The 34th International Conference of the Red Cross and Red Crescent has adopted a new resolution to protect civilians and essential infrastructure from the potential risks posed by ICT activities during armed conflict. Recognising the increased likelihood of information and communication technologies (ICTs) being used in future conflicts, the resolution addresses the need to safeguard civilian lives and critical systems from the unintended human costs of these operations.
The resolution highlights concerns over the malicious use of ICT capabilities by parties in conflict, noting that such activities could impact protected persons and objects, including essential infrastructure like power, water, and healthcare systems. It underscores that these civilian objects are crucial for survival and should remain unaffected during hostilities. The resolution further emphasises the importance of preventing these activities from crossing international borders, which could inadvertently impact civilians in other regions.
Acknowledging the limited resources and capacities of some states and humanitarian organisations, the resolution also draws attention to the vulnerability this may create. Without adequate defences, states and components of the Red Cross and Red Crescent Movement could face greater risks from cyber incursions during the conflict.
Another focus of the resolution is the potential for civilians to become involved in cyber activities related to conflict, either by conducting or supporting operations. It points to the need for greater awareness of the risks and legal implications, as civilians may need to fully understand the consequences of their involvement in ICT-related activities in conflict situations.
The resolution also calls for further study and dialogue on how international humanitarian law (IHL) applies to ICT activities in warfare. It acknowledges that while IHL traditionally protects civilians and critical infrastructure during conflict, the unique characteristics of cyberspace may require additional interpretation and understanding.
By adopting this resolution, the Red Cross aims to ensure that, as the nature of conflict changes, a strong international framework remains to protect civilians and essential infrastructure from the emerging threats posed by cyber activities in armed conflict.
China’s People’s Liberation Army (PLA) has adapted Meta’s open-source AI model, Llama, to create a military-focused tool named ChatBIT. Developed by researchers from PLA-linked institutions, including the Academy of Military Science, ChatBIT leverages an earlier version of Llama, fine-tuned for military decision-making and intelligence processing tasks. The tool reportedly performs better than some alternative AI models, though it falls short of OpenAI’s ChatGPT-4.
Meta, which supports open innovation, has restrictions against military uses of its models. However, the open-source nature of Llama limits Meta’s ability to prevent unauthorised adaptations, such as ChatBIT. In response, Meta affirmed its commitment to ethical AI use and noted the need for US innovation to stay competitive as China intensifies its AI research investments.
China’s approach reflects a broader trend, as its institutions reportedly employ Western AI technologies for areas like airborne warfare and domestic security. With increasing US scrutiny over the national security implications of open-source AI, the Biden administration has moved to regulate AI’s development, balancing its potential benefits with growing risks of misuse.
Canada’s signals intelligence agency has identified China’s hacking activities as the most significant state-sponsored cyber threat facing the country, according to a new threat assessment. The Communications Security Establishment (CSE) highlighted China’s advanced and aggressive cyber campaigns, describing them as highly sophisticated and primarily targeting political and commercial objectives, including espionage, intellectual property theft, and influence operations. This announcement comes amid strained relations between Ottawa and Beijing, fueled by past allegations of Chinese interference in Canada’s electoral process.
The CSE report also noted that Russia’s cyber operations are active in attempts to destabilise Canada and its allies, while Iran poses an additional cyber threat. These findings underscore the ongoing cyber challenges Canada faces from multiple state actors seeking influence and intelligence. The Chinese embassy in Ottawa has not yet commented on the CSE report, and Beijing has historically rejected similar accusations.
Canadian authorities have grown increasingly vocal about foreign interference, with Prime Minister Justin Trudeau previously accusing China of election meddling. Security experts warn that Canada will need to strengthen defenses as geopolitical tensions continue to heighten cyber risks.
China’s Ministry of State Security announced the discovery of foreign spying devices in its waters, including underwater ‘lighthouses’ that could potentially guide foreign submarines. The ministry revealed on its official WeChat account that it had retrieved several types of devices hidden on the ocean floor, gathering real-time data from within China’s claimed territorial waters.
This revelation comes amid rising tensions in the South China Sea, where China and the Philippines dispute territory, increasing the risk of a broader confrontation potentially involving the US. China’s recent military drills around Taiwan have also heightened concerns, as the US and Taiwan have condemned Beijing’s actions.
China claims nearly all of the South China Sea, overlapping areas claimed by other Southeast Asian nations, and has maintained it will not renounce using force over Taiwan. A new phase in the submarine arms race between China and the US and its allies is underway, with Beijing projected to field nuclear-armed submarines by the decade’s end. The ministry affirmed its commitment to defending China’s maritime sovereignty and addressing threats of foreign espionage in its waters.
Linux creator Linus Torvalds has expressed support for removing several Russian maintainers from the Linux kernel project. This decision, announced by prominent developer Greg Kroah-Hartman, has sparked debate within the Linux community. The removals affect 11 Russian developers, largely due to compliance with new sanctions, though specific details of the removals still need to be fully clarified.
Responding to the concerns, Torvalds stated, “If you haven’t heard of Russian sanctions yet, you should try reading the news sometime,” emphasising that the changes will not be reversed.
The Linux kernel, the operating system’s core, is managed by maintainers who oversee code submissions and updates. Kroah-Hartman noted that those removed may return if they provide documentation proving independence from sanctioned entities, especially organisations associated with the Russian government.
This action has stirred reactions among developers, with some accusing the decision-makers of acting contrary to Linux’s open-source principles. Others warned that the decision could lead to future uncertainties about the participation of maintainers in sanctioned regions.
Responding to criticism, Torvalds dismissed the objections as originating from “Russian troll factories” and reaffirmed his stance, citing his opposition to Russian aggression. The move follows broader trends in the tech industry, where major US companies, like Docker Hub and GitHub, have imposed restrictions on Russian users, reflecting the impact of international sanctions on open-source software projects.
Chinese hackers infiltrated Verizon’s phone systems to target devices used by individuals connected to Kamala Harris’s campaign, according to a source. Reports also indicated attempts to breach phones linked to Donald Trump and JD Vance, although Reuters could not confirm this.
Investigators are working to establish whether any communications from Trump or Vance were compromised. While the Trump campaign did not verify the targeting, it acknowledged the issue and criticised Harris, claiming her leadership emboldened cyberattacks from China and Iran.
The Chinese embassy in Washington denied involvement, asserting that China does not interfere in US elections and opposes cyberattacks in any form. The Harris campaign did not provide an immediate response to requests for comment.
The FBI and the US Cybersecurity and Infrastructure Security Agency are currently investigating the incident. Verizon confirmed it was aware of a sophisticated cyberattack aimed at US telecommunications and said it is cooperating with law enforcement.
Georgia‘s secretary of state’s office recently thwarted a cyberattack aimed at crashing the website used by voters to request absentee ballots. The attack, believed to have originated from a foreign entity, involved hundreds of thousands of IP addresses flooding the system with fake traffic. Despite briefly slowing the site, the attack did not disrupt the ability of voters to request ballots, thanks in part to support from cybersecurity firm Cloudflare.
Officials have yet to confirm the foreign origin, though Gabe Sterling, an election official in Georgia, suggested the attack had “the hallmarks of a foreign power.” The FBI and the US Cybersecurity and Infrastructure Security Agency are involved in the investigation. This incident highlights ongoing attempts by hackers, including foreign-linked groups, to interfere with the democratic process as the US presidential election approaches.
Georgia has previously dealt with cyber threats, including a cyberattack in Coffee County earlier this year, underscoring the continuous risk to election infrastructure. However, no cyber activity has affected the actual casting or counting of votes so far.
These artificial avatars would operate on social media and online platforms, featuring realistic expressions and high-quality images akin to government IDs. JSOC also seeks technologies to produce convincing facial and background videos, including ‘selfie videos’, to avoid detection by social media algorithms.
US state agencies have previously announced frameworks to combat foreign information manipulation, citing national security threats from these technologies. Despite recognising the global dangers posed by deepfakes, SOCOM’s initiative underscores a willingness to engage with the technology for potential military advantage.
Experts expressed concern over the ethical implications and potential for increased misinformation, warning of the entirely deceptive nature of deepfakes, with no legitimate applications beyond deceit, possibly encouraging further global misuse. Furthermore, such practices pose the risk of diminished public trust in government communications, exacerbated by perceived hypocrisy in deploying such technology.
Why does it matter?
This plan reflects an ongoing interest in leveraging digital manipulation for military purposes, despite previous incidents where platforms like Meta dismantled similar US-linked networks. It further shows a contradiction in the US’s stance on deepfake use, as it simultaneously condemns similar actions by countries like Russia and China.
The Mekong-US Partnership (MUSP) recently hosted a policy dialogue on online scams, bringing together government representatives from Thailand, the US, and Vietnam. The seminar, held in Bangkok, focused on addressing cybersecurity issues and fostering cooperation to combat online crime across the Mekong region. The event was organised by the Ministry of Foreign Affairs and the Stimson Center, with support from the US Department of State.
Discussions centred around strategies to prevent online scams, enhance risk management, and ensure the security of digital financial systems. Thai officials, including Ekapong Harimcharoen from the Ministry of Digital Economy and Society, highlighted national policies and shared insights with international partners. Participants explored collaborative efforts to build a secure online environment and promote regional connectivity under the MUSP framework.
Thailand is taking significant steps to expand its digital economy, projected to contribute 11% to GDP by 2027. Several laws and initiatives are already in place, such as the Personal Data Protection Act (PDPA) and the Cyber Security Act. These measures aim to protect data, promote responsible AI development, and safeguard critical infrastructure sectors including healthcare, banking, and telecommunications.
With remote work and cloud technologies becoming more prominent, the demand for cybersecurity solutions is growing. Thailand aims to position itself as a regional leader in information and communications technology while tackling the evolving challenges of cybercrime. Cooperation under the MUSP framework is expected to enhance resilience in the digital landscape of the Mekong sub-region.
Russia is using generative AI to ramp up disinformation campaigns against Ukraine, warned Ukraine’s Deputy Foreign Minister, Anton Demokhin, during a cyber conference in Singapore. He explained that AI is enabling Russia to spread false narratives on a larger and more complex scale, making it increasingly difficult to detect and counter. The spread of disinformation is a growing focus for Russia, alongside ongoing cyberattacks targeting Ukraine.
Ukrainian officials have previously reported that Russia’s FSB and military intelligence agencies are behind many of these efforts, with the goal of undermining public trust and spreading confusion. Demokhin stressed that Russia’s disinformation efforts are global, calling for international cooperation to tackle this emerging threat. He also mentioned that Ukraine is using AI to track these campaigns but declined to comment on any offensive cyber operations.
Meanwhile, other Russian cyberattacks are targeting Ukraine’s critical infrastructure and supply chains, seeking to disrupt essential services. Ukraine continues to collaborate with the International Criminal Court on investigating Russian cyber activities as potential war crimes.
