The National Cyber Security Centre (NCSC) and its international partners have issued an urgent advisory highlighting the growing trend of threat actors exploiting zero-day vulnerabilities, emphasising the importance of proactive security measures.
This joint advisory has been published by NCSC (UK), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau of Investigation (FBI), US National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NCSC-NZ), and CERT NZ.
The UK NCSC, in collaboration with cybersecurity agencies from the United States, Australia, Canada, New Zealand, and others, identified the top 15 most commonly exploited vulnerabilities of 2023. A majority of these vulnerabilities were initially targeted as zero-days—newly discovered flaws without immediate patches, allowing cybercriminals to strike high-priority targets before fixes were available.
The advisory highlights a notable shift compared to 2022, when fewer than half of the top vulnerabilities were exploited as zero-days. The rise in zero-day attacks has continued into 2024, underlining the evolving tactics of cyber adversaries.
The advisory urges organisations to stay vigilant in their vulnerability management practices, prioritising the timely application of security updates and ensuring that all assets are identified and protected. It also calls on technology vendors and developers to adopt secure-by-design principles to minimise product vulnerabilities from the outset.
The Irish media regulator, Coimisiún na Meán, has mandated that online platforms TikTok, X, and Meta must take decisive steps to prevent the spread of terrorist content on their services, giving them three months to report on their progress.
This action follows notifications from EU authorities under the Terrorist Content Online Regulation. If the platforms fail to comply, the regulator can impose fines of up to four percent of their global revenue.
This decision aligns with Ireland’s broader enforcement of digital laws, including the Digital Services Act (DSA) and a new online safety code. The DSA has already prompted investigations, such as the European Commission’s probe into X last December, and Ireland’s new safety code will impose binding content moderation rules for video-sharing platforms with European headquarters in Ireland. These initiatives aim to curb the spread of harmful and illegal content on major social media platforms.
Hackers with alleged links to China have stolen sensitive data from US telecommunications firms, targeting information intended for law enforcement agencies. US officials announced the breach on Wednesday, revealing that multiple telecom networks had been compromised. The hackers reportedly accessed call records and communications of individuals in government and political roles, according to a joint statement from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).
Among the data stolen was information connected to court-ordered surveillance requests made by US law enforcement. The agencies provided limited details about the breach and have yet to disclose the number of companies affected. CISA and the FBI declined to comment further, with additional insights expected as investigations continue.
The incident aligns with earlier reports in the Wall Street Journal, which suggested that Chinese hackers may have infiltrated systems intended for law enforcement to monitor communications. Such claims have led to growing concerns about the security of US telecom infrastructure, particularly given reports of targeted attacks on the phones of high-profile political figures.
The Department of Homeland Security’s Cyber Safety Review Board will investigate the breach, part of an effort to evaluate significant digital security threats. China’s embassy in Washington declined to comment on the latest hacking allegations, which it has previously dismissed as unfounded.
Germany is strengthening its cyber defences as elections approach, with Interior Minister Nancy Faeser highlighting the need for robust protections against cyber-attacks and disinformation. Faeser warned of potential threats from Russia and other foreign actors, stressing that democracy must also be safeguarded in the digital realm.
The annual report from the Federal Office for Information Security pointed to Germany’s vulnerability to hybrid threats, which include hacking, manipulation, and disinformation. Faeser confirmed plans to bolster cybersecurity, aiming to counteract any attempts at digital interference that could destabilise the election process.
Germany’s snap elections are set for early next year, following the collapse of Chancellor Olaf Scholz’s coalition government amid economic concerns and rising populism. While recent elections saw no major cybersecurity incidents, authorities continue to monitor for risks.
With the political landscape in flux, security agencies remain vigilant. Enhanced measures are in place to detect and address cyber threats as the nation prepares for a potentially turbulent electoral period.
South Korea has reported a rise in cyberattacks by pro-Russia hacking groups following North Korea’s recent deployment of troops to Russia in support of its war against Ukraine. Seoul’s presidential office held an emergency meeting after detecting denial-of-service attacks on government and private websites, leading to temporary outages but no significant damage. Officials have pledged to strengthen cybersecurity defences in response to the attacks.
The South Korean government noted that pro-Russian hacktivist attacks have grown more frequent since North Korea sent troops to Russia. Reports indicate that over 10,000 North Korean soldiers are now stationed in Russia, with some reportedly engaged in combat near Ukraine.
The new military partnership between Pyongyang and Moscow has drawn condemnation from South Korea, the US, and Western allies, with Ukrainian President Volodymyr Zelensky warning that these developments mark a new era of global instability.
A Chinese state-sponsored hacking group, Volt Typhoon, reportedly breached Singapore Telecommunications (SingTel) in June as part of a broader cyber campaign targeting telecom companies and critical infrastructure globally.
SingTel confirmed that malware was detected during the breach but assured there was no data exfiltrated or service disruption. The company took immediate action, reporting the incident to authorities, though it could not confirm if the breach was the same event mentioned in media reports.
Chinese officials have denied involvement in the attack, with a spokesperson asserting that China opposes all forms of cyberattacks. Volt Typhoon, previously linked to cyberattacks on critical US infrastructure, is believed to have used this incident as a test for potential future attacks on US telecom firms. The breach highlights the growing concerns over Chinese cyber activities targeting global critical infrastructure.
The head of US cybersecurity, Jen Easterly, announced Monday that, despite an increase in disinformation targeting the 2024 presidential election, there has been no evidence of interference capable of affecting the election outcome. Easterly noted the unprecedented levels of false information spreading across online platforms, much of which has been attributed to foreign actors aiming to sow division among voters.
US authorities have pointed to Russia as one of the primary sources of election-related disinformation, including a widely circulated fake video in Georgia showing an immigrant falsely claiming to have voted multiple times. Officials say that similar tactics are expected to continue beyond Election Day, targeting trust in the electoral process through to January.
Easterly assured voters that election security is stronger than ever, thanks to enhanced protective measures and improved preparedness across voting jurisdictions. Her message emphasised the government’s ongoing commitment to maintaining safe, secure, and reliable elections for all Americans.
Meta is expanding the reach of its AI models, making its Llama AI series available to US government agencies and private sector partners involved in national security projects. Partnering with firms like Lockheed Martin, Oracle, and Scale AI, Meta aims to assist government teams and contractors with applications such as intelligence gathering and computer code generation for defence needs.
Although Meta’s policies generally restrict using Llama for military purposes, the company is making an exception for these government partners. This decision follows concerns over foreign misuse of the technology, particularly after reports revealed that researchers affiliated with China’s military had used an earlier Llama model without authorisation for intelligence-related applications.
The choice to integrate open AI like Llama into defence remains controversial. Critics argue that AI’s data security risks and its tendency to generate incorrect outputs make it unreliable in military contexts. Recent findings from the AI Now Institute caution that AI tools could be misused by adversaries due to data vulnerabilities, potentially putting sensitive information at risk.
Meta maintains that open AI can accelerate research and enhance security, though US military adoption remains limited. While some big tech employees oppose military-linked projects, Meta emphasises its commitment to strengthening national security while safeguarding its technology from unauthorised foreign use.
SpaceX, the aerospace company founded by Elon Musk, is urging its Taiwanese suppliers to relocate manufacturing operations off the island due to rising geopolitical tensions between China and Taiwan. This shift, aimed at reducing risk amid China’s increased military drills around Taiwan, has led some suppliers to transfer parts of their production to countries such as Vietnam and Thailand. Notable Taiwanese companies, including Chin-Poon Industrial and Wistron NeWeb Corporation (WNC), confirmed that SpaceX requested they move production, citing geopolitical concerns.
In response, WNC has already started producing network equipment for SpaceX’s Starlink project in Vietnam, with plans to double its workforce there. Similarly, Universal Microwave Technology has expanded in Southeast Asia, investing in new factories in Vietnam and Thailand, while Shenmao Technology is establishing a $5 million unit in Vietnam. These shifts align with Taiwanese tech companies’ broader efforts to diversify their operations outside Taiwan, aiming to insulate their supply chains from potential disruptions.
SpaceX’s approach underscores Musk’s complicated relationship with Taiwan, heightened after his comments last year calling Taiwan an “integral part” of China, which sparked backlash from the Taiwanese government. The company’s interest in building a manufacturing hub in Vietnam reflects an increasing trend of high-tech industries seeking stability amid geopolitical tensions, with Southeast Asia emerging as a crucial alternative for production.
The 34th International Conference of the Red Cross and Red Crescent has adopted a new resolution to protect civilians and essential infrastructure from the potential risks posed by ICT activities during armed conflict. Recognising the increased likelihood of information and communication technologies (ICTs) being used in future conflicts, the resolution addresses the need to safeguard civilian lives and critical systems from the unintended human costs of these operations.
The resolution highlights concerns over the malicious use of ICT capabilities by parties in conflict, noting that such activities could impact protected persons and objects, including essential infrastructure like power, water, and healthcare systems. It underscores that these civilian objects are crucial for survival and should remain unaffected during hostilities. The resolution further emphasises the importance of preventing these activities from crossing international borders, which could inadvertently impact civilians in other regions.
Acknowledging the limited resources and capacities of some states and humanitarian organisations, the resolution also draws attention to the vulnerability this may create. Without adequate defences, states and components of the Red Cross and Red Crescent Movement could face greater risks from cyber incursions during the conflict.
Another focus of the resolution is the potential for civilians to become involved in cyber activities related to conflict, either by conducting or supporting operations. It points to the need for greater awareness of the risks and legal implications, as civilians may need to fully understand the consequences of their involvement in ICT-related activities in conflict situations.
The resolution also calls for further study and dialogue on how international humanitarian law (IHL) applies to ICT activities in warfare. It acknowledges that while IHL traditionally protects civilians and critical infrastructure during conflict, the unique characteristics of cyberspace may require additional interpretation and understanding.
By adopting this resolution, the Red Cross aims to ensure that, as the nature of conflict changes, a strong international framework remains to protect civilians and essential infrastructure from the emerging threats posed by cyber activities in armed conflict.
