidents, attributed to a group known as Salt Typhoon, involved unauthorised access to sensitive data and communications.

The newly formed unit will be led by Adam Chan, FCC’s national security counsel, and will include representatives from eight different bureaus and offices within the agency. The council’s objectives are to:

  • Reduce reliance on foreign entities in the US telecom and technology supply chains.
  • Address vulnerabilities related to cyber threats, espionage, and surveillance.
  • Support U.S. leadership in critical technologies, including 5G, satellites, quantum computing, IoT, and robotics.

Cybersecurity experts have emphasised the importance of securing digital infrastructure against advanced threats. The telecommunications sector, despite its established cybersecurity measures, continues to face persistent and evolving risks.

Recent reports indicate that Salt Typhoon has continued targeting US telecom networks, with activity observed as recently as February.

The FCC has taken several steps in recent months to enhance industry security, and the formation of this council represents a further effort to strengthen resilience.

For more information on these topics, visit diplomacy.edu.