Cyberconflict and warfare

Japan passes landmark cyber defence bill

Japan has passed the Active Cyber Defence Bill, which permits the country’s military and law enforcement agencies to undertake pre-emptive measures in response to cyber threats.

The legislation adopts a two-pronged approach, focusing on both passive and active cyber defence. It includes the establishment of a cybersecurity council and an oversight committee to enhance threat analysis and information-gathering capabilities. The bill also introduces new requirements for critical infrastructure providers to report cybersecurity incidents promptly. Additionally, it enables the government to collect technical information—such as IP addresses and timestamps—from telecommunications providers in cases where a potential cyberattack is identified, to monitor communications between Japan and external actors.

The legislation also grants the military powers to carry out active measures against cyber threats. This includes the deployment of ‘cyber harm-prevention officers’, tasked with actions such as disrupting servers involved in cyberattacks and responding to critical incidents.

While the bill is positioned as part of Japan’s broader efforts to strengthen its cyber resilience, some commentary has raised questions about the balance between security and oversight.

For more information on these topics, visit diplomacy.edu.

ECB warns Euro zone banks on geopolitical risks

Euro zone banks must remain resilient and prepared for geopolitical shocks, including the risk of liquidity drying up amid volatile financial markets, according to Claudia Buch, the European Central Bank’s supervisory chief.

She highlighted concerns about the potential impact of policy reversals by the US government, particularly under President Donald Trump, which have unsettled investors and created uncertainty about future growth and stability.

Buch also pointed to the ongoing financial and political pressures arising from Russia’s war in Ukraine and the sanctions that followed.

She emphasised the need for banks to maintain sufficient capital, robust governance, and effective risk management systems in the face of potential asset quality deterioration and economic disruptions caused by geopolitical conflicts or sanctions.

Additionally, Buch noted the increasing threat of cybersecurity attacks, which have become more frequent and severe. The ECB’s annual report warned that geopolitical risks could strain liquidity and funding, particularly in foreign currencies, leading to higher borrowing costs and increased use of credit lines.

Buch called for progress in creating a crisis management and deposit insurance framework to protect depositors in the event of bank failures.

For more information on these topics, visit diplomacy.edu.

Trump dismisses Signal leak, supports Waltz

US President Donald Trump on Tuesday downplayed the incident in which sensitive military plans for a strike against Yemen’s Houthis were mistakenly shared in a group chat that included a journalist. Trump referred to it as ‘the only glitch in two months’ and insisted that it was ‘not a serious’ issue.

The development, which surprised him when first questioned by reporters, has sparked criticism from Democratic lawmakers accusing the administration of mishandling sensitive information.

The lapse occurred when US National Security Adviser Mike Waltz unintentionally included Jeffrey Goldberg, editor-in-chief of The Atlantic, in a group chat with 18 high-ranking officials discussing military strike plans.

Waltz admitted to the mistake and accepted full responsibility, stating that an aide had mistakenly added Goldberg’s contact to the conversation.

The incident, which took place over the Signal app, has raised concerns due to the app’s public availability and its use for discussing such sensitive matters.

While Trump continued to express support for Waltz, Democratic critics, including former Secretary of State Hillary Clinton, have voiced strong disapproval.

Clinton, commenting on the breach, highlighted the irony of the situation, given Trump’s previous criticisms of Hillary Clinton’s use of a private email server for sensitive material.

For more information on these topics, visit diplomacy.edu.

US report highlights China’s growing military capabilities

A US intelligence report has identified China as the top military and cyber threat, warning of Beijing’s growing capabilities in AI, cyber warfare, and conventional weaponry.

The report highlights China’s ambitions to surpass the US as the leading AI power by 2030 and its steady progress towards military capabilities that could be used to capture Taiwan.

It also warns that China could target US infrastructure through cyberattacks and space-based assets.

The findings, presented to the Senate Intelligence Committee, sparked tensions between Washington and Beijing. Chinese officials rejected the report, accusing the US of using outdated Cold War thinking and hyping the ‘China threat’ to maintain military dominance.

China’s foreign ministry also criticised US support for Taiwan, urging Washington to stop backing separatist movements.

Meanwhile, Beijing dismissed accusations that it has failed to curb fentanyl shipments, a key source of US overdose deaths.

The report also notes that Russia, Iran, and North Korea are working to challenge US influence through military and cyber tactics.

While China continues to expand its global footprint, particularly in Greenland and the Arctic, the report points to internal struggles, including economic slowdowns and demographic challenges, that could weaken the Chinese government’s stability.

The intelligence report underscores ongoing concerns in Washington about Beijing’s long-term ambitions and its potential impact on global security.

For more information on these topics, visit diplomacy.edu.

China warns US against ‘hegemonic thinking’

China’s foreign ministry has criticised the US for viewing China through a ‘hegemonic mentality’ after Washington labelled it the top military and cyber threat.

Ministry spokesperson Guo Jiakun accused the US of pushing the ‘China threat’ narrative as a means to contain and suppress the country.

The latest exchange highlights ongoing tensions between the two global powers, particularly over security, technology, and military influence. Beijing has consistently rejected US claims regarding cyber espionage and military expansion, arguing that such accusations are politically motivated.

Relations between China and the US have remained strained, with disputes spanning trade, Taiwan, and cybersecurity.

Despite diplomatic efforts to stabilise ties, the two nations continue to challenge each other’s policies and strategic moves on the global stage.

For more information on these topics, visit diplomacy.edu.

Canada warns of foreign election interference

Canada’s intelligence agency has warned that China and India are highly likely to interfere in the country’s general election on 28 April, with Russia and Pakistan also having the potential to do so.

The Canadian Security Intelligence Service (CSIS) stated that while previous interference attempts in the 2019 and 2021 elections did not alter the results, the country had been slow to respond at the time. Both China and India have denied previous allegations of meddling in Canada’s internal affairs.

Vanessa Lloyd, CSIS’s deputy director of operations, said hostile states are increasingly using AI to influence elections, with China being particularly likely to exploit such tools.

The warning comes amid tense diplomatic relations between Canada and Beijing, following China’s recent tariffs on $2.6 billion worth of Canadian agricultural products and Ottawa’s strong condemnation of China’s execution of four Canadian citizens on drug charges.

India has also been under scrutiny, with Canada expelling six Indian diplomats last year over allegations of involvement in a plot against Sikh separatists.

Lloyd stated that India has both the intent and capability to interfere in Canadian politics and communities, though the Indian diplomatic mission in Ottawa has yet to comment.

She added that while it is difficult to directly link foreign interference with election outcomes, such activities undermine public trust in Canada’s democratic institutions.

For more information on these topics, visit diplomacy.edu.

Ukrzaliznytsia shifts to offline ticket sales after IT system failure

Ukraine’s state-owned railway company, Ukrzaliznytsia, has been hit by a large-scale cyberattack, affecting its online systems.

While train services remain operational without delays, the company has been working to restore its IT infrastructure. Passengers were advised to buy tickets offline on Monday as backups were recovered.

The cyberattack, described by Ukrzaliznytsia as ‘systemic, non-trivial and multi-level,’ was first reported on Sunday.

The railway has become a critical part of Ukraine’s transport network since the Russian invasion in 2022, with airspace closed and trains serving as the primary mode of domestic and international travel. Last year, it transported 20 million passengers and 148 million tonnes of freight.

Efforts to fully restore online systems are ongoing as authorities investigate the incident.

Cyberattacks targeting Ukraine’s infrastructure have increased since the start of the war, with railways playing a crucial role in both civilian and military logistics. Officials have not yet attributed responsibility for the attack.

For more information on these topics, visit diplomacy.edu.

Hackers use fake Semrush ads to steal Google accounts

Cybercriminals are using fake adverts for popular SEO platform Semrush to trick users into giving up access to their Google accounts, researchers have warned.

The malvertising campaign features ads that link to a bogus Semrush login page, which only allows users to sign in via Google, a tactic designed to steal high-value credentials.

According to Malwarebytes, Semrush accounts are often linked to critical Google services such as Analytics and Search Console.

These tools store confidential business insights, which threat actors could exploit for strategic and financial gain. The scammers may also access names, phone numbers, business details, and partial card information through compromised Semrush accounts.

By impersonating Semrush support, attackers could deceive users into revealing full card details under the pretence of payment or billing updates. However, this may open the door to wider fraud, such as redirecting funds from vendors or business partners.

With Semrush serving over 117,000 customers, including a significant share of Fortune 500 firms, the attack underscores the growing risks of malvertising on platforms like Google.

Security experts are urging businesses to tighten account access controls and remain cautious when engaging with search ads, even from seemingly reputable brands.

For more information on these topics, visit diplomacy.edu.

US launches national security unit to combat cyberattacks on telecom sector

The Federal Communications Commission (FCC) has launched a national security unit in response to recent cyber incidents affecting US telecommunications firms.

These incidents, attributed to a group known as Salt Typhoon, involved unauthorised access to sensitive data and communications.

The newly formed unit will be led by Adam Chan, FCC’s national security counsel, and will include representatives from eight different bureaus and offices within the agency. The council’s objectives are to:

  • Reduce reliance on foreign entities in the US telecom and technology supply chains.
  • Address vulnerabilities related to cyber threats, espionage, and surveillance.
  • Support U.S. leadership in critical technologies, including 5G, satellites, quantum computing, IoT, and robotics.

Cybersecurity experts have emphasised the importance of securing digital infrastructure against advanced threats. The telecommunications sector, despite its established cybersecurity measures, continues to face persistent and evolving risks.

Recent reports indicate that Salt Typhoon has continued targeting US telecom networks, with activity observed as recently as February.

The FCC has taken several steps in recent months to enhance industry security, and the formation of this council represents a further effort to strengthen resilience.

For more information on these topics, visit diplomacy.edu.

HQC announced as safeguard against future quantum attacks

The National Institute of Standards and Technology (NIST) has introduced HQC, a backup encryption algorithm designed to protect sensitive data from potential threats posed by future quantum computers.

As part of its ongoing efforts to strengthen cybersecurity, the agency selected HQC to complement the existing post-quantum cryptography (PQC) standard, ML-KEM, in case quantum advancements compromise current encryption methods.

HQC relies on error-correcting codes, a mathematical approach used in data protection for decades, including in NASA missions.

The algorithm is larger than ML-KEM and requires more computing power, but experts determined it to be a secure and reliable alternative. A draft standard for HQC is expected within a year, with final approval anticipated by 2027.

NIST has been working to prepare for the so-called ‘Q day,’ when quantum computers could break conventional encryption. Three PQC algorithms were finalized in 2024, including ML-KEM and two digital signature standards.

In addition to announcing HQC, NIST is preparing to release a draft standard for the FALCON algorithm, further strengthening protections against future cyber threats.

For more information on these topics, visit diplomacy.edu.

Diplo chatbot can make mistakes. Consider checking important information.