Cybersecurity

South Korea’s new Science Minister pledges AI-led national transformation

South Korea’s new Science and ICT Minister, Bae Kyung-hoon, has pledged to turn the nation into one of the world’s top three AI powerhouses.

Instead of following outdated methods, Bae outlined a bold national strategy centred on AI, science and technology, aiming to raise Korea’s potential growth rate to 3 per cent and secure a global economic leadership position.

Bae, a leading AI expert and former president of LG AI Research, officially assumed office on Thursday.

Drawing from experience developing hyperscale AI models like LG’s Exaone, he emphasised the need to build a unique competitive advantage rooted in AI transformation, talent development and technological innovation.

Rather than focusing only on industrial growth, Bae’s policy agenda targets a broad AI ecosystem, revitalised research and development, world-class talent nurturing, and addressing issues affecting daily life.

His plans include establishing AI-centred universities, enhancing digital infrastructure, promoting AI semiconductors, restoring grassroots research funding, and expanding consumer rights in telecommunications.

With these strategies, Bae aims to make AI accessible to all citizens instead of limiting it to large corporations or research institutes. His vision is for South Korea to lead in AI development while supporting social equity, cybersecurity, and nationwide innovation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU confirms AI Act rollout and releases GPAI Code of Practice

The European Commission has confirmed it will move forward with the EU AI Act exactly as scheduled, instead of granting delays requested by tech giants and businesses.

On 10 July 2025, it published the final General-Purpose AI (GPAI) Code of Practice alongside FAQs to guide organisations aiming to comply with the new law.

Rather than opting for a more flexible timetable, the Commission is standing firm on its regulatory goals. The GPAI Code of Practice, now in its final form, sets out voluntary but strongly recommended steps for companies that want reduced administrative burdens and clearer legal certainty under the AI Act.

The document covers transparency, copyright, and safety standards for advanced AI models, including a model documentation form for providers.

Key dates have already been set. From 2 August 2025, rules covering notifications, governance, and penalties will come into force. By February 2026, official guidelines on classifying high-risk AI systems are expected.

The remaining parts of the legislation will take effect by August 2026, instead of being postponed further.

With the publication of the GPAI Code of Practice, the EU takes another step towards building a unified ethical framework for AI development and deployment across Europe, focusing on transparency, accountability, and respect for fundamental rights.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

US moves to block Chinese tech in undersea Internet cables

The United States is moving to strengthen the security of its digital infrastructure by proposing new regulations on undersea internet cables.

The Federal Communications Commission (FCC) plans to ban the connection of submarine cables to the US if they involve Chinese technology or equipment. It also aims to prohibit companies that are flagged as national security threats, including Huawei and ZTE.

Additionally, the FCC will seek public comments on further measures to protect undersea cable infrastructure, as part of an ongoing review of regulations overseeing the global network of submarine cables that carry 99% of international internet traffic.

These policy moves reflect US concerns over China’s role in internet infrastructure and potential espionage. Since 2020, regulators have blocked multiple cable projects linking the US to Hong Kong due to security risks.

Recent incidents, such as suspected sabotage in the Baltic Sea, Taiwan’s accusations of cable cutting by Chinese vessels, and Houthi-linked damage to cables in the Red Sea, highlight the growing vulnerability of global communications networks.

These steps guard against foreign adversary ownership, cyber threats, and physical sabotage.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Salt Typhoon compromises critical US infrastructure

A US state’s Army National Guard network was thoroughly compromised by the Chinese cyberespionage group Salt Typhoon from March to December 2024. According to a confidential federal memo, hackers extracted highly sensitive information, including administrator credentials, network maps, and interstate communication data, raising alarm over data leaked across all 50 states and four US territories.

Security analysts caution that the breach goes beyond intelligence gathering. With access to National Guard systems, integral to state-level threat response and civilian support, the group is poised to exploit vulnerabilities in critical infrastructure, particularly during crises or conflict.

Salt Typhoon, linked to China’s Ministry of State Security, has a track record of penetrating telecommunications, energy grids, transport systems, and water utilities. Often leveraging known vulnerabilities in Cisco and Palo Alto equipment, the group has exfiltrated over 1,400 network configuration files from more than 70 US critical infrastructure providers.

Federal agencies, including DHS and CISA, are sounding the alarm: this deep infiltration presents a serious national security threat and indicates a strategic shift in cyber warfare. Navigating Sun Typhoon’s persistent access through local and federal networks is now a top priority in defending the critical systems on which communities rely.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU sends warning to crypto platforms over AML risks

The EU’s Anti-Money Laundering Authority (AMLA) has warned that fragmented oversight and inconsistent rules pose significant risks to the bloc’s financial integrity. Chair Bruna Szego urged regulators and crypto firms to prepare for stricter anti-money laundering rules.

The Frankfurt-based agency, now operational, will oversee the enforcement of new EU-wide anti-money laundering regulations. Szego stressed the importance of identifying the beneficial owners of crypto platforms and ensuring they are not linked to criminal networks.

Concerns over inconsistent controls across EU countries and diverging interpretations of MiCA requirements have grown. Crypto firms must be prepared to meet the different standards across all jurisdictions they plan to operate.

From July 2027, crypto platforms will be required to block anonymous wallets and provide authorities with complete, real-time access to account data.

Major firms like Binance have already faced regulatory penalties, with ongoing investigations highlighting the rising pressure on the sector.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Netherlands urges EU to reduce reliance on US cloud providers

The Dutch government has released a policy paper urging the European Union to take coordinated action to reduce its heavy dependence on non-EU cloud providers, especially from the United States.

The document recommends that the European Commission introduce a clearer and harmonized approach at the EU level.

Key proposals include creating a consistent definition of ‘cloud sovereignty,’ adjusting public procurement rules to allow prioritizing sovereignty, promoting open-source technologies and standards, setting up a common European decision-making framework for cloud choices, and ensuring sufficient funding to support the development and deployment of sovereign cloud technologies.

These measures aim to strengthen the EU’s digital independence and protect public administrations from external political or economic pressures.

A recent investigation found that over 20,000 Dutch institutions rely heavily on US cloud services, with Microsoft holding about 60% of the market.

The Dutch government warned this dependence risks national security and fundamental rights. Concerns escalated after Microsoft blocked the ICC prosecutor’s email following US sanctions, sparking political outrage.

In response, the Dutch parliament called for reducing reliance on American providers and urged the government to develop a roadmap to protect digital infrastructure and regain control.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Meta faces fresh EU backlash over Digital Markets Act non-compliance

Meta is again under EU scrutiny after failing to fully comply with the bloc’s Digital Markets Act (DMA), despite a €200 million fine earlier this year.

The European Commission says Meta’s current ‘pay or consent’ model still falls short and could trigger further penalties. A formal warning is expected, with recurring fines likely if the company does not adjust its approach.

The DMA imposes strict rules on major tech platforms to reduce market dominance and protect digital fairness. While Meta claims its model meets legal standards, the Commission says progress has been minimal.

Over the past year, Meta has faced nearly €1 billion in EU fines, including €798 million for linking Facebook Marketplace to its central platform. The new case adds to years of tension over data practices and user consent.

The ‘pay or consent’ model offers users a choice between paying for privacy or accepting targeted ads. Regulators argue this does not meet the threshold for genuine consent and mirrors Meta’s past GDPR tactics.

Privacy advocates have long criticised Meta’s approach, saying users are left with no meaningful alternatives. Internal documents show Meta lobbied against privacy reforms and warned governments about reduced investment.

The Commission now holds greater power under the DMA than it did with GDPR, allowing for faster, centralised enforcement and fines of up to 10% of global turnover.

Apple has already been fined €500 million, and Google is also under investigation. The EU’s rapid action signals a stricter stance on platform accountability. The message for Meta and other tech giants is clear: partial compliance is no longer enough to avoid serious regulatory consequences.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Broadcom challenges Nvidia with Tomahawk Ultra AI networking chip

Broadcom has introduced a new networking chip designed to boost AI data centre performance, positioning itself against Nvidia in the AI hardware race.

Called Tomahawk Ultra, the chip helps link hundreds of processors within close range, ensuring fast communication vital for large AI models.

Instead of using Nvidia’s proprietary NVLink system, Broadcom’s Tomahawk Ultra operates on an accelerated version of Ethernet and connects up to four times more chips within a server rack.

The chip acts as a traffic controller, enabling what the industry refers to as ‘scale-up’ computing — where AI models tap into combined computing power from tightly grouped chips.

According to Broadcom senior vice president Ram Velaga, it took engineers around three years to design the Tomahawk Ultra, which was originally aimed at high-performance computing but adapted for AI workloads as demand surged.

Taiwan Semiconductor Manufacturing Company (TSMC) is producing the processors using its five-nanometre process, and the chips are already shipping to customers.

Rather than requiring major hardware overhauls, the Tomahawk Ultra offers a scalable, Ethernet-based alternative for AI firms looking to build faster, more flexible data centres.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China deploys new malware tool for border phone searches

Chinese authorities reportedly use a powerful new malware tool called Massistant to extract data from seized Android phones. Developed by Xiamen Meiya Pico, the tool enables police to access messages, photos, locations, and app data once they have physical access to a device.

Cybersecurity firm Lookout revealed that Massistant operates via a desktop-connected tower, requiring unlocked devices but no advanced hacking techniques. Researchers said affected users include Chinese citizens and international travellers whose phones may be searched at borders.

The malware leaves traces on compromised phones, allowing for post-infection removal, but authorities already have the data by then. Forums in China have shown increasing user complaints about malware following police interactions.

Massistant is seen as the successor to an older tool, MSSocket, with Meiya Pico now controlling 40% of China’s digital forensics market. They previously sanctioned the firm for its surveillance tech links to the Chinese government’s use.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Military-trained hacker brought down in telecom data theft

A former US Army Private admitted in court to a sweeping cybercrime operation targeting major telecom providers AT&T and Verizon between April 2023 and December 2024.

Operating as ‘kiberphant0m,’ he infiltrated at least ten corporate networks, stealing login credentials and sensitive call logs, including those of senior officials.

Prosecutors revealed a sophisticated scheme: the hacker used brute‑force SSH attacks, coordinated with online accomplices via Telegram, and attempted extortion valued at over US$1 million. Stolen call records were posted and sold on dark‑web platforms such as BreachForums.

Wagenius pleaded guilty to charges including wire fraud conspiracy, computer extortion, and aggravated identity theft. He faces a combined sentence of up to 27 years, with his sentencing hearing scheduled for 6 October 2025.

Security analysts note this case highlights the increasing threat of insiders exploiting privileged access and illustrates how even service‑level employees can orchestrate wide‑scale cyber intrusions and extortion campaigns.

It also underscores the strategic role of public-private coordination in dismantling online illicit economies.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.