Cybersecurity

ICT policy reform planned to boost digital economy in Bangladesh

Bangladesh is set to overhaul key ICT and telecom policies by June to eliminate major barriers to digital growth, according to Faiz Ahmad Taiyeb, Special Assistant to the Chief Adviser for Posts, Telecommunications and ICT.

He shared the plan at the Bangladesh Investment Summit 2025, highlighting that modern laws and a supportive business environment will pave the way for stronger digital investments.

Taiyeb noted that for over 15 years, fragmented digital initiatives have led to isolated systems with little integration or interoperability.

However, this lack of coordination has weakened citizen services and digital payments, and the government now aims to fix these issues as a top priority. The goal is to empower the country’s vast youth population through technology.

Several major reforms are currently in progress. The Cyber Security Ordinance, set to be finalised by the end of April, will introduce new transparency measures by requiring the government to disclose information about online content restrictions, giving citizens the right to legally challenge them.

Changes to the telecom licensing framework and network infrastructure are also moving forward.

At the summit’s digital growth panel, international experts called for easier cross-border e-commerce and fewer restrictions on digital transactions.

Bangladesh Bank plans to introduce full interoperability in digital payments by next year, and Grameenphone’s CEO highlighted how mobile connectivity continues to drive economic transformation.

For more information on these topics, visit diplomacy.edu.

WooCommerce responds to alleged data breach claim

A hacker going by the alias ‘Satanic’ recently claimed responsibility for a significant data breach affecting websites that use WooCommerce, a leading eCommerce platform. The attacker alleged that over 4.4 million customer records were compromised, including personal and corporate data such as email addresses, phone numbers, physical addresses, and social media profiles, as well as company revenues, staff sizes, and tech stacks.

The original announcement was made on Breach Forums, a known cybercrime forum, where the hacker stated that the data was available for sale via private messages or Telegram. While initial reports—including one by HackRead—linked the breach to WooCommerce-based stores, WooCommerce has since issued an official statement denying that its systems were involved in the incident.

‘We can confirm that no WooCommerce data has been involved in the breach described in these articles. Our team quickly investigated the data samples and compared them against our own records. We determined that the data was not obtained through a breach of WooCommerce.com or any other Automattic services.’ — Jay Walsh, Director of Communications, WooCommerce.

The company believes that the leaked data originated from a third-party service that aggregates publicly available information about e-commerce sites. It is unclear whether the data was accessed legally or obtained through other means.

The attacker claimed the breach was achieved by exploiting vulnerabilities in third-party systems integrated with WooCommerce-powered websites—such as CRMs or marketing platforms—rather than through WooCommerce itself. However, no technical evidence has been shared to substantiate this claim.

The incident follows previous breach claims by the same hacker involving platforms like Magento and Twilio’s SendGrid, the latter of which was also denied by the company.

WooCommerce, owned by Automattic, powers a large share of global online shops. While the platform remains secure according to its developers, the case highlights ongoing concerns about the security of third-party tools and integrations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Rapid AI growth raises global energy demands

The global demand for AI technology is set to consume nearly as much energy by 2030 as Japan does today, with much of that coming from data centres. According to the International Energy Agency (IEA), electricity demand from data centres will more than double by 2030, driven largely by AI.

Some AI data centres will require up to 20 times more energy than the average one, raising concerns about the environmental impact.

While AI’s rapid adoption could increase energy consumption, the IEA believes it also holds the potential for reducing overall greenhouse gas emissions. AI could improve energy efficiency, assist in designing grids for renewable energy, and optimise industrial processes.

However, the report warns that without careful regulation, AI’s growth could strain energy systems and harm the environment, particularly if fossil fuel-powered plants are used to meet energy demand.

Efforts to mitigate the impact of AI include harnessing its capabilities to design energy-efficient systems, optimise transport, and assist in critical infrastructure management. Yet, some experts argue that AI’s energy demands might outpace these benefits unless governments take proactive steps.

Claude Turmes, former Luxembourg energy minister, warned that the IEA’s optimistic outlook overlooks the severe risks to energy systems, urging stronger regulatory measures.

For more information on these topics, visit diplomacy.edu.

New rules in Thailand aim to tackle foreign P2P crypto services

Thailand has introduced a new legal framework targeting foreign, unregulated peer-to-peer (P2P) crypto platforms to combat online financial crime. The Thai SEC announced cabinet approval of updated emergency decrees, imposing strict measures on digital asset businesses in the country.

The amendments impose severe penalties on foreign crypto platforms, including up to three years in prison, fines of 300,000 baht (around $8,700), or both, for violations.

The SEC’s updated rules also empower authorities to block suspicious transactions and demand that crypto service providers report any scam-related activity. Other sectors, such as commercial banks, telecom companies, and social media platforms, now have joint responsibilities for preventing cybercrime.

SEC Secretary-General Pornanong Budsaratragoon stated that the aim is to reduce money laundering risks and minimise damage from online crimes. It will be achieved through stronger enforcement in collaboration with digital agencies.

Despite these stringent measures, Thailand remains open to innovation in the crypto sector. The country has made strides toward adopting blockchain technology, such as planning a blockchain-based trading platform for securities firms. It is also considering a stablecoin backed by government bonds.

For more information on these topics, visit diplomacy.edu

Guns N’ Roses’ Slash quits X after account hacked to promote fake Solana meme coin 

Guns N’ Roses guitarist Slash has permanently quit the social media platform X after his account was repeatedly hacked to promote a Solana-based meme coin. The attack, which occurred on 2 April, involved hackers using his verified account to falsely present the coin, called GUNS, as an official Guns N’ Roses project.

In his farewell tweet, Slash explained that his decision was driven by the repeated hacks. He signalled a shift in how he intends to stay connected with fans. He encouraged followers to explore his presence on other platforms.

The hack came just after April Fool’s Day, with hackers posting several promotional messages about the fake GUNS coin. The posts, which were eventually deleted, claimed the coin would launch soon and announced a $1M investment. While the token is still live, its market value has plummeted to around $3,300.

For more information on these topics, visit diplomacy.edu.

Victims of AI-driven sex crimes in Korea continue to grow

South Korea is facing a sharp rise in AI-related digital sex crimes, with deepfake pornography and online abuse increasingly affecting young women and children.

According to figures released by the Ministry of Gender Equality and Family and the Women’s Human Rights Institute, over 10,000 people sought help last year, marking a 14.7 percent increase from 2023.

Women made up more than 70 percent of those who contacted the Advocacy Center for Online Sexual Abuse Victims.

The majority were in their teens or twenties, with abuse often occurring via social media, messaging apps, and anonymous platforms. A growing portion of victims, including children under 10, were targeted due to the easy accessibility of AI tools.

The most frequently reported issue was ‘distribution anxiety,’ where victims feared the release of sensitive or manipulated videos, followed by blackmail and illegal filming.

Deepfake cases more than tripled in one year, with synthetic content often involving the use of female students’ images. In one notable incident, a university student and his peers used deepfake techniques to create explicit fake images of classmates and shared them on Telegram.

With over 300,000 pieces of illicit content removed in 2024, authorities warn that the majority of illegal websites are hosted overseas, complicating efforts to take down harmful material.

The South Korean government plans to strengthen its response by expanding educational outreach, supporting victims further, and implementing new laws to prevent secondary harm by allowing the removal of personal information alongside explicit images.

For more information on these topics, visit diplomacy.edu.

Former Facebook executive says Meta misled over China

Former Facebook executive Sarah Wynn-Williams has accused Meta of compromising US national security to grow its business in China.

Testifying before the Senate Judiciary Committee, Wynn-Williams alleged that company executives misled employees, lawmakers, and the public about their dealings with the Chinese Communist Party.

Wynn-Williams claimed Meta aimed to gain favour in Beijing while secretly pursuing an $18 billion venture there.

In her remarks, Wynn-Williams said Meta removed the Facebook account of Chinese dissident Guo Wengui under pressure from Beijing. While the company maintains the removal was due to violations of its policies, she framed it as part of a broader pattern of submission to Chinese demands.

She also accused Meta of ignoring security warnings linked to the proposed Pacific Light Cable Network, a project that could have allowed China access to United States user data. According to her, the plans were only halted after lawmakers intervened.

Meta has denied the claims, calling her testimony false and out of touch with reality. A spokesperson noted that the company does not operate in China and that Mark Zuckerberg’s interest in the market had long been public.

The allegations arrive days before Meta’s major antitrust trial, which could result in the breakup of its ownership of Instagram and WhatsApp.

For more information on these topics, visit diplomacy.edu.

Microsoft pauses $1 billion data centre project in Ohio

Microsoft has announced it is ‘slowing or pausing’ some data centre construction projects, including a $1 billion plan in Ohio, amid shifting demand for AI infrastructure.

The company confirmed it would halt early-stage development on rural land in Licking County, near Columbus, and will repurpose two of the sites for farmland.

The decision follows Microsoft’s rapid scaling of infrastructure to meet the soaring demand for AI and cloud services, which has since softened. The company acknowledged that such large projects require continuous adaptation to align with customer needs.

While Microsoft did not specify other paused projects, it revealed the suspension of later stages of a Wisconsin data centre expansion.

The slowdown also coincides with changes in Microsoft’s partnership with OpenAI, with the two companies revising their agreement to allow OpenAI to build its own AI infrastructure. This move reflects broader trends in AI computing needs, which are expensive and energy-intensive.

Despite the pause in Ohio, Microsoft plans to invest over $80 billion in AI infrastructure this fiscal year, continuing its global expansion, though it will now strategically pace its growth to align with evolving business priorities.

Local officials in Licking County expressed their disappointment, as the area had been a hub for significant tech investments, including those from Google and Meta.

For more information on these topics, visit diplomacy.edu.

Brinc drones raises $75M to boost emergency drone tech

Brinc Drones, a Seattle-based startup founded by 25-year-old Blake Resnick, has secured $75 million in fresh funding led by Index Ventures.

Known for its police and public safety drones, Brinc is scaling its presence across emergency services, with the new funds bringing total investment to over $157 million. The round also includes participation from Motorola Solutions, a major player in US security infrastructure.

The company, founded in 2017, is part of a growing wave of American drone startups benefiting from tightened restrictions on Chinese drone manufacturers.

Brinc’s drones are designed for rapid response in hard-to-reach areas and boast unique features, such as the ability to break windows or deliver emergency supplies.

The new partnership with Motorola will enable tighter integration into 911 call centres, allowing AI systems to dispatch drones directly to emergency scenes.

Despite growing competition from other US startups like Flock Safety and Skydio, Brinc remains confident in the market’s potential.

With its enhanced funding and Motorola collaboration, the company is aiming to position itself as a leader in AI-integrated public safety technology while helping shift drone manufacturing back to the US.

For more information on these topics, visit diplomacy.edu.

DeepSeek highlights the risk of data misuse

The launch of DeepSeek, a Chinese-developed LLM, has reignited long-standing concerns about AI, national security, and industrial espionage.

While issues like data usage and bias remain central to AI discourse, DeepSeek’s origins in China have introduced deeper geopolitical anxieties. Echoing the scrutiny faced by TikTok, the model has raised fears of potential links to the Chinese state and its history of alleged cyber espionage.

With China and the US locked in a high-stakes AI race, every new model is now a strategic asset. DeepSeek’s emergence underscores the need for heightened vigilance around data protection, especially regarding sensitive business information and intellectual property.

Security experts warn that AI models may increasingly be trained using data acquired through dubious or illicit means, such as large-scale scraping or state-sponsored hacks.

The practice of data hoarding further complicates matters, as encrypted data today could be exploited in the future as decryption methods evolve.

Cybersecurity leaders are being urged to adapt to this evolving threat landscape. Beyond basic data visibility and access controls, there is growing emphasis on adopting privacy-enhancing technologies and encryption standards that can withstand future quantum threats.

Businesses must also recognise the strategic value of their data in an era where the lines between innovation, competition, and geopolitics have become dangerously blurred.

For more information on these topics, visit diplomacy.edu.

Diplo chatbot can make mistakes. Consider checking important information.