Cybercrime

Inside Visa’s war room: How AI battles $15 trillion in threats

In Virginia’s Data Centre Alley, Visa operates a high-security fraud command centre to protect $15 trillion in annual transactions — nearly 15% of the global economy. With cybercrime growing more sophisticated, the company has spent $12 billion in five years to bolster its AI-powered defences.

‘From lone hackers to criminal syndicates generating hundreds of millions, fraud today is highly structured,’ said Michael Jabbara, Visa’s global head of fraud solutions. Some groups now operate like corporations, with risk managers and customer support.

Much of today’s fraud preys on emotions. Scammers trick people into making payments by posing as romantic interests or sellers. Victims are often lured into schemes run by trafficked workers in scam centres in Myanmar.

Once card details are stolen, criminals test them across websites using recurring micro-charges. These fly under the radar for months, draining money slowly but steadily. Some operations mimic tech firms, offering fraud-as-a-service tools on the dark web.

‘You can buy a full toolkit — the software, instructions, bot access and even a mule network,’ Jabbara said. Brute-force payment attacks are now industrial in scale, enabled by the same cloud infrastructure that powers startups.

Visa’s defence includes round-the-clock global monitoring centres in Virginia, London and Singapore. Inside its Cyber Fusion Centre, teams handle millions of threats daily, mostly stopped automatically. But it’s an arms race — one that never sleeps.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ukraine strengthens cybersecurity ties with EU

Ukraine participated for the first time in the EU National Cybersecurity Coordination Centers meeting and the European Cybersecurity Competence Centre (ECCC) Steering Board in Rome.

The event, supported by Italy’s National Agency for Cybersecurity, focused on enhancing cooperation among EU member states and fostering a unified cyber community.

Natalia Tkachuk, Secretary of Ukraine’s National Coordination Center for Cybersecurity, highlighted the nation’s challenges and experiences in countering cyber threats amidst ongoing conflict.

She emphasized Ukraine’s role in both receiving and sharing cybersecurity knowledge to strengthen collective European security.

Discussions included the establishment of a joint Center of Competence for Cyber Resilience in Ukraine, aiming to counter Russian cyberattacks, disinformation, and sabotage.

The center will utilize artificial intelligence trained on unique Ukrainian data to enhance response capabilities.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Global instability fuels surge in cyberattacks

A surge in cyberattacks is fuelled by global instability, with businesses worldwide now facing heightened risks. A new report by GlobalData warns that rising geopolitical tensions are giving state actors, terrorists, hacktivists and cybercriminals more opportunities to strike.

Conflicts in Ukraine and the Middle East have created a volatile digital landscape. Cyberattackers are exploiting weakened defences, targeting both national infrastructure and private enterprises.

‘Those not after money are often motivated by revenge,’ the report states. The key perpetrators are disgruntled employees, unhappy customers, and ideologically driven hackers. While some attackers aim to cause reputational harm or attract attention, others seek to turn off critical systems.

Nation states, in particular, use cyberwarfare as a strategic tool against rival governments. Businesses are warned to prepare for disruption as cyber threats become more frequent and sophisticated. The report concludes that no organisation is immune in today’s digital and geopolitical uncertainty climate.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Regions seek role in EU hospital cyber strategy

The European Commission’s latest plan to strengthen hospital cybersecurity has drawn attention from regional authorities across the EU, who say they were excluded from key decisions.

Their absence, they argue, could weaken the strategy’s overall effectiveness.

With cyberattacks on healthcare systems growing, regional representatives insist they should have a seat at the table.

As those directly managing hospitals and public health, they warn that top-down decisions may overlook urgent local challenges and lead to poorly matched policies.

The Commission’s plan includes creating a dedicated health cybersecurity centre under the EU Agency for Cybersecurity (ENISA) and setting up an EU-wide threat alert system.

Yet doubts remain over how these goals will be met without extra funding or clear guidance on regional involvement.

The concerns point to the need for a more collaborative approach that values regional knowledge.

Without it, the EU risks designing cybersecurity protections that fail to reflect the realities inside Europe’s hospitals.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Secret Service step up crypto enforcement with major recoveries

Authorities in the United States have confiscated close to $400 million in digital currencies tied to criminal investigations over the last ten years. The bulk of these assets is secured in a government-controlled cold wallet.

A significant portion, worth $225 million, was recovered in June through a joint operation involving the FBI and legal offices. The effort reflects growing proficiency in tracking crypto-linked criminal activity across blockchain networks.

Secret Service has delivered cryptocurrency crime training in more than 60 countries to support global cooperation. These educational efforts are part of a broader strategy to strengthen international capabilities against financial fraud and cybercrime.

The agency also collaborates with private companies to improve its crypto crime efforts. Coinbase has assisted in tracing transactions, while Tether recently granted freezing access to the Secret Service and FBI.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

FBI issues warning as airline cyberattacks rise, posing national security threat

Less than a year after the cyberattack that shut down Sea-Tac Airport, the FBI has issued a stark new warning: America’s airlines are now targets. The agency confirmed that the cybercrime gang Scattered Spider is actively attacking aviation systems.

This group, known for crippling MGM Resorts, uses social engineering to bypass security. By posing as airline staff, they access systems, steal data and deploy ransomware within hours of a breach.

WestJet, Hawaiian Airlines and Qantas have all been hit in the last two months alone. Qantas reported a data breach affecting more than six million passengers.

Today’s airlines depend on interconnected digital infrastructure. Disruption to crew scheduling, flight planning or maintenance can trigger chaos across entire networks.

The FBI says these attacks are shifting from isolated incidents to coordinated campaigns. Experts fear that state and non-state actors are watching closely, ready to exploit aviation vulnerabilities.

Aircraft are now flying data centres. Their connectivity brings both efficiency and risk. Flight safety could be at stake if attackers compromise weather feeds or ground systems.

Sea-Tac was a warning. What happens when multiple airports are targeted at once? Fictional scenarios are edging closer to reality.

Previous attacks — from Warsaw to London — exposed system weaknesses. The threat has only grown. It is no longer a question of if, but when.

The industry must act decisively. Stronger identity checks, hardened systems, and real-time intelligence sharing are no longer optional. Cybersecurity must become as essential as flight safety.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

SK Telecom unveils $700B cybersecurity upgrade

SK Telecom has announced a major cybersecurity initiative worth KRW 700 billion, designed to restore trust and enhance information security after a recent incident.

The company’s new programme, called the Accountability and Commitment Program, includes four elements to protect customers and reinforce transparency.

A central part of the initiative is the Information Protection Innovation Plan, which involves a five-year investment to build a world-class cybersecurity system.

The project will follow the US National Institute of Standards and Technology’s Cybersecurity Framework and aims to position SK Telecom as Korea’s leader in information security by 2028.

To further support affected customers, the company is upgrading its Customer Assurance Package and introducing a Customer Appreciation Package to thank users for their patience and loyalty.

A subscription cancellation fee waiver has also been included to reduce friction for those reconsidering their service.

SK Telecom says it will maintain its commitment to customer safety and service reliability, pledging to fully address all concerns and enhance security and service quality across the board.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

LFR tech helps catch dangerous offenders, but Liberty urges legal safeguards

Live facial recognition (LFR) technology used by the Metropolitan Police has led to more than 1,000 arrests, including dangerous offenders wanted for serious crimes, such as rape, robbery and child protection breaches.

Among those arrested was David Cheneler, 73, a registered sex offender spotted by LFR cameras in Camberwell, south London. He was found with a young girl and later jailed for two years for breaching a sexual harm prevention order.

Another arrest included Adenola Akindutire, linked to a machete robbery in Hayes that left a man with life-changing injuries. Stopped during an LFR operation in Stratford, he was carrying a false passport and admitted to several violent offences.

LFR also helped identify Darren Dubarry, 50, who was wanted for theft. He was stopped with stolen designer goods after passing an LFR-equipped van in east London.

The Met says the technology has helped arrest over 100 people linked to serious violence against women and girls, including domestic abuse, stalking, and strangulation.

Lindsey Chiswick, who leads the Met’s LFR work, said the system is helping deliver justice more efficiently, calling it a ‘powerful tool’ that is removing dangerous offenders from the streets of London.

While police say biometric data is not retained for those not flagged, rights groups remain concerned. Liberty says nearly 1.9 million faces were scanned between January 2022 and March 2024, and is calling for new laws to govern police use of facial recognition.

Charlie Whelton of Liberty said the tech risks infringing rights and must be regulated. ‘We shouldn’t leave police forces to come up with frameworks on their own,’ he warned, urging Parliament to legislate before further deployment.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

India’s top darknet dealer laundered crypto with Monero for two years

India’s Narcotics Control Bureau (NCB) has arrested a 35-year-old engineer from Kerala accused of running the country’s largest darknet drug network alone. The suspect, ‘Ketamelon,’ reportedly ran a Level 4 darknet drug operation for two years without his family knowing.

Authorities seized more than 1,100 LSD blots, over 130 grams of ketamine, and cryptocurrency assets valued at over $82,000 during the four-month investigation. The drugs were reportedly sourced from international suppliers, including a UK-based vendor believed to be the world’s largest LSD supplier.

Shipments reached cities such as Bengaluru, Chennai, Delhi, and Himachal Pradesh.

The suspect laundered proceeds using Monero, a privacy-focused cryptocurrency designed to hide transaction details, making it popular among darknet criminals.

While privacy coins like Monero offer enhanced anonymity, experts warn they are not entirely untraceable, as blockchain ledgers permanently record all transactions.

The operation comes amid wider global efforts targeting cybercrime and crypto-facilitated illegal markets.

Recently, the US Treasury sanctioned a Russian hosting provider linked to ransomware and darknet drug sales, highlighting increasing international pressure on digital criminal networks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Deepfake abuse in schools raises legal and ethical concerns

Deepfake abuse is emerging as a troubling form of peer-on-peer harassment in schools, targeting mainly girls with AI-generated explicit imagery. Tools that once required technical skill are now easily accessible to young people, allowing harmful content to be created and shared in seconds.

Though all US states and Washington, D.C. have laws addressing the distribution of nonconsensual intimate images, many do not cover AI-generated content or address the fact that minors are often both victims and perpetrators.

Some states have begun adapting laws to include proportional sentencing and behavioural interventions for minors. Advocates argue that education on AI, consent and digital literacy is essential to address the root causes and help young people understand the consequences of their actions.

Regulating tech platforms and app developers is also key, as companies continue to profit from tools used in digital exploitation. Experts say schools, families, lawmakers and platforms must share responsibility for curbing the spread of AI-generated abuse and ensuring support for those affected.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!