Cybersecurity Archives | Page 273 of 369 | Digital Watch Observatory

Italy blocks DeepSeek chatbot over privacy concerns

Italy’s data protection authority, the Garante, has ordered the Chinese AI startup DeepSeek to block its chatbot in the country, citing insufficient responses to queries about its privacy policy. The watchdog had requested detailed information on data collection practices, sources, purposes, and storage, particularly concerning whether user data is stored in China. DeepSeek’s failure to adequately address these concerns prompted the Garante to impose an immediate ban and launch an investigation.

DeepSeek had removed its AI assistant from Italian app stores earlier this week but claimed it was not subject to local regulation. Agostino Ghiglia, a member of the Garante’s board, stated that the company’s stance worsened its position. Italian users who had already downloaded the app still reported access to the chatbot, while the web version remains operational. The Garante emphasised that European citizens must have clear consent and data protection guarantees, especially regarding servers located in China.

The Garante’s action highlights growing scrutiny of AI platforms in Europe, with data regulators in Ireland and France also questioning DeepSeek’s privacy practices. Italy‘s proactive approach has drawn attention; the country temporarily banned ChatGPT in 2023 over similar concerns. DeepSeek has positioned its AI as a cost-effective alternative to US models, surpassing ChatGPT as the top-rated app on Apple’s US App Store. However, its refusal to cooperate with European regulators may jeopardise its expansion.

TRUMP meme coin hype fuels wave of crypto scams

The launch of the TRUMP meme coin has drawn massive attention, reaching a $72 billion market cap in just two days. The excitement has also unleashed a wave of fraudulent activity, with over 6,800 fake tokens and 91 malicious decentralised applications (dApps) flooding the market, according to blockchain forensic firm Blockaid.

Scammers capitalised on the hype surrounding TRUMP, creating counterfeit tokens and applications designed to mimic the original coin. The surge in fake assets, particularly on networks like Solana and Ethereum, has made it increasingly difficult for investors to distinguish legitimate tokens from malicious ones. The scheme extended to tokens referencing Trump family members, further complicating the situation.

Blockaid has worked to shield users from these threats, blocking hundreds of interactions with fake assets since the TRUMP token’s release. While cryptocurrency’s decentralised nature empowers users, it also provides opportunities for bad actors, underscoring the ongoing need for vigilance and robust scam prevention efforts.

DeepSeek also triggered drop of uranium

Following the failure of tech companies, the uranium market, which is crucial for developing power-intensive AI technologies through nuclear energy, experienced price fluctuations. The spot price of uranium dropped $3.90 per pound, settling at $67.30 per pound by Tuesday, marking a weekly decline of $6.55. Despite the price decrease, the market saw substantial activity, with 21 recorded transactions amounting to 1.8 million pounds of uranium oxide in the past week. This indicates potential emerging demand, especially from power utilities seeking prices below $70 per pound.

BMO Capital Markets analyst George Heppel maintains an optimistic long-term outlook for uranium demand, highlighting ongoing nuclear reactor constructions in China as a driving force. This growth expectation is underscored by improving economics in the carry trade, which might sustain or even boost uranium prices despite recent declines. Interestingly, as uranium prices dipped, major uranium companies like Cameco, Kazatomprom, and NexGen Energy experienced stock gains on Tuesday, signalling investor confidence in the sector’s future.

The report captures a complex financial landscape where tech stocks exhibit temporary volatility while the uranium market remains robust. Despite immediate setbacks in tech, there is a potential recovery path, and the promising outlook for uranium reflects its indispensable role in advancing AI technologies. This dual narrative of short-term market challenges and optimistic long-term growth prospects offers valuable insights into the interplay between evolving technological demands and foundational energy resources.

Exein secures cybersecurity deal with MediaTek

Italian cybersecurity startup Exein has signed an agreement with Taiwan’s MediaTek to embed its security technology into the chipmaker’s Genio platform. The partnership will provide advanced security features for billions of chips used in mobile, home, automotive, and healthcare industries worldwide.

Exein expects its technology to be implemented in over 3 billion devices as a result of the deal. The partnership, valued at more than 5 million euros, is projected to double in worth by 2028. The company views MediaTek as a key strategic partner and sees this collaboration as a step towards expanding into automotive and robotics sectors globally.

Italy has been striving to foster a stronger tech startup ecosystem, and this agreement marks a significant milestone. Exein previously raised $15 million in Series B funding and counts major companies like Daikin, Seco, and Kontron among its clients.

EU sanctions three Russians over 2020 cyberattacks on Estonia

The European Union has imposed sanctions on three Russian nationals for their alleged role in cyberattacks targeting Estonia in 2020. Nikolay Korchagin, 28, Vitaly Shevchenko, 28, and Yuriy Denisov, 45—suspected operatives of the cyber division of Russia’s GRU military intelligence service—are accused of breaching classified Estonian government networks and stealing sensitive data.

According to the Council of the EU, the attacks compromised thousands of confidential documents, including business secrets, health records, and other critical information. In September 2024, Estonia publicly attributed the attack to Unit 29155, marking the first time the country formally identified a state-backed cyber operation.

‘Both a national and an international investigation that included 10 countries showed that Russia aimed to damage national computer systems, obtain sensitive information and strike a blow against our sense of security,’ Estonian Foreign Minister Margus Tsahkna stated at the time.

As part of the sanctions, Korchagin, Shevchenko, and Denisov face an asset freeze, a prohibition on EU individuals and businesses providing them with funds, and a travel ban barring them from entering or transiting through the EU territory.

The move follows a similar decision by the US government in September last year. The US Department of Justice indicted members of Unit 29155 and placed a $10 million bounty for information aiding prosecution. The indictment primarily focused on the WhisperGate cyberattack—a data-wiping operation targeting Ukraine ahead of Russia’s 2022 invasion. Korchagin and Denisov were specifically named in the US sanctions, while Shevchenko was labelled an ‘associated individual’ by the State Department.

Last year, the EU’s credibility in cyber sanctions was undermined when a clerical error in a formal sanctions notice mistakenly identified the wrong Russian intelligence agency responsible for a series of cyberattacks. Additionally, Bart Groothuis, a Dutch MEP and former Ministry of Defence employee, noted that the EU’s response remains fragmented, particularly in comparison to coordinated actions taken by the US and UK.

Italy suspends DeepSeek AI app amid data protection concerns

The Chinese AI app DeepSeek was removed from Apple and Google app stores in Italy on Wednesday, following a request by the country’s data protection authority for information on its handling of personal data. Italy’s Garante regulator gave DeepSeek 20 days to clarify what data it collects, its sources, purposes, and whether it is stored in China. Concerns over safeguarding underage users, potential bias, and risks of electoral interference were also highlighted by Garante chief Pasquale Stanzione.

The app, which recently surpassed ChatGPT in downloads from Apple’s App Store, remains functional for Italian users who had already installed it. It is also still available in other European Union countries and the UK. Ireland‘s Data Protection Commission has also sought details about DeepSeek’s data processing practices for Irish users, while Germany‘s government has voiced concerns about potential AI-driven election interference ahead of its February vote.

Italy’s Garante is known for its proactive stance on AI regulations, having temporarily banned ChatGPT in 2023 over alleged breaches of EU privacy laws. DeepSeek, which touts itself as a cost-efficient alternative to U.S. AI services, has faced mounting scrutiny as it gains popularity. Meanwhile, Irish regulators noted that DeepSeek has not designated Ireland as its EU headquarters, complicating oversight under EU data protection rules.

Europol highlights encryption concerns at the World Economic Forum

At the World Economic Forum in Davos, Europol’s executive director, Catherine De Bolle, urged tech companies to provide law enforcement access to encrypted messages, citing public safety concerns. While she argued this is necessary to combat crime and protect democracy, critics highlighted the risks of undermining encryption, which is essential for privacy and individual freedoms.

De Bolle compared accessing encrypted communications to executing a search warrant in a locked house. However, this analogy oversimplifies the issue, as encryption safeguards sensitive data and ensures private communication, even under authoritarian regimes. Weakening it could lead to widespread misuse, enabling mass surveillance and suppression, as seen in places like Russia.

Advocates for privacy stress that encryption is not merely a barrier to crime but a cornerstone of democracy, enabling free speech and safeguarding against state overreach. While law enforcement has other tools for crime-fighting, creating backdoors to encryption would expose everyone to cyber risks and potentially render digital security obsolete.

If governments succeed in weakening encryption, decentralised solutions backed by blockchain technology could rise, making such access nearly impossible in the future. The debate underscores the critical balance between security and preserving fundamental rights.

Breaking Bad star’s X account hijacked for fake meme coin promotion

Dean Norris, famed for his role as Hank Schrader in Breaking Bad, had his X account hacked to promote a fraudulent memecoin. The coin, DEAN, which briefly reached a market cap of over $8 million, was part of a pump-and-dump scheme. Norris confirmed the hack on 26 January, stating that the coin was a ‘complete, fake scam’ and slamming Reddit users who blamed him for the incident.

The hackers used Norris’s likeness in a doctored video and images to deceive people into thinking he was endorsing the token. Although the promotional posts were eventually removed, screenshots of the fraudulent content circulated online. Blockchain data showed a massive spike in the coin’s value, which quickly collapsed after the scam was exposed.

It is not the first time Norris has been targeted by crypto fraudsters. In November, his account was also hijacked in a similar scheme, with connections to other high-profile account takeovers. Norris, who rarely uses X and does not have a Telegram account, revealed he was unaware of the hack until friends alerted him.

Polish game developer hit by cyberattack demanding ransom

Big Cheese Studio, a game development studio based in Poland, confirmed it suffered a cyberattack early Friday, according to the Polish Press Agency (PAP). The attack occurred around 4:00 GMT, and the company’s website remained offline several hours later. Management stated that security measures were in place, with an official statement expected later in the day.

Reports indicate hackers accessed the studio’s game code systems and employee personal data. The attackers are allegedly demanding 100,000 zlotys (£19,000) in cryptocurrency to prevent the release of stolen information. Users on social media platform X brought attention to the ransom threat, sparking concerns over data privacy and security.

Big Cheese Studio, listed on the Warsaw Stock Exchange, is working to address the breach. The incident underscores growing risks faced by companies in the gaming industry from cyber threats.

Undersea cable damaged between Latvia and Sweden

A fibre optic cable running under the Baltic Sea between Latvia and Sweden sustained significant damage, likely due to external factors, according to Latvian authorities. The incident prompted NATO to deploy patrol ships and launch a coordinated investigation with Sweden, where the Security Service seized control of a vessel as part of its probe. Latvian Prime Minister Evika Silina confirmed that her government is collaborating with NATO and neighboring Baltic Sea countries to determine the cause.

Senior prosecutor Mats Ljungqvist stated that investigators are conducting several actions but refrained from disclosing details due to the ongoing preliminary inquiry.

NATO’s recently launched ‘Baltic Sentry’ mission, involving naval and aerial assets, aims to safeguard critical infrastructure in the region following a series of incidents affecting cables, pipelines, and telecom links since Russia’s invasion of Ukraine in 2022. The project also includes the deployment of new technologies, including a small fleet of naval drones. Swedish Prime Minister Ulf Kristersson also emphasized close cooperation with NATO and Latvia in response to the situation.

The damaged cable, located in Sweden’s exclusive economic zone, connects Latvia’s Ventspils to Sweden’s Gotland island. The Latvian State Radio and Television Centre (LVRTC), which operates the cable, reported switching communications to alternative routes and is contracting a repair vessel. Repairs are expected to proceed more quickly than those for gas pipelines or power cables, as fibre optic cables in the Baltic Sea are typically restored within weeks.

This incident follows last month’s damage to the Finnish-Estonian Estlink 2 power line and telecom cables, reportedly caused by a Russian tanker dragging its anchor. Finnish and Swedish leaders underscored the importance of bolstering the protection of critical undersea infrastructure in the Baltic Sea. NATO also stated it reserves the right to act against ships deemed security risks while continuing to monitor the situation closely.