Cybersecurity

The power of compromise

In a recent blog post titled ‘Compromise is not a dirty word – It’s the glue holding humanity together,’ Jovan Kurbalija reflects on the often misunderstood nature of compromise. Prompted by the sight of Lucid cars in Geneva, Switzerland, bearing the slogan ‘Compromise Nothing,’ he questions why compromise is so frequently seen as weakness when it is the foundation of human coexistence.

From families to international diplomacy, our ability to meet halfway allows us to survive and thrive together. Kurbalija reminds us that the word comes from the Latin for ‘promising together’—a mutual commitment rather than a concession.

In today’s world, however, standing firm is glorified while compromise is dismissed. Yet, he argues, true courage lies in embracing others’ needs without surrendering one’s principles and navigating the messy but necessary space between absolutes.

He contrasts this human necessity with how compromise is portrayed in marketing—as a flaw to be avoided—and in tech jargon, where being ‘compromised’ means a breach or failure. These modern distortions have led us to equate flexibility with defeat, instead of maturity. In truth, refusing to compromise risks far more than bending a little.

Ultimately, Kurbalija calls for a shift in mindset: rather than rejecting compromise altogether, we should learn to use it wisely, to preserve the greater good over rigid standoffs. In a world as interconnected and fragile as ours, compromise is not surrender; it’s survival.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

The United Nations calls for urgent regulation of military AI

The UN and global experts have emphasised the urgent need for comprehensive regulation of AI in military applications. UN Secretary has called for ‘global guardrails’ to govern the use of autonomous weapons, warning that rapid technological development has outpaced current policies.

Recently, 96 countries met at the UN to discuss AI-powered weapons, expanding the conversation to include human rights, criminal law, and ethics, with a push for legally binding agreements by 2026. Unregulated military AI poses serious risks like cybersecurity attacks and worsening geopolitical divides, as some countries fear losing a strategic advantage to rivals.

However, if properly regulated, AI could reduce violence by enabling less-lethal actions and helping leaders choose non-violent solutions, potentially lowering the human cost of conflict. To address ethical challenges, institutions like Texas A&M University are creating nonprofits that work with academia, industry, and defence sectors to develop responsible AI frameworks.

These efforts aim to promote AI applications that prioritise peace and minimise harm, shifting the focus from offensive weapons toward peaceful conflict resolution. Finally, UN Secretary warned against a future divided into AI ‘haves’ and ‘have-nots.’

He stressed the importance of using AI to bridge global development gaps and promote sustainable progress rather than deepen inequalities, emphasising international cooperation to guide AI toward inclusive growth and peace.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Uganda to launch ‘Tokigeza’ campaign against Telecom vandalism

The Ugandan Communications Commission (UCC), together with major telecom operators including MTN Uganda, Airtel Uganda, and ATC Uganda, has launched a national anti-vandalism campaign named ‘Tokigeza’ (meaning ‘Do not do it’) to combat the rising problem of telecom infrastructure vandalism. The three-month initiative aims to raise public awareness and mobilise communities to protect vital telecom assets.

The campaign employs a multi-channel approach involving radio, television, and digital media outreach, as well as grassroots engagement through schools, local meetings, landowners, law enforcement, and boda-boda (motorcycle taxi) drivers. Alongside the campaign, stakeholders call for stronger laws and better enforcement to combat vandalism.

Proposed measures include tougher penalties, tighter scrap metal trade controls, and linking telecom surveillance with national police monitoring. A cross-agency task force is also proposed.

The government supports these moves, with Ugandan President backing the classification of telecom towers as Critical National Infrastructure (CNI) and pushing for harsher penalties by treating vandalism as economic sabotage. The Ministry of ICT stresses the need for public-private cooperation to protect ICT infrastructure as Uganda’s digital network grows.

Despite these efforts, no formal timeline exists for legal reforms, and there are doubts about whether CNI status alone will stop vandalism. Nigeria’s experience shows that even with such classification, sabotage, especially of fibre optic cables, continues. Uganda will need sustained and coordinated action to protect its telecom infrastructure effectively.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Meta and PayPal users targeted in new phishing scam

Cybersecurity experts are warning of a rapid and highly advanced phishing campaign that targets Meta and PayPal users with instant account takeovers. The attack exploits Google’s AppSheet platform to send emails from a legitimate domain, bypassing standard security checks.

Victims are tricked into entering login details and two-factor authentication codes, which are then harvested in real time. Emails used in the campaign pose as urgent security alerts from Meta or PayPal, urging recipients to click a fake appeal link.

A double-prompt technique falsely claims an initial login attempt failed, increasing the likelihood of accurate information being submitted. KnowBe4 reports that 98% of detected threats impersonated Meta, with the remaining targeting PayPal.

Google confirmed it has taken steps to reduce the campaign’s impact by improving AppSheet security and deploying advanced Gmail protections. The company advised users to stay alert and consult their guide to spotting scams. Meta and PayPal have not yet commented on the situation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Dutch central bank tells public to prepare for outages

Dutch citizens have been advised to keep emergency cash at home due to growing concerns over cyber threats and geopolitical instability.

The Netherlands’ central bank (DNB) recommends holding €70 per adult and €30 per child to cover essential needs for up to three days.

This guidance follows recent disruptions to payment systems in southern Europe. The advisory comes in response to fears that cyberattacks or power failures could make digital payments temporarily unavailable.

Cash would enable people to buy food, water, medicine, or transport even during system outages. The DNB also encouraged the use of contactless payments via phones or smartwatches as backups. Such steps are seen as vital amid increasing risks across the continent.

The warning follows a major blackout that affected Spain and Portugal in April, during which electronic transactions were disrupted. The European Commission has similarly urged households to be prepared for at least 72 hours with cash and basic supplies.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Sui DEX Cetus suffers suspected $200m hack

A major security incident has struck Cetus, a decentralised exchange (DEX) on the Sui blockchain, with suspected losses exceeding $200 million. Onchain data revealed rapid asset drainage, prompting experts to label the event as a possible hack rather than a mere bug, as claimed by the Cetus team.

Reports indicate that at least $63 million has already been transferred to Ethereum, including a large single transaction of 20,000 ETH moved to a new wallet.

Transaction volumes on Cetus surged to $2.9 billion on 22 May, compared to $320 million the previous day, suggesting funds were rapidly siphoned from the platform.

Several tokens lost over 75% of their value, causing wider disruption; for instance, the Sui-based money market Scallop halted all borrowing activities as a precaution.

Concerns over transparency have grown as $212 million in assets were reportedly bridged to Ethereum at a rate of $1 million per minute. Analysts argue the scale and speed of transfers hint at something more serious than a simple software glitch.

Cetus paused the affected smart contract and announced an ongoing investigation, but has yet to provide a detailed response.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Taiwan targets Facebook scam ads with new penalties

Taiwan’s Ministry of Digital Affairs plans to impose penalties on Meta for failing to enforce real-name verification on Facebook ads, according to Minister Huang Yen-nan. The move follows a recent meeting with law enforcement and growing concerns over scam-related losses.

A report from CommonWealth Magazine found Taiwanese victims lose NT$400 million (US$13 million) daily to scams, with 70% of losses tied to Facebook. Facebook has been the top scam-linked platform for two years, with over 60% of users reporting exposure to fraudulent content.

From April 2023 to September 2024, nearly 59,000 scam ads were found across Facebook and Google. One Facebook group in Chiayi County, with 410,000 members, was removed after being overwhelmed with daily fake job ads.

Huang identified Meta as the more problematic platform, saying 60% to 70% of financial scams stem from Facebook ads. Police have referred 15 cases to the ministry since May, but only two resulted in fines due to incomplete advertiser information.

Legislator Hung Mung-kai criticized delays in enforcement, noting that new anti-fraud laws took effect in February, but actions only began in May. Huang defended the process, stating platforms typically comply with takedown requests and real-name rules.

Under current law, scam ads must be removed within 24 hours of being reported. The ministry has used AI to detect and remove approximately 100,000 scam ads recently. Officials are now planning face-to-face meetings with Meta to demand stronger ad oversight.

Deputy Interior Minister Ma Shi-yuan called on platforms like Facebook and Line to improve ad screening, emphasizing that law enforcement alone cannot manage the volume of online content.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

M&S website still offline after cyberattack

Marks & Spencer’s website remains offline as the retailer continues recovering from a damaging cyberattack that struck over the Easter weekend.

The company confirmed the incident was caused by human error and may cost up to £300 million. Chief executive Stuart Machin warned the disruption could last until July.

Customers visiting the site are currently met with a message stating it is undergoing updates. While some have speculated the downtime is due to routine maintenance, the ongoing issues follow a major breach that saw hackers steal personal data such as names, email addresses and birthdates.

The firm has paused online orders, and store shelves were reportedly left empty in the aftermath.

Despite the disruption, M&S posted a strong financial performance this week, reporting a better-than-expected £875.5 million adjusted pre-tax profit for the year to March—an increase of over 22 per cent. The company has yet to comment further on the website outage.

Experts say the prolonged recovery likely reflects the scale of the damage to M&S’s core infrastructure.

Technology director Robert Cottrill described the company’s cautious approach as essential, noting that rushing to restore systems without full security checks could risk a second compromise. He stressed that cyber resilience must be considered a boardroom priority, especially for complex global operations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Crypto assets to be treated as property in Russia

Russia’s Ministry of Justice is working on legislation that would classify crypto assets as property, enabling their confiscation during criminal investigations. The draft bill aims to tighten control over digital currencies increasingly used for illegal activities.

Deputy Justice Minister Vadim Fedorov stated that the new law would allow authorities to seize not only physical wallets but also credentials like seed phrases. Experts will assist in managing the secure handling of digital assets.

Courts may also be given the power to block transactions linked to certain wallets.

The move comes in response to a rise in crypto-related crime, particularly through darknet markets. One such platform, Kraken, has recorded a 68% surge in crypto transactions since the shutdown of Hydra in 2022.

Fedorov highlighted the challenges posed by digital currencies, citing their anonymity and lack of central control as major attractions for criminals.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

West Lothian schools hit by ransomware attack

West Lothian Council has confirmed that personal and sensitive information was stolen following a ransomware cyberattack which struck the region’s education system on Tuesday, 6 May. Police Scotland has launched an investigation, and the matter remains an active criminal case.

Only a small fraction of the data held on the education network was accessed by the attackers. However, some of it included sensitive personal information. Parents and carers across West Lothian’s schools have been notified, and staff have also been advised to take extra precautions.

The cyberattack disrupted IT systems serving 13 secondary schools, 69 primary schools and 61 nurseries. Although the education network remains isolated from the rest of the council’s systems, contingency plans have been effective in minimising disruption, including during the ongoing SQA exams.

West Lothian Council has apologised to anyone potentially affected. It is continuing to work closely with Police Scotland and the Scottish Government. Officials have promised further updates as more information becomes available.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!