Cybersecurity

Microsoft and Veeam expand partnership with undisclosed investment

Microsoft has made an undisclosed equity investment in Veeam Software as part of an expanded partnership to develop AI-powered data protection tools.

The deal will strengthen Veeam’s ability to help customers recover data after cyberattacks, ransomware incidents, or accidental loss. The company’s core technology ensures immutable backups, preventing hackers from modifying or deleting critical files.

With Microsoft‘s support, Veeam plans to enhance research and development, integrate AI-driven capabilities into its software, and expand design collaboration.

The move follows Microsoft’s previous investment in cybersecurity firm Rubrik, another company specialising in data backup and recovery.

Veeam, which was acquired by private equity firm Insight Partners for $5 billion in 2020, was valued at $15 billion after a secondary sale last year.

Founded in 2006, Veeam serves over 550,000 customers globally, including major corporations such as Deloitte and Canon. The partnership with Microsoft underscores the growing demand for advanced data security solutions as businesses face increasing cyber threats.

For more information on these topics, visit diplomacy.edu.

Kaspersky warns of widespread malware on GitHub

Cybersecurity firm Kaspersky has issued a warning about a large-scale malware campaign targeting GitHub users. Hackers have created hundreds of fake repositories to deceive users into downloading malware designed to steal cryptocurrency, login credentials, and browsing data. The campaign, known as ‘GitVenom,’ uses fraudulent projects that appear legitimate, offering tools like a Telegram bot for managing Bitcoin wallets or an Instagram automation tool. However, these projects run malicious software in the background, including remote access trojans (RATs), info-stealers, and clipboard hijackers.

The fake repositories were made to look convincing by including detailed documentation and manipulated version histories, which were designed to mimic active development. Despite appearing professional, these projects fail to deliver their promised functions while quietly extracting sensitive information from users. Kaspersky’s investigation revealed that some of these malicious repositories have been active for at least two years, suggesting the attackers have successfully lured victims over an extended period.

Once users have downloaded the malware, it targets saved login details, cryptocurrency wallet information, and browsing history, sending the stolen data to the attackers via Telegram. Some malware even hijacks clipboard contents, replacing cryptocurrency wallet addresses with those controlled by the hackers, potentially redirecting funds. The campaign has caused considerable impact, with one documented case involving the theft of five Bitcoins, worth around $442,000.

Although the GitVenom campaign has been detected worldwide, it has particularly affected users in Russia, Brazil, and Turkey. Kaspersky warns that, given GitHub’s popularity among developers, hackers are likely to continue using fake software projects as a method of infection.

For more information on these topics, visit diplomacy.edu

Meta considers $200 billion AI campus project

Meta Platforms is reportedly in talks to build a new data centre campus for its AI projects, potentially costing over $200 billion, according to sources familiar with the matter. The company is considering locations in states like Louisiana, Wyoming, and Texas, with senior executives visiting potential sites this month.

This comes as the AI sector sees a surge in investment, especially following the launch of Microsoft-backed OpenAI’s ChatGPT in 2022. Companies are eager to incorporate AI into their products, leading to significant spending on AI infrastructure.

Despite the report, a Meta spokesperson denied the claims, stating that its data centre plans and capital expenditures have already been disclosed and calling the rest ‘pure speculation’. Meta’s CEO, Mark Zuckerberg, had previously mentioned that the company plans to invest up to $65 billion this year to expand its AI infrastructure.

In comparison, Microsoft has pledged around $80 billion in data centre investments for fiscal 2025, while Amazon has indicated its 2025 spending could exceed $75 billion.

For more information on these topics, visit diplomacy.edu.

Apple to sell iPhone 16 in Indonesia after key agreements

Apple is set to begin selling its iPhone 16 in Indonesia following a new agreement with the government, which includes the establishment of a manufacturing plant and a research and development centre. The country’s industry minister, Agus Gumiwang Kartasasmita, confirmed on Wednesday that Apple would soon receive the required local content certificate to allow sales of the device. However, he did not specify when the certificate would be issued.

Indonesia had previously banned the iPhone 16 due to Apple’s failure to meet the local content requirement, which mandates that a certain percentage of parts must be sourced domestically or through local partnerships. Although Apple has no manufacturing facilities in Indonesia, it has been operating developer academies in the country since 2018. Indonesia, with its population of 280 million, is keen to attract more tech-related investment.

Analysts have warned that the local content ban could harm investor confidence and fuel concerns about protectionism, but the new agreements between Apple and the Indonesian government may help address these issues.

For more information on these topics, visit diplomacy.edu.

UK Home Office’s new vulnerability reporting policy creates legal risks for ethical researchers, experts warn

The UK Home Office has introduced a vulnerability reporting mechanism through the platform HackerOne, allowing cybersecurity researchers to report security issues in its systems. However, concerns have been raised that individuals who submit reports could still face legal risks under the UK’s Computer Misuse Act (CMA), even if they follow the department’s new guidance.

Unlike some private-sector initiatives, the Home Office program does not offer financial rewards for reporting vulnerabilities. The new guidelines prohibit researchers from disrupting systems or accessing and modifying data. However, they also caution that individuals must not ‘break any applicable law or regulations,’ a clause that some industry groups argue could discourage vulnerability disclosure due to the broad provisions of the CMA, which dates back to 1990.

The CyberUp Campaign, a coalition of industry professionals, academics, and cybersecurity experts, warns that the CMA’s definition of unauthorized access does not distinguish between malicious intent and ethical security research. While the Ministry of Defence has previously assured researchers they would not face prosecution, the Home Office provides no such assurances, leaving researchers uncertain about potential legal consequences.

A Home Office spokesperson declined to comment on the concerns.

The CyberUp Campaign acknowledged the growing adoption of vulnerability disclosure policies across the public and private sectors but highlighted the ongoing legal risks researchers face in the UK. The campaign noted that other countries, including Malta, Portugal, and Belgium, have updated their laws to provide legal protections for ethical security research, while the UK has yet to introduce similar reforms.

The Labour Party had previously proposed an amendment to the CMA that would introduce a public interest defense for cybersecurity researchers, but this was not passed. Last year, Labour’s security minister Dan Jarvis praised the contributions of cybersecurity professionals and stated that the government was considering CMA reforms, though no legislative changes have been introduced so far.

For more information on these topics, visit diplomacy.edu.

Sweden considers law requiring encrypted messaging backdoors, Signal threatens to exit

Swedish law enforcement and security agencies are advocating for legislation that would require encrypted messaging services such as Signal and WhatsApp to implement technical measures allowing authorities to access user communications, according to a report by SVT Nyheter.

If introduced, the bill would mandate that these platforms retain messages and provide law enforcement with access to the message history of criminal suspects. Minister of Justice Gunnar Strömmer stated that such measures are necessary for authorities to carry out investigations effectively.

Signal Foundation President Meredith Whittaker told SVT Nyheter that if the proposed legislation requires the company to introduce backdoors, Signal would withdraw from the Swedish market rather than comply. The Swedish Armed Forces have also expressed concerns, warning that implementing such access mechanisms could introduce security risks that might be exploited by unauthorised parties.

The bill could be considered by Sweden’s parliament, the Riksdag, next year if it moves forward in the legislative process.

Similar legislative efforts have been introduced in other countries. In the UK, Apple recently disabled end-to-end encryption for iCloud accounts in response to government demands for access to encrypted data.

For more information on these topics, visit diplomacy.edu.

EU Commission proposes enhanced cyber crisis management framework

The EU Commission introduced a proposal aimed at strengthening the EU’s response to large-scale cyber attacks. This recommendation to the Council of Ministers seeks to update the existing EU framework for crisis management in cybersecurity and outline the roles of relevant EU actors, including civilian and military entities as well as NATO.

Specifically, the proposal aims to establish coordination points with NATO to facilitate information sharing during cyber crises, including interconnections between systems. If Member States deploy defense initiatives during a cybersecurity incident, they must inform EU-CyCLONe and the EU Cyber Commanders Conference.

The High Representative, in collaboration with the Commission and relevant entities, should facilitate information flow with strategic partners during identified incidents and enhance coordination against malicious cyber activities using the cyber diplomacy toolbox. Joint exercises should be organized to test cooperation between civilian and military components during significant incidents, including those affecting NATO allies and candidate countries.

The Commission noted that a significant cybersecurity incident could overwhelm the response capabilities of individual Member States and impact multiple EU countries, potentially leading to a crisis that disrupts the internal market and poses risks to public safety. It encourages the establishment of voluntary collaborative clusters to foster cooperation and trust in cybersecurity. Member States can create these clusters based on existing information-sharing frameworks, focusing on common threats while adhering to the mandates of participating actors.

The document emphasizes the importance of a comprehensive and integrated approach to crisis management across all sectors and levels of government. It highlights that if cybersecurity incidents are part of a broader hybrid campaign, stakeholders should collaborate to develop a unified situational awareness across sectors.

Within twelve months of adopting the cybersecurity blueprint, Member States must develop a unified taxonomy for cyber crisis management and establish guidelines for the secure handling of cybersecurity information. The proposal emphasises avoiding over-classification to promote the sharing of non-classified information through established cooperation platforms.

To enhance preparedness for crises and improve organizational efficiency, Member States and relevant entities should conduct ongoing cyber exercises based on scenarios derived from EU-coordinated risk assessments, aligning with existing crisis response mechanisms. Smaller exercises should test interactions during escalating incidents, while the Commission, EEAS, and ENISA will organize an exercise within eighteen months to evaluate the cybersecurity blueprint, involving all relevant stakeholders, including the private sector.

The proposal also recommends that Member States and critical infrastructure operators integrate at least one Union-based DNS infrastructure, such as DNS4EU, to ensure reliable services during crises. ENISA and EU-CyCLONe are tasked with creating emergency failover guidelines for transitioning to Union-based DNS in case of service failures.

While the cybersecurity blueprint does not interfere with how entities define their internal procedures, each entity should clearly define the interfaces used for working with other entities. These interfaces should be jointly agreed upon between the entities concerned and documented.

National and cross-border cyber hubs should share threat information to bolster protection against Union-specific threats, and Member States are encouraged to engage in a multistakeholder forum to identify best practices and standards for securing critical Internet infrastructure. Public and private entities should implement threat-informed detection strategies to proactively identify potential disruptions. They must share information about covert operations with partners before crises escalate and report potential cyber crises to relevant networks, while the CSIRTs Network and EU-CyCLONe establish procedures for coordinating responses to large-scale incidents.

For more information on these topics, visit diplomacy.edu.

Australia bans Kaspersky software on government systems over security risks

The Australian government has issued a directive prohibiting the use of cybersecurity software and web services from Kaspersky on government systems, citing national security considerations. Under the new policy, government agencies are required to remove existing Kaspersky products by April 2025 and refrain from installing them on government devices in the future.

According to a statement from Stephanie Foster, Secretary of the Department of Home Affairs, the decision follows a threat and risk assessment that identified security concerns related to the use of Kaspersky products and web services. The directive notes ‘unacceptable security risks arising from threats of foreign interference, espionage and sabotage’. The directive doesn’t provide details on threats and risks that have been recently identified and led to this decision.

In response to the decision, a Kaspersky spokesperson stated that the company was not given prior notice or an opportunity for engagement before the ban was issued. The company reiterated that the decision was influenced by geopolitical factors rather than technical assessments of its products. Despite the restriction on government use, Kaspersky confirmed that it will continue to provide services to other customers in Australia and remains open to discussions with authorities.

The move follows Australia’s earlier decision to prohibit the use of Chinese artificial intelligence firm DeepSeek’s technology in government systems, citing security risks.

Kaspersky has faced restrictions in multiple countries, with the US implementing a ban on its products in June 2024, followed by sanctions on several company executives. European nations, including Germany and the Netherlands, have also taken steps to limit the use of Kaspersky software in government infrastructure.

For more information on these topics, visit diplomacy.edu

Study reveals rising cyber risks for manufacturing firms due to IT/OT systems convergence

A recent report by Telstra International and Omdia reveals that converged IT and operational technology (OT) systems were targeted in 75% of cyber incidents affecting manufacturing firms over the past year. The report underscores the significant cyber risks associated with IT/OT convergence and highlights a general lack of preparedness among manufacturers to address these challenges.

Integrating IT systems with OT—programmable systems that interact with industrial equipment—can enhance efficiency in sectors such as manufacturing and energy. However, this convergence also increases the attack surface for cyber threat actors targeting critical industrial systems.

The report indicates that approximately 70% of OT systems in companies across the US, Latin America, and Europe are expected to connect to corporate IT within the next year, rising from the current 50%. Despite this trend, only 19% of surveyed firms are classified as ‘advanced’ in securing their IT/OT systems according to the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).

Moreover, just 45% of manufacturers are well-prepared for IT/OT security across key areas such as security networking, awareness, supply chain risks, and the implementation of a zero trust framework. The report also highlights a lack of clarity regarding responsibility for securing IT/OT environments, with only 20% of respondents identifying Chief Information Security Officers (CISOs) as accountable, followed by Chief Risk Officers (14%) and Chief Technology Officers (13%).

Geraldine Kor, Telstra International’s Head of Global Enterprise Business, emphasised the importance of clearly defining and integrating security responsibilities to ensure effective responses to security challenges in mission-critical systems. She noted that a strong security culture and the right personnel are essential for enhancing overall security readiness.

Overall, 80% of manufacturers reported a notable increase in cybersecurity incidents in the past year, with 31% leading to financial losses and/or operational downtime. The costs associated with incidents affecting resilience or availability ranged from $200,000 to $2 million.

For more information on these topics, visit diplomacy.edu.

Google faces lawsuit over AI search impact on publishers

An online education company has filed a lawsuit against Google, claiming its AI-generated search overviews are damaging digital publishing.

Chegg alleges the technology reduces demand for original content by keeping users on Google’s platform, ultimately eroding financial incentives for publishers. The company warns this could lead to a weaker online information ecosystem.

Chegg, which provides textbook rentals and homework help, says Google’s AI features have contributed to a drop in traffic and subscribers.

As a result, the company is considering a sale or a move to go private. Chegg’s CEO Nathan Schultz argues Google is profiting from the company’s content without proper compensation, threatening the future of quality educational resources.

A Google spokesperson rejected the claims, insisting AI overviews enhance search and create more opportunities for content discovery. The company maintains that search traffic remains strong, with billions of clicks sent to websites daily.

However, Chegg argues that Google’s dominance in online search allows it to pressure publishers into providing data for AI summaries, leading to fewer visitors to original sites.

The lawsuit marks the first time an individual company has accused Google of antitrust violations over AI-generated search features. A similar case was previously filed on behalf of the news industry. A US judge overseeing another case involving Google’s search monopoly is handling this lawsuit as well.

Google intends to challenge the claims and is appealing a previous ruling that found it held an illegal monopoly in online search.

For more information on these topics, visit diplomacy.edu.

Diplo chatbot can make mistakes. Consider checking important information.