The US Justice Department has removed malware from over 4,200 computers worldwide in an operation targeting a hacking group linked to the Chinese government. The malware, known as ‘PlugX,’ was used to steal information and compromise systems across the United States, Europe, and Asia. Investigators identified the cybercriminals behind the attack as ‘Mustang Panda’ and ‘Twill Typhoon,’ groups believed to have received financial support from China.
Court documents filed in the US District Court for the Eastern District of Pennsylvania allege that the Chinese government paid Mustang Panda to develop PlugX. The malware has been active since at least 2014 and was used not only to target governments and businesses but also Chinese political dissidents. Officials described the operation as a critical step in neutralising cyber threats backed by foreign states.
Authorities emphasised the growing risks posed by state-sponsored hacking groups and their ability to infiltrate global networks. The Justice Department remains committed to dismantling cyber threats and preventing adversaries from exploiting sensitive information. The scale of the attack highlights the persistent threat of cyber espionage and the need for international cooperation in addressing cybersecurity challenges.
Elon Musk is working to expand his aerospace firm SpaceX and its satellite broadband service Starlink in Italy. Talks are underway for potential supply agreements, with Musk offering Italy secure and advanced connectivity. Prime Minister Giorgia Meloni has built a close relationship with Musk, aligning with her ties to incoming US President Donald Trump.
Starlink, operating 6,700 satellites, dominates the low-Earth orbit market and provides broadband to over four million customers worldwide, including around 55,000 in Italy. The Italian government is considering using Starlink’s technology for secure communications among diplomats and defence personnel, a project valued at €1.5 billion over five years.
Israeli cybersecurity companies raised $4 billion in 2024, more than doubling the previous year’s total, according to venture capital firm YL Ventures. The sector, a key driver of Israel’s economy, saw strong investment growth despite geopolitical challenges. Cloud security and AI played a significant role in attracting funding, with early-stage startups securing $400 million across 50 seed rounds.
Investment in later-stage cybersecurity firms also surged, with growth-stage funding rounds raising $2.9 billion—an increase of 300% from 2023. The expansion reflects growing global confidence in Israel’s cybersecurity industry, which is increasingly recognised as a leader in the field. YL Ventures highlighted the role of Israeli military intelligence units in fostering a culture of innovation and entrepreneurship that strengthens the sector.
The ongoing war following Hamas’s October 2023 attack has added pressure on tech founders, many of whom have been called into military service. Industry leaders have had to navigate operational challenges while maintaining business continuity. Looking ahead to 2025, venture capital firms anticipate continued investment growth, particularly in early and mid-stage funding rounds, as cybersecurity remains a global priority.
Cyberattacks on Taiwan’s government departments doubled in 2024, reaching an average of 2.4 million attacks per day, according to the island’s National Security Bureau. Most of the attacks were attributed to Chinese cyber forces, with key targets including telecommunications, transportation, and defence. The report highlighted the increasing severity of China’s hacking activities, noting that many of the attacks were timed to coincide with Chinese military drills around Taiwan.
Taiwan has long accused Beijing of using cyberwarfare as part of broader “grey-zone harassment” efforts, which also include military exercises and surveillance balloons. The latest report detailed how China’s cyber forces employed advanced hacking techniques, such as distributed denial-of-service (DDoS) attacks and social engineering, in an attempt to steal confidential government data. These attacks were aimed at disrupting Taiwan’s infrastructure, including highways and ports, and gaining strategic advantages in politics, military affairs, and technology.
China has not responded to the allegations, though it routinely denies involvement in hacking operations. However, Taiwan’s findings come amid growing international concerns over Chinese cyber activities, with the United States recently accusing Chinese hackers of stealing sensitive documents from the US Treasury Department. Taiwan’s government has warned that Beijing’s cyber threats are intensifying and pose a growing risk to national security.
The Ministry of Defence announced that the UK is developing its first quantum clock, a cutting-edge device designed to enhance military intelligence and reconnaissance. Created by the Defence Science and Technology Laboratory, the clock boasts unparalleled precision, losing less than one second over billions of years.
By leveraging quantum mechanics to measure atomic energy fluctuations, the technology reduces reliance on vulnerable GPS systems, offering greater resilience against disruption by adversaries. That marks the UK’s debut in building such a device, with deployment anticipated within five years.
While not the world’s first quantum clock (similar technology was pioneered in the US 15 years ago), the UK effort highlights a growing global race in quantum advancements. Quantum clocks hold potential beyond military applications, impacting satellite navigation, telecommunications, and scientific research.
Countries like the United States and China are heavily investing in quantum technology, seeing its transformative potential. Future UK research aims to miniaturise the quantum clock for broader applications, including integration into military vehicles and aircraft, underscoring its strategic importance in defence and industry.
Due to national security concerns, the US Commerce Department announced plans to consider new rules restricting or banning Chinese-made drones. The proposed regulations, open for public comment until 4 March, aim to safeguard the drone supply chain against potential threats from China and Russia.
Officials warn that adversaries could exploit these devices to access sensitive US data remotely. China dominates the US commercial drone market, with DJI, the world’s largest drone manufacturer, accounting for more than half of all sales.
The Biden administration has already taken steps to curb Chinese drone activity. In December, President Joe Biden signed legislation requiring an investigation into whether drones from companies like DJI and Autel Robotics pose unacceptable security risks.
If unresolved within a year, these companies may be barred from launching new products in the US. Additionally, DJI has faced scrutiny over alleged ties to Beijing’s military and accusations of violating the Uyghur Forced Labor Prevention Act, claims the company denies.
US Commerce Secretary Gina Raimondo hinted at measures similar to those targeting Chinese vehicles, focusing on drones with Chinese or Russian components. While DJI disputes allegations of data transmission and surveillance risks, US lawmakers remain concerned.
The evolving landscape underscores Washington’s broader efforts to address perceived security vulnerabilities in Chinese technology.
A US Army soldier, Cameron John Wagenius, has been charged with selling and attempting to sell stolen confidential phone records. Arrested on 20 December, Wagenius faces two charges of unlawfully transferring confidential information in a Texas federal court. His rank and station have not been disclosed, though he is reportedly based at Fort Cavazos in Texas.
Authorities allege that Wagenius, known online as ‘Kiberphant0m’, claimed involvement in hacking activities, including phone records linked to high-profile figures. The case is connected to a broader investigation involving hackers accused of stealing sensitive personal and financial information. Prosecutors have revealed the involvement of a hacking group targeting data storage firm Snowflake’s customers.
Cybersecurity researchers identified Wagenius after members of the group issued threats against them. Law enforcement acted swiftly following the tip-off, according to Allison Nixon of Unit 221B. The prosecution is being handled in Seattle, where two co-defendants, Connor Moucka and John Binns, face related charges for extensive data breaches.
The Department of Justice and the FBI have yet to comment on the case. Wagenius has been ordered to appear in Seattle, where the investigation continues.
Russian gas deliveries to Europe via Ukraine ceased on New Year’s Day, concluding decades of reliance on Moscow’s energy dominance. Gazprom confirmed the halt at 0500 GMT, following Ukraine’s refusal to renew a transit agreement. The stoppage, long anticipated, follows a dramatic shift in European energy dynamics spurred by the war in Ukraine.
Alternative supply arrangements by EU nations such as Slovakia and Austria have ensured that the end of Russian gas transit through Ukraine will not affect consumer prices. Hungary remains connected to Russian gas through the TurkStream pipeline, while Moldova’s pro-Russian Transdniestria region is already facing heating shortages due to the cutoff.
The European Union has significantly reduced its dependence on Russian energy, replacing supplies with liquefied natural gas from Qatar and the US, as well as piped gas from Norway. Ukrainian Energy Minister German Galushchenko hailed the decision as historic, stating that Russia would face substantial financial losses as a result.
Both sides are set to incur economic setbacks. Ukraine is losing $800 million annually in transit fees, while Gazprom faces a $5 billion drop in sales. Once dominant in Europe’s energy markets, Russia’s share has plummeted from 35% to near irrelevance, marking the end of an era shaped by Soviet-era pipeline projects.
Sanctions have been imposed by the US on organisations in Iran and Russia accused of attempting to influence the 2024 presidential election. The Treasury Department stated these entities, linked to Iran’s Revolutionary Guard Corps (IRGC) and Russia’s military intelligence agency (GRU), aimed to exploit socio-political tensions among voters.
Russia’s accused group utilised AI tools to create disinformation, including manipulated videos targeting a vice-presidential candidate. A network of over 100 websites mimicking credible news outlets was reportedly used to disseminate false narratives. The GRU is alleged to have funded and supported these operations.
Iran’s affiliated entity allegedly planned influence campaigns since 2023, focused on inciting divisions within the US electorate. While Russia’s embassy denied interference claims as unfounded, Iran’s representatives did not respond to requests for comment.
A recent US threat assessment has underscored growing concerns about foreign attempts to disrupt American democracy, with AI emerging as a critical tool for misinformation. Officials reaffirmed their commitment to safeguarding the electoral process.
Chinese hackers have been accused of infiltrating the US Treasury Department in a significant cyber attack. The breach, described as a ‘major incident’, allowed attackers to access employee workstations and unclassified documents, raising concerns over national security. The intrusion reportedly involved a third-party service provider’s compromised security key.
Officials confirmed that BeyondTrust, the affected service provider, had been taken offline. Investigations suggest a China-based Advanced Persistent Threat group was responsible. The Treasury has since partnered with the FBI and other agencies to assess the damage, while third-party forensic investigators are analysing the breach’s full impact.
China’s foreign ministry dismissed the allegations as baseless, reiterating its opposition to hacking. Accusations of Chinese cyber espionage have become more frequent, with recent incidents involving critical infrastructure and telecom companies. Officials claim the Treasury hack sought information rather than financial theft.
The incident comes amidst heightened scrutiny of Chinese cyber activities, with two prominent hacking groups linked to espionage and potential disruption campaigns. A supplemental report on the Treasury breach is expected within 30 days, as investigators continue their inquiries.
