Microsoft’s recent deal with UAE-backed AI firm G42 could involve the transfer of advanced AI technology, raising concerns about national security implications. Microsoft President Brad Smith highlighted that the agreement might eventually include exporting sophisticated chips and AI model weights, although this phase has no set timeline. The deal, which necessitates US Department of Commerce approval, includes safeguards to prevent the misuse of technology by Chinese entities. However, details of these measures remain undisclosed, prompting scepticism among US lawmakers about their adequacy.
Concerns about the agreement have been voiced by senior US officials, who warn of the potential national security risks posed by advanced AI systems, such as the ease of engineering dangerous weapons. Representative Michael McCaul expressed frustration over the lack of a comprehensive briefing for Congress, citing fears of Chinese espionage through UAE channels. Current regulations require notifications and export licenses for AI chips, but gaps exist regarding the export of AI models, leading to legislative efforts to grant US officials more explicit control over such exports.
Why does it matter?
The deal, valued at $1.5 billion, was framed as a strategic move to extend US technology influence amid global competition, particularly with China. Although the exact technologies and security measures involved are not fully disclosed, the agreement aims to enhance AI capabilities in regions like Kenya and potentially Turkey and Egypt. Microsoft asserts that G42 will adhere to US regulatory requirements and has implemented a ‘know your customer’ rule to prevent Chinese firms from using the technology for training AI models.
Microsoft emphasises its commitment to ensuring secure global technology transfers, with provisions for imposing financial penalties on G42 through arbitration courts in London if compliance issues arise. While the US Commerce Department will oversee the deal under existing and potential future export controls, how Commerce Secretary Gina Raimondo will handle the approval process remains uncertain. Smith anticipates that the regulatory framework developed for this deal will likely be applied broadly across the industry.
The EU regulators announced on Thursday that Meta Platforms’ social media platforms, Facebook and Instagram, will undergo investigation for potential violations of the EU online content rules about child safety, potentially resulting in significant fines. The scrutiny follows the EU’s implementation of the Digital Services Act (DSA) last year, which places greater responsibility on tech companies to address illegal and harmful content on their platforms.
The European Commission has expressed concerns that Facebook and Instagram have not adequately addressed risks to children, prompting an in-depth investigation. Issues highlighted include the potential for the platforms’ systems and algorithms to promote behavioural addictions among children and facilitate access to inappropriate content, leading to what the Commission refers to as ‘rabbit-hole effects’. Additionally, concerns have been raised regarding Meta’s age assurance and verification methods.
Why does it matter?
Meta, formerly known as Facebook, is already under the EU scrutiny over election disinformation, particularly concerning the upcoming European Parliament elections. Violations of the DSA can result in fines of up to 6% of a company’s annual global turnover, indicating the seriousness with which the EU regulators are approaching these issues. Meta’s response to the investigation and any subsequent actions will be closely monitored as the EU seeks to enforce stricter regulations on tech giants to protect online users, especially children, from harm.
According to confidential findings by UN sanctions monitors, North Korea utilised the virtual currency platform Tornado Cash to launder $147.5 million in March, following its theft from a cryptocurrency exchange last year. The monitors revealed to a UN Security Council sanctions committee that they had been investigating 97 suspected cyberattacks by North Korea on cryptocurrency companies between 2017 and 2024, totalling approximately $3.6 billion.
As can be seen in these confidential findings, one notable incident involved the theft of $147.5 million from the HTX cryptocurrency exchange late last year, which was then laundered in March. The monitors cited information from crypto analytics firm PeckShield and blockchain research firm Elliptic. In 2024 alone, they investigated 11 cryptocurrency thefts valued at $54.7 million, suggesting possible involvement by North Korean IT workers hired by small crypto-related companies.
North Korea, officially known as the Democratic People’s Republic of Korea (DPRK), has faced UN sanctions since 2006, aimed at curbing funding for its ballistic missile and nuclear programs. The US has previously sanctioned Tornado Cash over alleged support for North Korea, with two co-founders charged with facilitating money laundering. Virtual currency ‘mixer’ platforms like Tornado Cash blend cryptocurrencies to obscure their source and ownership.
Additionally, the monitors highlighted ongoing concerns about illicit arms trade between North Korea and Russia, with suspected shipments between North Korea’s Rajin port and Russian ports. There were also reports of North Korean cargo ships offloading coal in Chinese waters, potentially evading sanctions. Both China and Russia declined to comment on the monitors’ findings.
This potential measure follow broader US restrictions over export of AI chips and manufacturing tools to China. In the same context the US proposed a “know your customer” rule that would require national cloud companies to inform the government when their services are used by foreign entities to train AI models that could potentially be deployed for cyberattacks. The new area of restriction aims to cover AI models and their core software.
The Biden administration’s proposal involves establishing regulatory controls over the export of proprietary or closed source AI models , which are developed and kept confidential by companies like OpenAI and Google DeepMind. Currently, nothing is stopping US AI giants, which have developed some of the most powerful closed source AI models, from selling them to almost anyone in the world without government oversight.
The Commerce Department is reportedly discussing the use of a computing power threshold, which was outlined in a recent AI executive order, to determine which AI models would be subject to export controls. This move is part of a broader effort to maintain technological superiority and manage the risks associated with AI advancements. The proposed controls would primarily target new models that have not yet been released, as existing technologies have not reached the defined thresholds.
These considerations come in response to the rapid development and potential misuse of AI technologies that could be used to enhance cyber and biological warfare capabilities. Recent discussions highlighted by researchers from Gryphon Scientific and the Rand Corporation emphasize that advanced AI models could assist in the development of biological weapons. Additionally, the Department of Homeland Security’s 2024 threat assessment warns that cyber actors are likely to leverage AI to conduct more sophisticated cyberattacks. The U.S. aims to establish a regulatory framework that can keep pace with technological advancements while addressing the complex challenges of effectively implementing export controls. The Commerce Department has yet to finalize any rules, indicating that the discussions are ongoing and that feedback from industry stakeholders will be essential in shaping the final regulatory approach.
Following a major cyberattack last year that saw China-linked hackers infiltrate the US Department of State’s network, the agency has expanded its cybersecurity efforts beyond its reliance on Microsoft. This reinforcement of the defence strategy comes after the breach compromised around 60,000 State Department emails, including those of high-profile officials like Commerce Secretary Gina Raimondo. Criticism was directed at Microsoft, with the Cyber Safety Review Board questioning the company’s transparency regarding the incident.
Kelly Fletcher, the department’s chief information officer, highlighted concerns about the security of corporate networks, emphasising the importance of all vendors ensuring secure systems. The hacking group, identified by Microsoft as Storm-558, obtained access to a digital key, allowing them to breach government inboxes. Despite tensions, the embassy of China in Washington denied any involvement of Chinese government-linked hackers in the attack.
In response to the breach, the US State Department has diversified its vendor portfolio, incorporating companies like Palo Alto, Zscaler, and Cisco alongside Microsoft. While Microsoft managed to revoke the hackers’ access, Fletcher expressed concerns over the potential broader impact of the breach. The department has since bolstered its security measures, including multifactor authentication and data encryption, significantly increasing cybersecurity fundamentals across its systems.
Despite criticism, Microsoft remains a key player in the State Department’s cybersecurity framework. The agency thoroughly analysed its communications with Microsoft following a separate breach linked to Russian hackers, concluding that sensitive information was not compromised. With ongoing efforts to fortify its cybersecurity posture, the State Department aims to mitigate future threats and maintain the integrity of its digital infrastructure.
Ukraine has issued a warning about Russia’s escalating use of TikTok to challenge President Volodymyr Zelenskiy’s legitimacy and erode national morale amid Russia’s military actions. Russian influencers and bots are reportedly behind viral TikTok videos targeting 20 May, the date when Zelenskiy’s first term would have ended if not for election disruptions due to martial law. Andriy Kovalenko, a senior official focused on countering Russian misinformation, highlighted Russia’s systematic approach to TikTok, exploiting the platform to sway public opinion.
As Russia continues its military campaign against Ukraine, it has expanded its information warfare to platforms like TikTok alongside traditional battlegrounds. The use of TikTok to disseminate misinformation represents a strategic shift in Russia’s multifaceted approach to influencing public perception and leveraging its advantage in cyberspace. TikTok, owned by ByteDance, has responded by enhancing safety measures and removing harmful misinformation in Ukraine amid broader scrutiny over data security and misinformation concerns from the US and the EU.
In response to these challenges, Ukraine advocates for greater cooperation from social media companies like TikTok by urging them to establish full-scale offices in Kyiv to combat disinformation effectively. Kovalenko, who actively uses TikTok to counter false narratives, emphasised the need to adapt Ukraine’s approach to this influential platform. The call for action by Kovalenko comes as TikTok reports uncovering covert influence operations related to Ukraine conflict and removing millions of problematic videos during the last quarter.
Why does it matter?
Ukraine’s efforts to confront Russia’s information campaign on TikTok reflect broader concerns over the app’s influence and security. While governments like the US and the EU take measures to safeguard against potential threats posed by platforms like TikTok, the ongoing geopolitical dynamics and the use of social media as a battleground highlight the complex challenges digital technologies pose in the modern information landscape.
In India, a breach of the Tamil Nadu Police Facial Recognition Portal by the hacker group ‘Valerie’ exposed data on over 50,000 people, including police officers and First Information Reports (FIRs). The stolen information is now being sold on the dark web and could be exploited for scams, as reported by The New Indian Express.
Deployed in 2021, the Tamil Nadu police’s facial recognition system uses software from the Centre for Development of Advanced Computing (CDAC) Kolkata. It was intended for officers to verify suspects on patrol but has been criticised for its broad criteria in identifying potential suspects.
Despite the risks, India continues to expand its use of facial recognition since Meghalaya is deploying 300 cameras in Shillong, Jammu, and Kashmir using AI facial recognition on highways. Telangana police are upgrading to a more comprehensive biometric system under the new Criminal Procedure (Identification) Act, 2022.
Why does it matter?
As India advances its digital transformation with major projects like Aadhaar and Digi Yatra, biometric monitoring has become common, and much of the technology powering these initiatives comes from Japan. According to a report from The Wire, Japanese tech firms, particularly NEC, supply many of India’s police forces with biometric tools. Although NEC has a human rights policy, domestic misuse remains a concern.
According to reports, a significant cyberattack targeted the UK Ministry of Defence, exposing the sensitive details of tens of thousands of armed forces personnel. The breach, believed to have occurred multiple times on a third-party payroll system, prompted the MoD to assess the extent of the hack over three days. While the Ministry has not confirmed any data theft, it reassured service members about their safety amid the incident.
The attack follows earlier attributions of cyberattacks to Chinese ‘state-affiliated actors’ in the UK between 2021 and 2022. In March, Deputy Prime Minister Oliver Dowden disclosed sanctions against individuals and a company linked to the Chinese state for alleged malicious cyber activities, including attacks on the Electoral Commission. These actions underscore a growing concern over cyber threats originating from China.
While Chinese President Xi Jinping embarked on a European tour, the cyberattack allegations persisted, with French lawmakers targeted by similar incidents urging an official investigation. Despite mounting accusations, French authorities refrained from directly attributing the attacks to China, contrasting with formal accusations made by the US, UK, and New Zealand. As President Xi continues his diplomatic engagements in Europe, with planned visits to Serbia and Hungary, the cybersecurity landscape remains a pressing issue, with nations navigating the complexities of state-sponsored cyber activities.
Manufacturers must eliminate weak default passwords like ‘admin’ or ‘12345’ and prompt users to change them upon device setup. The legal move aims to enhance the UK’s cyber-resilience, reflecting that 99% of UK adults now own at least one smart device, with the average household possessing nine.
Other key elements of the new legislation include banning common weak passwords, requiring manufacturers to provide clear contact information for reporting security issues and ensuring transparency about the duration of product security updates. By implementing these standards, the UK seeks to enhance consumer confidence, stimulate economic growth, and position itself as a leader in online safety.
Why does it matter?
The legislation responds to vulnerabilities exposed by significant cyber incidents, such as the 2016 Mirai attack, which compromised 300,000 smart products and disrupted internet services across the US East Coast. Similar incidents have since affected major UK banks such as Lloyds and RBS, which prompted the government to work on robust cybersecurity measures.
Spain’s High Court has reignited an investigation into the use of NSO Group’s Pegasus software to spy on Prime Minister Pedro Sanchez and other Spanish politicians. The legal move comes after a previous probe was shelved due to a lack of cooperation from Israeli authorities. Investigators plan to collaborate with France, where similar surveillance targeted politicians and public figures.
The investigation aims to uncover the perpetrators behind the spying activities, which triggered a political crisis in Spain in 2022 and resulted in the resignation of the country’s spy chief. However, no individuals or groups have been formally accused yet. The Spanish government has not disclosed whether foreign or domestic entities are suspected of orchestrating the espionage.
Judge Jose Luis Calama decided to reopen the case following revelations from France regarding the use of Pegasus software to surveil journalists, lawyers, and government officials. French President Emmanuel Macron even changed his mobile phone and number due to security concerns arising from the Pegasus spyware case. Calama emphasised the importance of analysing technical data from both countries’ investigations to identify the culprits behind the cyber attacks.
The judge has ordered expert analysis to compare technical elements gathered by Spanish and French authorities, expecting closer collaboration once this analysis is complete. Calama envisions joint efforts between French and Spanish judicial authorities to determine the origin of the Pegasus spy program’s infiltration in both countries. This renewed investigation signals a concerted effort to address concerns surrounding digital surveillance and protect the privacy of politicians and citizens alike.
