Cyberconflict and warfare

Trump dismisses Signal leak, supports Waltz

US President Donald Trump on Tuesday downplayed the incident in which sensitive military plans for a strike against Yemen’s Houthis were mistakenly shared in a group chat that included a journalist. Trump referred to it as ‘the only glitch in two months’ and insisted that it was ‘not a serious’ issue.

The development, which surprised him when first questioned by reporters, has sparked criticism from Democratic lawmakers accusing the administration of mishandling sensitive information.

The lapse occurred when US National Security Adviser Mike Waltz unintentionally included Jeffrey Goldberg, editor-in-chief of The Atlantic, in a group chat with 18 high-ranking officials discussing military strike plans.

Waltz admitted to the mistake and accepted full responsibility, stating that an aide had mistakenly added Goldberg’s contact to the conversation.

The incident, which took place over the Signal app, has raised concerns due to the app’s public availability and its use for discussing such sensitive matters.

While Trump continued to express support for Waltz, Democratic critics, including former Secretary of State Hillary Clinton, have voiced strong disapproval.

Clinton, commenting on the breach, highlighted the irony of the situation, given Trump’s previous criticisms of Hillary Clinton’s use of a private email server for sensitive material.

For more information on these topics, visit diplomacy.edu.

US report highlights China’s growing military capabilities

A US intelligence report has identified China as the top military and cyber threat, warning of Beijing’s growing capabilities in AI, cyber warfare, and conventional weaponry.

The report highlights China’s ambitions to surpass the US as the leading AI power by 2030 and its steady progress towards military capabilities that could be used to capture Taiwan.

It also warns that China could target US infrastructure through cyberattacks and space-based assets.

The findings, presented to the Senate Intelligence Committee, sparked tensions between Washington and Beijing. Chinese officials rejected the report, accusing the US of using outdated Cold War thinking and hyping the ‘China threat’ to maintain military dominance.

China’s foreign ministry also criticised US support for Taiwan, urging Washington to stop backing separatist movements.

Meanwhile, Beijing dismissed accusations that it has failed to curb fentanyl shipments, a key source of US overdose deaths.

The report also notes that Russia, Iran, and North Korea are working to challenge US influence through military and cyber tactics.

While China continues to expand its global footprint, particularly in Greenland and the Arctic, the report points to internal struggles, including economic slowdowns and demographic challenges, that could weaken the Chinese government’s stability.

The intelligence report underscores ongoing concerns in Washington about Beijing’s long-term ambitions and its potential impact on global security.

For more information on these topics, visit diplomacy.edu.

China warns US against ‘hegemonic thinking’

China’s foreign ministry has criticised the US for viewing China through a ‘hegemonic mentality’ after Washington labelled it the top military and cyber threat.

Ministry spokesperson Guo Jiakun accused the US of pushing the ‘China threat’ narrative as a means to contain and suppress the country.

The latest exchange highlights ongoing tensions between the two global powers, particularly over security, technology, and military influence. Beijing has consistently rejected US claims regarding cyber espionage and military expansion, arguing that such accusations are politically motivated.

Relations between China and the US have remained strained, with disputes spanning trade, Taiwan, and cybersecurity.

Despite diplomatic efforts to stabilise ties, the two nations continue to challenge each other’s policies and strategic moves on the global stage.

For more information on these topics, visit diplomacy.edu.

Canada warns of foreign election interference

Canada’s intelligence agency has warned that China and India are highly likely to interfere in the country’s general election on 28 April, with Russia and Pakistan also having the potential to do so.

The Canadian Security Intelligence Service (CSIS) stated that while previous interference attempts in the 2019 and 2021 elections did not alter the results, the country had been slow to respond at the time. Both China and India have denied previous allegations of meddling in Canada’s internal affairs.

Vanessa Lloyd, CSIS’s deputy director of operations, said hostile states are increasingly using AI to influence elections, with China being particularly likely to exploit such tools.

The warning comes amid tense diplomatic relations between Canada and Beijing, following China’s recent tariffs on $2.6 billion worth of Canadian agricultural products and Ottawa’s strong condemnation of China’s execution of four Canadian citizens on drug charges.

India has also been under scrutiny, with Canada expelling six Indian diplomats last year over allegations of involvement in a plot against Sikh separatists.

Lloyd stated that India has both the intent and capability to interfere in Canadian politics and communities, though the Indian diplomatic mission in Ottawa has yet to comment.

She added that while it is difficult to directly link foreign interference with election outcomes, such activities undermine public trust in Canada’s democratic institutions.

For more information on these topics, visit diplomacy.edu.

Ukrzaliznytsia shifts to offline ticket sales after IT system failure

Ukraine’s state-owned railway company, Ukrzaliznytsia, has been hit by a large-scale cyberattack, affecting its online systems.

While train services remain operational without delays, the company has been working to restore its IT infrastructure. Passengers were advised to buy tickets offline on Monday as backups were recovered.

The cyberattack, described by Ukrzaliznytsia as ‘systemic, non-trivial and multi-level,’ was first reported on Sunday.

The railway has become a critical part of Ukraine’s transport network since the Russian invasion in 2022, with airspace closed and trains serving as the primary mode of domestic and international travel. Last year, it transported 20 million passengers and 148 million tonnes of freight.

Efforts to fully restore online systems are ongoing as authorities investigate the incident.

Cyberattacks targeting Ukraine’s infrastructure have increased since the start of the war, with railways playing a crucial role in both civilian and military logistics. Officials have not yet attributed responsibility for the attack.

For more information on these topics, visit diplomacy.edu.

Hackers use fake Semrush ads to steal Google accounts

Cybercriminals are using fake adverts for popular SEO platform Semrush to trick users into giving up access to their Google accounts, researchers have warned.

The malvertising campaign features ads that link to a bogus Semrush login page, which only allows users to sign in via Google, a tactic designed to steal high-value credentials.

According to Malwarebytes, Semrush accounts are often linked to critical Google services such as Analytics and Search Console.

These tools store confidential business insights, which threat actors could exploit for strategic and financial gain. The scammers may also access names, phone numbers, business details, and partial card information through compromised Semrush accounts.

By impersonating Semrush support, attackers could deceive users into revealing full card details under the pretence of payment or billing updates. However, this may open the door to wider fraud, such as redirecting funds from vendors or business partners.

With Semrush serving over 117,000 customers, including a significant share of Fortune 500 firms, the attack underscores the growing risks of malvertising on platforms like Google.

Security experts are urging businesses to tighten account access controls and remain cautious when engaging with search ads, even from seemingly reputable brands.

For more information on these topics, visit diplomacy.edu.

US launches national security unit to combat cyberattacks on telecom sector

The Federal Communications Commission (FCC) has launched a national security unit in response to recent cyber incidents affecting US telecommunications firms.

These incidents, attributed to a group known as Salt Typhoon, involved unauthorised access to sensitive data and communications.

The newly formed unit will be led by Adam Chan, FCC’s national security counsel, and will include representatives from eight different bureaus and offices within the agency. The council’s objectives are to:

  • Reduce reliance on foreign entities in the US telecom and technology supply chains.
  • Address vulnerabilities related to cyber threats, espionage, and surveillance.
  • Support U.S. leadership in critical technologies, including 5G, satellites, quantum computing, IoT, and robotics.

Cybersecurity experts have emphasised the importance of securing digital infrastructure against advanced threats. The telecommunications sector, despite its established cybersecurity measures, continues to face persistent and evolving risks.

Recent reports indicate that Salt Typhoon has continued targeting US telecom networks, with activity observed as recently as February.

The FCC has taken several steps in recent months to enhance industry security, and the formation of this council represents a further effort to strengthen resilience.

For more information on these topics, visit diplomacy.edu.

HQC announced as safeguard against future quantum attacks

The National Institute of Standards and Technology (NIST) has introduced HQC, a backup encryption algorithm designed to protect sensitive data from potential threats posed by future quantum computers.

As part of its ongoing efforts to strengthen cybersecurity, the agency selected HQC to complement the existing post-quantum cryptography (PQC) standard, ML-KEM, in case quantum advancements compromise current encryption methods.

HQC relies on error-correcting codes, a mathematical approach used in data protection for decades, including in NASA missions.

The algorithm is larger than ML-KEM and requires more computing power, but experts determined it to be a secure and reliable alternative. A draft standard for HQC is expected within a year, with final approval anticipated by 2027.

NIST has been working to prepare for the so-called ‘Q day,’ when quantum computers could break conventional encryption. Three PQC algorithms were finalized in 2024, including ML-KEM and two digital signature standards.

In addition to announcing HQC, NIST is preparing to release a draft standard for the FALCON algorithm, further strengthening protections against future cyber threats.

For more information on these topics, visit diplomacy.edu.

Trump administration ends support for cybersecurity projects

The Trump administration has cut funding for two key cybersecurity initiatives, including one supporting election security, sparking concerns over potential vulnerabilities in future US elections.

The Cybersecurity and Infrastructure Security Agency (CISA) announced it would end around $10 million in annual funding to the non-profit Center for Internet Security, which manages election-related cybersecurity programmes.

However, this move comes as part of a broader review of CISA’s election-related work, during which over a dozen staff members were placed on administrative leave.

The decision follows another controversial step by the administration to dismantle an FBI task force that investigated foreign influence in US elections.

Critics warn that reducing government involvement in election security weakens safeguards against interference, with Larry Norden from the Brennan Center for Justice calling the cuts a serious risk for state and local election officials.

The National Association of Secretaries of State is now seeking clarification on CISA’s decision and its wider implications.

CISA has faced Republican criticism in recent years for its role in countering misinformation related to the 2020 election and the coronavirus pandemic. However, previous leadership maintained that the agency’s work was limited to assisting states in identifying and addressing misinformation.

While CISA argues the funding cuts will streamline its focus on critical security areas, concerns remain over the potential impact on election integrity and cybersecurity protections across local and state governments.

For more information on these topics, visit diplomacy.edu.

Switzerland mandates cyberattack reporting for critical infrastructure from 1 April 2025

As of 1 April 2025, operators of critical infrastructure in Switzerland will be required to report cyberattacks to the National Cyber Security Centre (NCSC) within 24 hours of discovery. This measure, introduced by the Federal Council, is part of an amendment to the Information Security Act (ISA) and aims to enhance cybersecurity coordination and response capabilities.

The reporting obligation applies to key sectors, including energy and water suppliers, transport companies, and public administrations at the cantonal and communal levels. Reports must be submitted when an attack disrupts critical infrastructure, compromises or manipulates information, or involves blackmail, threats, or coercion. Failure to comply may result in financial penalties, which will be enforceable from 1 October, allowing a six-month adjustment period before sanctions take effect.

To facilitate compliance, the NCSC will provide a reporting form on its Cyber Security Hub, with an alternative email submission option for organisations not yet registered on the platform. Initial reports must be submitted within 24 hours, followed by a detailed report within 14 days.

The Federal Council has also approved the Cybersecurity Ordinance, which outlines implementation provisions, reporting exemptions, and mechanisms for information exchange between the NCSC and other authorities. Consultations on the ordinance reflected broad support for streamlined reporting processes, ensuring alignment with existing obligations, such as those under data protection laws.

Additionally, from 1 April, the National Cyber Security Centre will officially change its name as part of its transition into a federal office within the Department of Defence, Civil Protection and Sport (DDPS).

This regulatory update aligns Switzerland with international cybersecurity practices, including the EU’s NIS Directive, which has required cyber incident reporting since 2018.

For more information on these topics, visit diplomacy.edu

Diplo chatbot can make mistakes. Consider checking important information.