Ghana has launched its revised National Cybersecurity Policy and Strategy (NCPS) to tackle the escalating cybersecurity threats arising from its rapid digital transformation. The comprehensive framework is designed to address current cyber risks and anticipate emerging ones, ensuring that Ghana’s digital infrastructure remains resilient and secure over the next five years.
The initiative was officially unveiled during the opening ceremony of the 2024 National Cybersecurity Awareness Month (NCSAM) in Accra, which, notably, saw significant participation from high-ranking officials, including the leadership of the Ghana Armed Forces and key stakeholders in cybersecurity. Moreover, the policy is anchored on five essential pillars – Legal Measures, Technical Measures, Organisational Measures, Capacity Building, and Cooperation.
Why does it matter?
The NCPS addresses the rapid digitalisation occurring across critical sectors such as finance, healthcare, education, and commerce at a pivotal moment for the nation. While these advancements offer substantial socioeconomic benefits, they also expose the nation to significant cyber risks that could jeopardise economic stability and public safety.
Therefore, by implementing the NCPS, Ghana aims to strengthen its defences against these threats, protect its digital achievements and ensure sustainable technological progress. Furthermore, Minister Ursula Owusu-Ekuful emphasised that the policy serves as a vital roadmap for addressing current and future cyber threats. In addition, that underscores the importance of enhancing public-private collaboration to bolster the country’s overall digital resilience.
Marriott International will implement an information security program following a settlement with the US Federal Trade Commission (FTC) over data breaches that impacted more than 344 million customers between 2014 and 2020. The settlement requires Marriott and its subsidiary, Starwood Hotels & Resorts Worldwide, to address the vulnerabilities that led to multiple breaches over several years.
The hotel chain also agreed to provide US customers with a way to request deletion of their personal data linked to their email address or loyalty rewards account. In addition, Marriott will review loyalty rewards accounts upon request and restore stolen points. A separate settlement sees Marriott paying $52 million to resolve similar data security claims across 49 states and the District of Columbia.
Marriott has stated that protecting guests’ personal data remains a top priority and that the company continues to invest heavily in improving its cybersecurity measures. However, Marriott did not admit liability for the breaches in either the FTC settlement or the agreements with state Attorneys General.
In 2020, the company faced a class action lawsuit in London brought by millions of former guests seeking compensation after their personal information was compromised during the breaches, considered one of the largest in history.
Lead US negotiator Ambassador Deborah McCarthy emphasised the risks of the US backing out after leading the treaty’s development, warning of a potential divide at the UN if the US withdraws. She also highlighted the treaty’s role in fostering global cooperation on cybercrime investigations and information-sharing, while acknowledging legitimate concerns from various sectors.
Critics, however, argue that the treaty’s provisions on serious crimes—those carrying sentences of four years or more—could empower authoritarian regimes to abuse surveillance powers and violate human rights. Human Rights Watch’s Deborah Brown expressed concern that the treaty lacks robust safeguards and could be used to suppress protected activities like protests and investigative journalism.
While McCarthy stressed that the treaty could spotlight misuse and encourage global cooperation, US Senate ratification remains uncertain. With privacy advocates like Sen. Ron Wyden opposing the treaty, calling it a potential tool for authoritarian regimes, securing the two-thirds Senate vote required for US participation will be challenging.
In her remarks, McCarthy acknowledged that the treaty is not perfect but called it ‘definitely an advancement.’ The treaty’s provision, which automatically allows for the extradition of cyber criminals ‘without having to negotiate country by country,’ is a win, McCarthy said.
India’s Financial Intelligence Unit is investigating the Indian cryptocurrency exchange WazirX following a significant cyberattack that resulted in the theft of $235 million. The exchange is cooperating with government agencies and has provided authorities with extensive server logs and transaction data related to the incident, which occurred in July. Although no physical assets have been seized, WazirX is actively engaging with regulatory bodies to understand the broader implications of the hack on the unregulated crypto sector.
In a bid to enhance transparency, WazirX plans to publicly disclose wallet addresses through court affidavits and has committed to addressing user concerns. The exchange aims to establish a 10-member committee of creditors by 9 October to assist in its restructuring efforts, to return 52-55% of the remaining crypto assets to affected clients within six months.
Additionally, WazirX’s parent company, Zettai, is in discussions with 11 potential partners to explore capital injections and profit-sharing strategies that could aid in user recoveries. Following the hack, WazirX has sought a Scheme of Arrangement in Singapore under local insolvency laws. An independent audit revealed no evidence of wrongdoing by its custodian partner, Liminal Custody.
American Water, a major US utility, has disconnected parts of its computer network following a cybersecurity incident. The company, which serves over 14 million people, paused billing and customer service as a precaution.
The utility detected unauthorised activity on its systems on 3rd October, prompting the immediate disconnection of several systems. This step was taken to safeguard customer data and prevent potential damage to the environment.
Based in New Jersey, American Water has not yet provided further details about the nature of the breach. However, the US has faced numerous cyberattacks in recent years, often from criminals seeking cryptocurrency ransoms.
LEGO Group’s website was briefly compromised on 5 October, with a scam promoting a fake ‘LEGO Coin’ token appearing on the homepage. The message encouraged users to purchase the token in exchange for ‘secret rewards’ but redirected them to a phishing site. The scam was removed after about 75 minutes, and LEGO confirmed that no user accounts had been compromised.
LEGO has since assured customers that the issue has been resolved and steps are being taken to prevent future incidents. Despite earlier hints in 2021 about entering the NFT space, LEGO has not officially pursued any crypto-related ventures.
This incident highlights the ongoing threat of cryptocurrency scams, which saw $127 million stolen from victims in the third quarter of 2024, with September alone accounting for $46 million in losses.
VGTRK, Russia’s state media giant, has been hit by a large-scale cyberattack. The company, which operates key national TV and radio stations, confirmed its online services were disrupted, though broadcasting remains unaffected. Kremlin spokesman Dmitry Peskov described the attack as unprecedented, adding that specialists were investigating the source.
A Ukrainian government source claimed responsibility, stating that the attack coincided with President Vladimir Putin’s birthday. However, these assertions have not been independently verified. VGTRK’s website and online news channel were unavailable following the attack.
The disruption affected internal services, with reports of widespread damage. Some sources suggested hackers wiped critical data, including backups. VGTRK has yet to issue an official comment on the full extent of the breach or recovery efforts.
Maria Zakharova, Russia’s Foreign Ministry spokesperson, did not directly blame any group but linked the incident to a broader ‘hybrid war’ against media in Russia. Moscow plans to address the cyberattack at international forums like UNESCO.
Criminal networks in Southeast Asia are increasingly exploiting Telegram for large-scale illicit activities, according to a new report from the United Nations. The encrypted messaging app is used to trade hacked data, including credit card details and passwords, across sprawling, poorly-moderated channels. The report also notes that unlicensed cryptocurrency exchanges on the platform provide money laundering services.
Fraud tools, such as deepfake software and data-stealing malware, are widely sold, enabling organised crime syndicates to innovate and expand their operations. One vendor in Chinese reportedly claimed to move millions in stolen cryptocurrency daily. Southeast Asia has become a hub for these activities, where criminal groups target victims worldwide, generating up to $36.5 billion annually.
The controversy surrounding Telegram escalated when its founder, Pavel Durov, was arrested in Paris for allowing criminal activity on the platform. Durov, who is now out on bail, has since announced steps to cooperate with law enforcement by sharing users’ information when requested legally and removing certain features used for illegal purposes.
As the UNODC report warns, the widespread use of Telegram for underground markets places consumers’ data at heightened risk. Criminals are not only exploiting technology like artificial intelligence but are also leveraging the platform’s ease of use to target victims globally.
The US Department of Homeland Security (DHS) and the Polish Ministry of Digital Affairs (MDA) have signed a Memorandum of Understanding (MOU) to bolster their collaboration in cybersecurity and emerging technology. This MOU strengthens the longstanding partnership between the United States and Poland, providing a structured framework for coordinated efforts in addressing global security challenges, including cyber threats and responsible technology development.
By focusing on key areas such as cyber policy, Secure by Design practices, information sharing, incident response, human capital development, and the safe deployment of AI and the Internet of Things (IoT), both nations demonstrate a shared commitment to transatlantic security. The timing of this MOU, which coincides with the Fourth Counter Ransomware Initiative Summit, reflects a united stance against the growing ransomware threat, as nearly 70 countries gathered to reinforce global resilience against cybercrime.
Various agencies will spearhead the implementation of the MOU as part of the agreement. In the United States, DHS entities like the Cybersecurity and Infrastructure Security Agency (CISA), the Office of Strategy, Policy, and Plans, and the Science and Technology Directorate will drive projects that enhance cybersecurity and support critical infrastructure. On the Polish side, the National Research Institute (NASK) will be instrumental in coordinating these efforts, positioning Poland for its upcoming EU Council presidency in 2025, where it aims to strengthen US-EU relations and prioritise European information security.
Why does it matter?
Together, these agencies will focus on collaborative initiatives that ensure safe technology practices, build critical skills, and enable a proactive response to digital threats, securing a stronger digital future for both nations.
Eight individuals have been arrested in an ongoing international effort to combat cybercrime, significantly disrupting criminal activities in Côte d’Ivoire and Nigeria. These arrests were made during INTERPOL’s Operation Contender 2.0, which focuses on tackling cyber-enabled crimes in West Africa through improved international intelligence sharing.
The suspects were linked to extensive phishing scams aimed at Swiss citizens. They utilised QR codes to direct victims to fraudulent websites that closely resembled legitimate payment platforms, where they solicited sensitive personal information, including login credentials and credit card numbers. The hackers masqueraded as buyers on small advertising sites to build trust or pretended to be customer service agents.
INTERPOL reports that this scheme led to over $1.4 million in financial losses, with Swiss authorities receiving more than 260 reports about the scam between August 2023 and April 2024. As part of the investigation, law enforcement successfully apprehended the main suspect behind these attacks, who admitted to the scheme and revealed that he had made over $1.9 million from it.
Additionally, five other suspects were found engaging in cybercriminal activities at the same location. The investigation continues as authorities work to identify more victims, recover stolen funds, and trace items purchased with the proceeds from the scam.
