Cybercrime

Illegal cryptocurrency circulation to carry prison sentences in Russia

Russia’s government commission on legislative activity has approved new measures introducing criminal liability for large-scale cryptocurrency operations conducted without the central bank’s authorisation.

The proposal establishes penalties for the illegal organisation of digital currency circulation where significant damage or substantial financial gain is involved.

Under the approved amendments, individuals found to be organising crypto transactions in violation of Russian law could face prison sentences of 4 to 7 years. The rules apply to cases involving harm to individuals, organisations, or the state, or large-scale illicit income.

The draft introduces a new Article 171.7 into the Russian Criminal Code, formally defining ‘illegal organisation of digital currency circulation’ as a punishable offence. The measures are expected to come into force on 1 July 2027, marking a significant tightening of enforcement in the country’s digital asset sector.

By introducing custodial penalties, Russia is raising the legal and financial risks for unlicensed digital asset activity, which could deter informal market participation and push activity towards regulated channels.

In the broader context, it reflects a global trend in which governments are moving to formalise oversight of crypto markets in response to concerns about financial crime, capital flows, and systemic risk.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

OpenAI expands cyber defence programme with trusted access and industry partnerships

The US AI research and deployment company, OpenAI, has introduced an expanded cyber defence initiative aimed at strengthening collaboration across the cybersecurity ecosystem.

A programme, known as Trusted Access for Cyber, is designed to provide advanced AI capabilities to vetted organisations while maintaining safeguards based on trust, validation and accountability.

Such an initiative by OpenAI includes financial support through a cybersecurity grant programme, allocating resources to organisations working on software supply chain security and vulnerability research.

By enabling broader access to advanced tools, the programme seeks to support developers and smaller teams that may lack continuous security capacity.

A range of industry participants, including Cisco, Cloudflare and NVIDIA, are involved in testing and applying these capabilities within complex digital environments.

Public sector collaboration is also reflected through partnerships with institutions focused on evaluating AI safety and security standards.

The initiative reflects a broader approach to cybersecurity as a distributed responsibility, where public and private actors contribute to resilience.

It also highlights the increasing role of AI systems in identifying vulnerabilities and supporting defensive research across critical infrastructure and digital services.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Australian authorities warn of data exploitation through social media platforms

Social media and messaging services pose growing security and privacy risks, with personal data used to build profiles for fraud, espionage, or social engineering. Even routine posts may contribute to broader data collection and unintended exposure.

Platforms typically collect extensive user and device data under evolving privacy policies, sometimes storing it across jurisdictions with varying legal protections. Such conditions increase the risks to identity theft, reputational harm, and the misuse of aggregated personal information.

The Australian Government advises organisations to restrict access to official accounts, train staff, and enforce clear policies on what can be shared. It also highlights the importance of breach response procedures to maintain operational security.

For individuals, the Government guidance recommends limiting exposure of personal data, using privacy settings, avoiding unknown contacts, and applying strong authentication.

Regular updates, careful app permissions, and device security measures are also encouraged to reduce cyber risks.

Strengthening awareness and applying consistent security practices reduces vulnerability and supports more resilient organisational systems in an increasingly interconnected digital environment.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

FBI reports billions lost to crypto and AI scams

The Federal Bureau of Investigation reports that cyber-enabled crimes cost Americans nearly $21 billion in 2025, according to its latest Internet Crime Report. The Internet Crime Complaint Center recorded more than 1 million complaints, marking a rise from the previous year.

Investment fraud, phishing, extortion, and tech support scams remained the most common threats, with older adults reporting disproportionately high losses. Individuals over 60 accounted for approximately $7.7 billion in losses, reflecting a sharp year-on-year increase.

Cryptocurrency-related fraud was the most financially damaging category, with losses exceeding $11 billion across more than 180,000 complaints. The report also highlighted emerging risks linked to AI, including deepfake identities, voice cloning, and fabricated media used to manipulate victims.

The FBI has expanded initiatives such as Operation Level Up to identify ongoing scams and reduce losses, while emphasising early reporting and awareness measures. Officials say scammers increasingly use psychological pressure and realistic digital impersonation to deceive victims.

Rising losses highlight how rapidly evolving digital fraud techniques are outpacing public awareness, with crypto and AI tools making scams more scalable and convincing.

Strengthening detection, reporting, and education will be critical to reducing financial harm and improving resilience against increasingly sophisticated online crime networks.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK government reviews regulatory options for enterprise connected devices

The UK government has said it will update and streamline its proposed code of practice for enterprise connected device security and assess further policy options, including regulation, certification, and other assurance mechanisms, following its call for views on enterprise connected device security.

The response, published by the Department for Science, Innovation and Technology, says enterprise-connected devices are often critical to business operations but can lack adequate security measures. It also states that the UK government’s call for views showed strong support for intervention to improve the cybersecurity of such devices, with 95% of respondents agreeing that the government should do more.

According to the response, 76% of respondents agreed or strongly agreed that the risks posed by enterprise-connected devices are sufficiently distinct from those of other connected devices to warrant an independent code of practice.

The UK government also reports that 78% agreed or strongly agreed with creating new legislation imposing obligations on manufacturers, while 71% agreed or strongly agreed with creating a new global standard based on the code of practice.

The UK government says it will ask manufacturers to use the National Cyber Security Centre’s existing device security principles while this work continues. It also says it will finalise the security principles, make them modular within the broader set of secure-by-design codes of practice, and explore the feasibility of a certification scheme for manufacturers.

The response also states that the UK government will assess options for regulatory measures, following feedback that it needs to go beyond voluntary adoption and include some form of assurance or enforcement mechanism. It adds that the government will review whether the scope of this work should be expanded beyond enterprise-connected devices as part of its broader analysis of technology security.

The document says the UK government will seek to align this work, where possible and necessary, with international developments, including European Union standards processes under the Cyber Resilience Act. It also notes repeated calls from respondents for implementation guides and clearer alignment with existing legislation and standards.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK data reveals alarming growth in online child abuse cases

A sharp increase in online child abuse cases has been reported by the Internet Watch Foundation (IWF) and NSPCC’s Childline, based on data from the Report Remove service.

Nearly 1,900 UK children reported sexual imagery concerns in 2025, a 66 percent rise, with more than 1,100 confirmed cases involving abuse material. Weekly reports show a consistent pattern of coercion, threats, and financial pressure targeting minors.

The scale of the increase reflects structural changes in how abuse operates online. Offenders use fake identities and contact many victims simultaneously, turning exploitation into a repeatable activity.

Financial incentives reinforce the pattern, while teenage boys aged 14 to 17 represent the majority of cases, indicating targeted and adaptive behaviour by perpetrators.

Weaknesses in digital environments further sustain such growth. Platforms prioritise speed and interaction instead of prevention, while anonymity and cross-border activity reduce enforcement effectiveness.

Psychological pressure remains central, with threats designed to isolate victims and limit reporting, meaning recorded cases likely underestimate the real scale.

The IWF‘s findings highlight a policy gap between technological expansion and child safety protections in the UK.

While services like Report Remove improve response and mitigation, they do not address underlying risks. Without stronger platform accountability and preventive regulation, online child abuse is likely to continue expanding.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

ENISA conference in Cyprus to focus on EU cybersecurity certification

The European Union Agency for Cybersecurity (ENISA) is holding the 2026 European Cybersecurity Certification Conference in Ayia Napa, Cyprus, with support from the Cyprus Presidency of the Council of the EU and the European Commission.

The agency says the conference will address the evolution of the EU cybersecurity certification, updates on certification schemes for the European Digital Identity Wallet and managed security services, exchange across the European cybersecurity ecosystem, and interplays with the Cyber Resilience Act, the Cyber Solidarity Act, and NIS 2.

The programme includes keynote contributions from Despoina Spanou, Deputy Director-General for Communications Networks, Content and Technology at the European Commission, Juhan Lepassaar, Executive Director of ENISA, and Kyriakos Iordanou, General Manager at the Ministry of Energy, Commerce and Industry of Cyprus.

It also includes a presentation by Steffen Zimmermann, Head of Industrial Security at VDMA, followed by an EU cybersecurity certification award ceremony involving Chloe Blondeau, Seconded National Expert at ENISA.

Sessions on ‘CSA2’, the European Digital Identity Wallet, conformity assessment bodies, national accreditation bodies, certification bottlenecks, and managed security services are also included in the agenda.

Speakers listed in the programme include Maika Fohrenbach, Head of Sector for product security and certification policy at DG CONNECT, Apostolos Malatras, Head of the Cybersecurity Certification Unit at ENISA, Xenia Kyriakidou, Head of the National Cybersecurity Certification Authority of Cyprus, Evgenia Nikolouzou, Cybersecurity Expert at ENISA, and Nikolaos Soumelidis, IT/Cyber Security Certifications Director at Q-CERT.

Franz Weprazjetzky of the European Commission, Vicente Gonzalez Pedros, Cybersecurity Expert at ENISA, and Philippe Blot, Deputy Head of Unit and Head of Sector in the Cybersecurity Certification Unit at ENISA, are also listed in the programme.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Oracle expands AI options for US government agencies

The US government is set to gain expanded AI capabilities through new infrastructure and model deployment options in Oracle Cloud.

These developments aim to improve agencies’ ability to manage critical tasks, from situational awareness to cybersecurity, while maintaining strict security and compliance standards.

High-performance GPUs and AI models will support faster, more reliable inference and training, helping agencies respond more effectively to public needs.

The focus is on enabling secure deployment in environments with sensitive data and complex regulatory requirements, ensuring AI use aligns with public interest and safety.

Such an expansion builds on existing government AI frameworks, offering capabilities for retrieval-augmented generation, secure inference, and operational analytics.

By integrating AI in a controlled, compliant environment, US agencies can improve efficiency, decision-making, and public service delivery without compromising security.

Ultimately, these advancements by Oracle aim to ensure that government AI adoption benefits citizens directly, supporting transparency, accountability, and effective public administration in high-stakes contexts.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Malwarebytes highlights Microsoft findings on WhatsApp attachments used in Windows attacks

Malwarebytes has reported on findings from Microsoft researchers about a campaign that uses WhatsApp attachments to trick Windows users into launching a malicious script that grants attackers remote access to the machine.

According to the Malwarebytes report, Microsoft researchers said the attack does not rely on a software flaw in WhatsApp itself. Instead, it depends on social engineering. Victims receive what appears to be a harmless attachment through WhatsApp, but the file is actually a .vbs script that Windows can execute.

Once opened, the script copies built-in Windows tools into a hidden folder and renames them to appear less suspicious. Microsoft’s analysis, as cited by Malwarebytes, says legitimate system tools are then abused to download additional malware, using a living-off-the-land approach that avoids introducing obvious malicious binaries.

The infection chain is also designed to blend in with normal activity. Further scripts are fetched from mainstream cloud providers, making network traffic appear to be accessing services such as AWS, Tencent Cloud, or Backblaze rather than a clearly suspicious server.

Attempts to gain administrator privileges are part of the process as well. The malware reportedly attempts to alter User Account Control behaviour and registry settings to make system-level changes more quietly and remain active after a reboot.

At the final stage, an unsigned MSI installer deploys remote-access software and other payloads, allowing the attacker to maintain access to the compromised device and its data.

Malwarebytes also highlighted practical safety steps for home users and small businesses, including avoiding unsolicited attachments, enabling file extensions in Windows Explorer so misleading filenames are easier to spot, using up-to-date anti-malware tools, downloading software only from official vendor sites, and treating unexpected UAC prompts or sudden system changes as warning signs. Keeping Windows and other applications updated also remains important.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Cyberattack on Hasbro exposes vulnerabilities in large enterprise systems

Hasbro has confirmed a cyberattack that disrupted internal systems and may take several weeks to resolve. The company detected unauthorised access on 28 March and responded by shutting down parts of its infrastructure to contain the incident.

Operations continue under contingency measures, allowing order processing and product distribution despite system disruptions.

However, ongoing security efforts suggest the threat may not yet be fully contained, while external cybersecurity specialists have been engaged to support the investigation.

The company has not disclosed the nature of the attack, and it remains unclear whether data has been exfiltrated. Public statements indicate that the full scope and impact of the breach are still under assessment, with uncertainty over potential financial or operational consequences.

The incident reflects a broader trend of cyberattacks targeting large corporations to disrupt operations and extract value.

Previous cases, including disruptions at Jaguar Land Rover, highlight the potential for prolonged economic impact and the increasing importance of resilience in corporate cybersecurity strategies.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.