Cybersecurity

Former Facebook executive says Meta misled over China

Former Facebook executive Sarah Wynn-Williams has accused Meta of compromising US national security to grow its business in China.

Testifying before the Senate Judiciary Committee, Wynn-Williams alleged that company executives misled employees, lawmakers, and the public about their dealings with the Chinese Communist Party.

Wynn-Williams claimed Meta aimed to gain favour in Beijing while secretly pursuing an $18 billion venture there.

In her remarks, Wynn-Williams said Meta removed the Facebook account of Chinese dissident Guo Wengui under pressure from Beijing. While the company maintains the removal was due to violations of its policies, she framed it as part of a broader pattern of submission to Chinese demands.

She also accused Meta of ignoring security warnings linked to the proposed Pacific Light Cable Network, a project that could have allowed China access to United States user data. According to her, the plans were only halted after lawmakers intervened.

Meta has denied the claims, calling her testimony false and out of touch with reality. A spokesperson noted that the company does not operate in China and that Mark Zuckerberg’s interest in the market had long been public.

The allegations arrive days before Meta’s major antitrust trial, which could result in the breakup of its ownership of Instagram and WhatsApp.

For more information on these topics, visit diplomacy.edu.

Microsoft pauses $1 billion data centre project in Ohio

Microsoft has announced it is ‘slowing or pausing’ some data centre construction projects, including a $1 billion plan in Ohio, amid shifting demand for AI infrastructure.

The company confirmed it would halt early-stage development on rural land in Licking County, near Columbus, and will repurpose two of the sites for farmland.

The decision follows Microsoft’s rapid scaling of infrastructure to meet the soaring demand for AI and cloud services, which has since softened. The company acknowledged that such large projects require continuous adaptation to align with customer needs.

While Microsoft did not specify other paused projects, it revealed the suspension of later stages of a Wisconsin data centre expansion.

The slowdown also coincides with changes in Microsoft’s partnership with OpenAI, with the two companies revising their agreement to allow OpenAI to build its own AI infrastructure. This move reflects broader trends in AI computing needs, which are expensive and energy-intensive.

Despite the pause in Ohio, Microsoft plans to invest over $80 billion in AI infrastructure this fiscal year, continuing its global expansion, though it will now strategically pace its growth to align with evolving business priorities.

Local officials in Licking County expressed their disappointment, as the area had been a hub for significant tech investments, including those from Google and Meta.

For more information on these topics, visit diplomacy.edu.

Brinc drones raises $75M to boost emergency drone tech

Brinc Drones, a Seattle-based startup founded by 25-year-old Blake Resnick, has secured $75 million in fresh funding led by Index Ventures.

Known for its police and public safety drones, Brinc is scaling its presence across emergency services, with the new funds bringing total investment to over $157 million. The round also includes participation from Motorola Solutions, a major player in US security infrastructure.

The company, founded in 2017, is part of a growing wave of American drone startups benefiting from tightened restrictions on Chinese drone manufacturers.

Brinc’s drones are designed for rapid response in hard-to-reach areas and boast unique features, such as the ability to break windows or deliver emergency supplies.

The new partnership with Motorola will enable tighter integration into 911 call centres, allowing AI systems to dispatch drones directly to emergency scenes.

Despite growing competition from other US startups like Flock Safety and Skydio, Brinc remains confident in the market’s potential.

With its enhanced funding and Motorola collaboration, the company is aiming to position itself as a leader in AI-integrated public safety technology while helping shift drone manufacturing back to the US.

For more information on these topics, visit diplomacy.edu.

DeepSeek highlights the risk of data misuse

The launch of DeepSeek, a Chinese-developed LLM, has reignited long-standing concerns about AI, national security, and industrial espionage.

While issues like data usage and bias remain central to AI discourse, DeepSeek’s origins in China have introduced deeper geopolitical anxieties. Echoing the scrutiny faced by TikTok, the model has raised fears of potential links to the Chinese state and its history of alleged cyber espionage.

With China and the US locked in a high-stakes AI race, every new model is now a strategic asset. DeepSeek’s emergence underscores the need for heightened vigilance around data protection, especially regarding sensitive business information and intellectual property.

Security experts warn that AI models may increasingly be trained using data acquired through dubious or illicit means, such as large-scale scraping or state-sponsored hacks.

The practice of data hoarding further complicates matters, as encrypted data today could be exploited in the future as decryption methods evolve.

Cybersecurity leaders are being urged to adapt to this evolving threat landscape. Beyond basic data visibility and access controls, there is growing emphasis on adopting privacy-enhancing technologies and encryption standards that can withstand future quantum threats.

Businesses must also recognise the strategic value of their data in an era where the lines between innovation, competition, and geopolitics have become dangerously blurred.

For more information on these topics, visit diplomacy.edu.

Malware hidden in fake Office add-ins targets crypto users

Hackers are using bogus Microsoft Office extensions uploaded to SourceForge to spread malware. Cybersecurity firm Kaspersky has warned that the malware is designed to steal cryptocurrency.

One listing, posing as ‘officepackage,’ contains genuine Office add-ins. However, it also hides ClipBanker — a virus that swaps copied crypto wallet addresses with those belonging to attackers.

The malware tricks users by mimicking legitimate Office add-in pages, complete with download buttons and developer-style layouts. Once installed, ClipBanker monitors the clipboard and replaces wallet addresses without users’ knowledge.

It also gathers IP addresses, usernames, and system data, which it sends to the attackers via Telegram. In some cases, the virus checks for antivirus software or previous infections and self-deletes if detected.

Kaspersky noted that the malicious files are suspiciously small or padded with junk data to appear legitimate. While the primary goal is to steal cryptocurrency, attackers may sell access to infected systems to other malicious actors.

The malware’s interface is in Russian, and most victims so far — over 4,600 — have been located in Russia.

To stay safe, Kaspersky advises downloading software only from trusted sources. The company noted a growing trend of hackers hiding malware in pirated or unofficial software to exploit users chasing free apps.

For more information on these topics, visit diplomacy.edu.

Hydropower infrastructure vulnerable to cyberattacks

Cybersecurity threats to hydropower dams are becoming more frequent and severe, with attacks linked to state-backed actors from Iran, Russia, and elsewhere causing concern worldwide.

Recent incidents, including a major cyberattack on Hydro Quebec in 2023 and a thwarted attempt at Ethiopia’s Grand Renaissance Dam, show how vulnerable critical infrastructure has become.

The integration of Internet of Things (IoT) devices has only heightened these risks, expanding attack surfaces and introducing new vulnerabilities through outdated systems, dispersed equipment, and inconsistent security standards.

In the United States, authorities are growing increasingly alarmed at the lack of coordinated cybersecurity oversight for dams. Senator Ron Wyden, chairing a subcommittee hearing in April 2024, warned that many non-federal hydropower dams have never been audited for cybersecurity.

With only four cybersecurity experts overseeing 2,500 dams, and with outdated rules that only apply to internet-managed sites, he criticised the Federal Energy Regulatory Commission (FERC) for lacking the capacity and tools to safeguard the sector effectively.

Experts from the Idaho National Laboratory and FERC agree that the fragmented regulatory landscape poses a major challenge. Different agencies oversee various parts of dam operations, with no unified framework in place.

Cyberattacks on dams can cause more than just blackouts—they can also trigger devastating floods, disrupt water supplies, and endanger lives.

Calls are growing for Congress to address this vulnerability by improving funding, updating regulations, and implementing a national strategy to protect critical hydropower infrastructure from increasingly sophisticated cyber threats.

For more information on these topics, visit diplomacy.edu.

Adaptive Security raises millions to fight AI scams

OpenAI has made its first move into the cybersecurity space by co-leading a US$43 million Series A funding round for New York-based startup Adaptive Security.

The round was also backed by venture capital firm Andreessen Horowitz, highlighting growing investor interest in solutions aimed at tackling AI-driven threats.

Adaptive Security specialises in simulating social engineering attacks powered by AI, such as fake phone calls, text messages, and emails. These simulations are designed to train employees and identify weak points within an organisation’s defences.

With over 100 customers already on board, the platform is proving to be a timely solution as generative AI continues to fuel increasingly convincing cyber scams.

The funding will be used to scale up the company’s engineering team and enhance its platform to meet growing demand.

As AI-powered threats evolve, Adaptive Security aims to stay ahead of the curve by helping organisations better prepare their staff to recognise and respond to sophisticated digital deception.

For more information on these topics, visit diplomacy.edu.

Apple challenges UK government over encrypted iCloud access order

A British court has confirmed that Apple is engaged in legal proceedings against the UK government concerning a statutory notice linked to iCloud account encryption. The Investigatory Powers Tribunal (IPT), which handles cases involving national security and surveillance, disclosed limited information about the case, lifting previous restrictions on its existence.

The dispute centres on a government-issued Technical Capability Notice (TCN), which, according to reports, required Apple to provide access to encrypted iCloud data for users in the UK. Apple subsequently removed the option for end-to-end encryption on iCloud accounts in the region earlier this year. While the company has not officially confirmed the connection, it has consistently stated it does not create backdoors or master keys for its products.

The government’s position has been to neither confirm nor deny the existence of individual notices. However, in a rare public statement, a government spokesperson clarified that TCNs do not grant direct access to data and must be used in conjunction with appropriate warrants and authorisations. The spokesperson also stated that the notices are designed to support existing investigatory powers, not expand them.

The IPT allowed the basic facts of the case to be released following submissions from media outlets, civil society organisations, and members of the United States Congress. These parties argued that public interest considerations justified disclosure of the case’s existence. The tribunal concluded that confirming the identities of the parties and the general subject matter would not compromise national security or the public interest.

Previous public statements by US officials, including the former President and the current Director of National Intelligence, have acknowledged concerns surrounding the TCN process and its implications for international technology companies. In particular, questions have been raised regarding transparency and oversight of such powers.

Legal academics and members of the intelligence community have also commented on the broader implications of government access to encrypted platforms, with some suggesting that increased openness may be necessary to maintain public trust.

The case remains ongoing. Future proceedings will be determined once both parties have reviewed a private judgment issued by the court. The IPT is expected to issue a procedural timetable following input from both Apple and the UK Home Secretary.

For more information on these topics, visit diplomacy.edu.

Hackers exploit ESET vulnerability to deploy malware, Kaspersky warns

A recently disclosed software vulnerability in ESET security products has been identified as a potential vector for discreet malware installation, according to findings published by the cybersecurity company Kaspersky.

Catalogued as CVE-2024-11859, the flaw permits the execution of a malicious dynamic-link library (DLL) by leveraging ESET’s own antivirus scanning process. If exploited, the technique allows unauthorised code to run silently, bypassing standard system warnings and activity logs.

ESET, headquartered in Slovakia, acknowledged the issue in an advisory and issued a software update addressing the flaw. The company assigned it a medium severity rating, with a Common Vulnerability Scoring System (CVSS) score of 6.8 out of 10. ESET further indicated there is no current evidence that the vulnerability has been actively exploited in operational environments.

Kaspersky attributed the technique to a threat actor group known as ToddyCat, which has been observed since 2020 conducting operations against governmental and defence-related targets. While Kaspersky referenced the use of two specific DLLs in its analysis, ESET reported that it had not received samples of the files and could not independently confirm the attribution.

The malicious tool deployed in this case, named TCDSB by researchers, was disguised as a legitimate Windows DLL and designed to evade monitoring tools. The code appears to be a modified variant of EDRSandBlast, a known framework used to circumvent endpoint detection systems.

Modifications introduced in TCDSB are believed to enable interference with operating system components, suppressing alerts typically generated when new processes are initiated or external files loaded. Kaspersky reported multiple instances of the tool but did not identify affected organisations.

While no specific nation-state connection has been confirmed, ToddyCat has previously been associated with activities targeting institutions in Europe and Asia, as well as digital infrastructure in locations such as Taiwan and Vietnam. Some prior research has linked the group to broader cyber-espionage efforts attributed to Chinese interests.

According to ESET, successful use of the CVE-2024-11859 vulnerability requires existing administrative access to the target system, limiting the attack vector to post-compromise scenarios.

Kaspersky noted that the group employs a range of tunnelling techniques for data exfiltration, including abuse of virtual private networks and cloud services, often maintaining multiple exfiltration routes to ensure persistence even when individual channels are disrupted.

For more information on these topics, visit diplomacy.edu.

Minister urges Indian start-ups to shift focus from ice cream to semiconductors

India’s Commerce Minister Piyush Goyal has sparked controversy by questioning whether Indian start-ups should focus on semiconductor chips instead of gluten-free ice creams and food delivery apps.

Speaking at a start-up conference, he compared India’s consumer internet boom unfavourably with China’s advances in robotics and AI, urging entrepreneurs to pursue more ambitious tech innovations instead of safe lifestyle products.

While acknowledging the position of India as the world’s third-largest start-up ecosystem, Goyal faced pushback from founders who argued consumer apps often evolve into tech pioneers.

Quick-commerce CEO Aadit Palicha noted that companies like Amazon began as consumer platforms before revolutionising cloud computing. However, investors admitted deep-tech struggles for funding, with most capital chasing quick-return ventures instead of long-term hardware or AI projects.

The debate highlights India’s innovation crossroads. Despite having 4,000 deep-tech start-ups, projected to reach 10,000 by 2030, they attracted just 5% of 2023 funding instead of China’s 35%.

Experts suggest the government could help by offering tax incentives instead of criticism, and building research bridges between academia and start-ups to compete globally in advanced technologies

For more information on these topics, visit diplomacy.edu.

Diplo chatbot can make mistakes. Consider checking important information.