Cyberconflict and warfare

Meta offers Llama AI to US allies amid global tech race

Meta will provide its Llama AI model to key European institutions, NATO, and several allied countries as part of efforts to strengthen national security capabilities.

The company confirmed that France, Germany, Italy, Japan, South Korea, and the EU will gain access to the open-source model. US defence and security agencies and partners in Australia, Canada, New Zealand, and the UK already use Llama.

Meta stated that the aim is to ensure democratic allies have the most advanced AI tools for decision-making, mission planning, and operational efficiency.

Although its terms bar use for direct military or espionage applications, the company emphasised that supporting allied defence strategies is in the interest of nations.

The move highlights the strategic importance of AI models in global security. Meta has positioned Llama as a counterweight to other countries’ developments, after allegations that researchers adapted earlier versions of the model for military purposes.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Emerging AI trends that will define 2026

AI is set to reshape daily life in 2026, with innovations moving beyond software to influence the physical world, work environments, and international relations.

Autonomous agents will increasingly manage household and workplace tasks, coordinating projects, handling logistics, and interacting with smart devices instead of relying solely on humans.

Synthetic content will become ubiquitous, potentially comprising up to 90 percent of online material. While it can accelerate data analysis and insight generation, the challenge will be to ensure genuine human creativity and experience remain visible instead of being drowned out by generic AI outputs.

The workplace will see both opportunity and disruption. Routine and administrative work will increasingly be offloaded to AI, creating roles such as prompt engineers and AI ethics specialists, while some traditional positions face redundancy.

Similarly, AI will expand into healthcare, autonomous transport, and industrial automation, becoming a tangible presence in everyday life instead of remaining a background technology.

Governments and global institutions will grapple with AI’s geopolitical and economic impact. From trade restrictions to synthetic propaganda, world leaders will attempt to control AI’s spread and underlying data instead of allowing a single country or corporation to have unchecked dominance.

Energy efficiency and sustainability will also rise to the fore, as AI’s growing power demands require innovative solutions to reduce environmental impact.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cyberattack disrupts major European airports

Airports across Europe faced severe disruption after a cyberattack on check-in software used by several major airlines.

Heathrow, Brussels, Berlin and Dublin all reported delays, with some passengers left waiting hours as staff reverted to manual processes instead of automated systems.

Brussels Airport asked airlines to cancel half of Monday’s departures after Collins Aerospace, the US-based supplier of check-in technology, could not provide a secure update. Heathrow said most flights were expected to operate but warned travellers to check their flight status.

Berlin and Dublin also reported long delays, although Dublin said it planned to run a full schedule.

Collins, a subsidiary of aerospace and defence group RTX, confirmed that its Muse software had been targeted by a cyberattack and said it was working to restore services. The UK’s National Cyber Security Centre coordinates with airports and law enforcement to assess the impact.

Experts warned that aviation is particularly vulnerable because airlines and airports rely on shared platforms. They said stronger backup systems, regular updates and greater cross-border cooperation are needed instead of siloed responses, as cyberattacks rarely stop at national boundaries.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft seizes 338 sites tied to phishing service

Microsoft has disrupted RaccoonO365, a fast-growing phishing service used by cybercriminals to steal Microsoft 365 login details.

Using a court order from the Southern District of New York, in the US, its Digital Crimes Unit seized 338 websites linked to the operation. The takedown cut off infrastructure that enabled criminals to mimic Microsoft branding and trick victims into sharing their credentials.

Since mid-2024, RaccoonO365 has been used in at least 94 countries and has stolen more than 5,000 credentials. The kits were marketed on Telegram to hundreds of paying subscribers, including campaigns that targeted healthcare providers in the US.

Microsoft identified the group’s alleged leader as Joshua Ogundipe, based in Nigeria, who is accused of creating and promoting the service. The company has referred the case to international law enforcement while continuing efforts to dismantle any rebuilt networks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

US Army puts cybersecurity at the heart of transformation

Cybersecurity is a critical element of the US Army’s ongoing transformation and of wider national efforts to safeguard critical infrastructure, according to Brandon Pugh, Principal Cyber Adviser to the Secretary of the Army. Speaking at the Billington CyberSecurity Summit on 11 September, Pugh explained that the Army’s Continuous Transformation initiative is intended to deliver advanced technologies to soldiers more rapidly, ensuring readiness for operational environments where cybersecurity underpins every aspect of activity, from base operations to mobilisation.

Pugh took part in the panel where he emphasised that defending the homeland remains a central priority, with the Army directly affected by vulnerabilities in privately owned critical infrastructure such as energy and transport networks. He referred to research conducted by the Army Cyber Institute at the US Military Academy at West Point, which analyses how weaknesses in infrastructure could undermine the Army’s ability to project forces in times of crisis or conflict.

The other panellists agreed that maintaining strong basic cyber hygiene is essential. Josh Salmanson, Vice President for the Defence Cyber Practice at Leidos, underlined the importance of measures such as timely patching, reducing vulnerabilities, and eliminating shared passwords, all of which help to reduce noise in networks and strengthen responses to evolving threats.

The discussion also considered the growing application of AI in cyber operations. Col. Ivan Kalabashkin, Deputy Head of Ukraine’s Security Services Cyber Division reported that Ukraine has faced more than 13,000 cyber incidents directed at government and critical infrastructure systems since the start of the full-scale war, noting that Russia has in recent months employed AI to scan for network vulnerabilities.

Pugh stated that the Army is actively examining how AI can be applied to enhance both defensive and potentially offensive cyber operations, pointing to significant ongoing work within Army Cyber Command and US Cyber Command.

Finally, Pugh highlighted the Army’s determination to accelerate the introduction of cyber capabilities, particularly from innovative companies offering specialist solutions. He stressed the importance of acquisition processes that enable soldiers to test new capabilities within weeks, in line with the Army’s broader drive to modernise how it procures, evaluates, and deploys technology.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

NATO and Seoul expand cybersecurity dialogue and defence ties

South Korea and NATO have pledged closer cooperation on cybersecurity following high-level talks in Seoul this week, according to Yonhap News Agency.

The discussions, led by Ambassador for International Cyber Affairs Lee Tae Woo and NATO Assistant Secretary General Jean-Charles Ellermann-Kingombe, focused on countering cyber threats and assessing risks in the Indo-Pacific and Euro-Atlantic regions.

Launched in 2023, the high-level cyber dialogue aims to deepen collaboration between South Korea and NATO in the cybersecurity domain.

The meeting followed talks between Defence Minister Ahn Gyu-back and NATO Military Committee chair Giuseppe Cavo Dragone during the Seoul Defence Dialogue earlier this week.

Dragone said cooperation would expand across defence exchanges, information sharing, cyberspace, space, and AI as ties between Seoul and NATO strengthen.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK launches CAF 4.0 for cybersecurity

The UK’s National Cyber Security Centre has released version 4.0 of its Cyber Assessment Framework to help organisations protect essential services from rising cyber threats.

An updated CAF that provides a structured approach for assessing and improving cybersecurity and resilience across critical sectors.

Version 4.0 introduces a deeper focus on attacker methods and motivations to inform risk decisions, ensures software in essential services is developed and maintained securely, and strengthens guidance on threat detection through security monitoring and threat hunting.

AI-related cyber risks are also now covered more thoroughly throughout the framework.

The CAF primarily supports energy, healthcare, transport, digital infrastructure, and government organisations, helping them meet regulatory obligations such as the NIS Regulations.

Developed in consultation with UK cyber regulators, the framework provides clear benchmarks for assessing security outcomes relative to threat levels.

Authorities encourage system owners to adopt CAF 4.0 alongside complementary tools such as Cyber Essentials, the Cyber Resilience Audit, and Cyber Adversary Simulation services. These combined measures enhance confidence and resilience across the nation’s critical infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cybersecurity protections for US companies at risk as key law nears expiration

As cyber threats grow, a vital legal safeguard encouraging US companies to share threat intelligence is on the verge of expiring.

The US Cybersecurity Information Sharing Act of 2015 (CISA 2015), which grants liability protection to firms that voluntarily share cyber threat data with peers and the federal government, is set to lapse at the end of the month unless Congress acts swiftly.

The potential loss of this law could leave companies, especially small and mid-sized organisations, isolated in defending against cyberattacks, including those powered by emerging technologies like agentic AI. Companies may revert to lengthy legal reviews without liability protection or avoid information-sharing altogether.

On 3 September 2025, the House Homeland Security Committee unanimously approved a bill to extend these protections, but it still needs full congressional approval and the president’s signature.

According to Bloomberg, the Cybersecurity and Infrastructure Security Agency (CISA) has suffered budget cuts and workforce reductions under the Trump administration. Despite the administration’s criticism of the agency, its nominee to lead CISA, Sean Plankey, has publicly supported extending CISA 2015.

Industry leaders warn that losing these protections could slow down vital threat coordination. ‘This is the last line of defence,’ said Carole House, a former White House cybersecurity advisor.

With the potential expiration of CISA 2015, industry-focused Information Sharing and Analysis Centres (ISACs), now numbering at least 28 in the USA, may serve as a fallback for cybersecurity collaboration.

While some ISACs already offer legal protections like NDAs and anonymous sharing, experts warn that companies may hesitate to participate without federal liability protections.

Complex legal agreements could become necessary, potentially limiting engagement. ‘You run the risk of some companies deciding it’s too risky,’ said Scott Algeier, executive director of the IT-ISAC, despite hopes for continued collaboration.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

AI export rules tighten as the US opens global opportunities

President Trump has signed an Executive Order to promote American leadership in AI exports, marking a significant policy shift. The move creates new global opportunities for US businesses but also introduces stricter compliance responsibilities.

The order establishes the American AI Exports Program, overseen by the Department of Commerce, to develop and deploy ‘full-stack’ AI export packages.

These packages cover everything from chips and cloud infrastructure to AI models and cybersecurity safeguards. Industry consortia will be invited to submit proposals, outlining hardware origins, export targets, business models, and federal support requests.

A central element of the initiative is ensuring compliance with US export control regimes. Companies must align with the Export Control Reform Act and the Export Administration Regulations, with special attention to restrictions on advanced computing chips.

New guidance warns against potential violations linked to hardware and highlights red flags for illegal diversion of sensitive technology.

Commerce stresses that participation requires robust export compliance plans and rigorous end user screening.

Legal teams are urged to review policies on AI exports, as regulators focus on preventing misuse of advanced computing systems in military or weapons programmes abroad.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

International search widens for ransomware fugitive on EU Most Wanted

A Ukrainian cybercrime suspect has been added to the EU’s Most Wanted list for his role in the 2019 LockerGoga ransomware attack against a major Norwegian aluminium company and other global incidents.

The fugitive is considered a high-value target and is wanted by multiple countries. The US Department of Justice has offered up to USD 10 million for information leading to the arrest.

Europol stated that the identification of the suspect followed a lengthy, multinational investigation supported by Eurojust, with damages from the network estimated to be in the billions. Several members of the group have already been detained in Ukraine.

Investigators have mapped the network’s operations, tracing its hierarchy from malware developers and intrusion experts to money launderers who processed illicit proceeds. The wanted man is accused of directly deploying LockerGoga ransomware.

Europol has urged the public to visit the EU Most Wanted website and share information that could assist in locating the fugitive. The suspect’s profile is now live on the platform.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!