Cybersecurity

UK proposes fines for executives over illegal knife sales ads

The UK government is considering fines of up to £10,000 for social media executives who fail to remove illegal knife advertisements from their platforms. This proposal is part of Labour’s effort to halve knife crime in the next decade by addressing the ‘unacceptable use’ of online spaces to market illegal weapons and promote violence.

Under the plans, police would have the power to issue warnings to online companies and require the removal of specific content, with further penalties imposed on senior officials if action is not taken swiftly.The government also aims to tighten laws around the sale of ninja swords, following the tragic case of 16-year-old Ronan Kanda, who was killed with a weapon bought online.

Home Secretary Yvette Cooper stated that these new sanctions are part of a broader mission to reduce knife crime, which has devastated many communities. The proposals, backed by a coalition including actor Idris Elba, aim to ensure that online marketplaces take greater responsibility in preventing the sale of dangerous weapons.

UN Cybercrime Convention: What does it mean and how will it impact all of us?

After three years of negotiations initiated by Russia in 2017, the UN member states at the Ad Hoc Committee (AHC) adopted the draft of the first globally binding legal instrument on cybercrime. This convention will be presented to the UN General Assembly for formal adoption later this year. The Chair emphasised that the convention represents a criminal justice legal instrument and that the aim is to combat cybercrime by prohibiting certain behaviours by physical persons rather than to regulate the behaviour of member states.

The convention’s adoption has proceeded despite significant opposition from human rights groups, civil society, and technology companies, who had raised concerns about the potential risks of increased surveillance. In July, DiploFoundation invited experts from various stakeholder groups to discuss their expectations before the final round of UN negotiations and to review the draft treaty. Experts noted an unprecedented alignment between industry and civil society on concerns with the draft, emphasising the urgent need for a treaty focused on core cybercrime offences, strengthened by robust safeguards and precise intent requirements.

Once formally adopted, how will the UN Cybercrime Convention (further – UN Convention) impact the security of users in the cyber environment? What does this legal instrument actually state about cross-border cooperation in combating cybercrime? What human rights protections and safeguards does it provide?

We invited experts representing the participating delegations in these negotiations to provide us with a better understanding of the agreed draft convention and its practical implications for all of us. 

Below, we’re sharing the main takeaways, and if you wish to watch the entire discussion, please follow this link.

Overview of the treaty: What would change once the UN Convention comes into effect?

Irene Grohsmann, Political Affairs Officer, Arms Control, Disarmament and Cybersecurity at the Federal Department of Foreign Affairs FDFA (Switzerland), started outlining that there are a few things that will change once the convention comes into force. The Convention will be new in the sense that it provides a legal basis for the first time at the UN level for states to request mutual legal assistance from each other and other cooperation measures to fight cybercrime. It will also provide, for the first time, a global legal basis for further harmonisation of criminal legal provisions regarding cybercrime between those future states parties to the convention. 

‘The Convention will be new in a sense that it provides a legal basis for the first time at UN level for states to request mutual legal assistance from each other and other cooperation measures to fight cybercrime. It will also provide, for the first time, a global legal basis for further harmonisation of criminal legal provisions, regarding cybercrime, between those future states parties to the convention.’

Irene Grohsmann, Political Affairs Officer, Arms Control, Disarmament and Cybersecurity at the Federal Department of Foreign Affairs FDFA (Switzerland)

At the same time, as Irene mentioned, the Convention will remain the same, specifically not the currently applicable standards (such as data protection and human rights safeguards) for fighting cybercrime in the context of law enforcement or cooperation measures. The new UN Convention does not change those existing standards but rather upholds them. 

UN Convention vs. the existing instruments: How would they co-exist?

Irene reminded that the UN Convention largely relies on, and was particularly inspired by the Budapest Convention, and therefore will not exclude the application of other existing international or regional instruments, nor will it take precedence over them. It will rather exist, side by side, with other relevant legal frameworks. This is explicitly stated in the Convention’s preamble and Article 60. Furthermore, regional conventions are typically more concrete and thus remain highly relevant in combating cybercrime. Irene noted that when states are parties to a regional convention and the UN Convention, they can opt for the regional one if it offers a more specific basis for cooperation. When states have ratified multiple conventions, they use key principles to decide which to apply, such as specificity and favorability.

Andrew Owusu-Agyemang, Deputy Manager at the Cyber Security Authority (Ghana), agreed with Irene, highlighting the Malabo Convention’s specific provisions on data protection, cybersecurity, and national cybersecurity policy. Andrew noted that the Budapest Convention complements Malabo by covering procedural powers and international cooperation gaps, benefiting parties like Ghana, a member of both. The novelty in the UN Cybercrime Convention, however, is the fact that the text introduces the criminalisation of the non-consensual dissemination of intimate images. Together, these instruments are complementary, filling gaps where others need more.

‘All these treaties can coexist because they are complementary in nature and do not polarize each other. However, the novelty in the UN Cybercrime Convention is that it introduces the criminalization of the non-consensual dissemination of intimate images.’

Andrew Owusu-Agyemang, Deputy Manager at the Cyber Security Authority (Ghana)

Cross-border cooperation and access to electronic evidence: What does the UN Convention say about this, including Article 27?

Catalina Vera Toro, Alternate Representative, Permanent Mission of Chile to the OAS, Ministry of Foreign Affairs (Chile), addressed how the UN Cybercrime Convention, particularly Article 27, handles cross-border cooperation for accessing electronic evidence, allowing states to compel individuals to produce data stored domestically or abroad if they have access to it. However, this raises concerns over accessing data across borders without the host country’s consent—a contentious issue in cybercrime. The Convention emphasises state sovereignty and encourages cooperation through mutual legal assistance rather than unilateral actions, advising states to request data access through established frameworks. While Article 27 allows states to order individuals within their borders to provide electronic data, it does not provide for unilateral cross-border data access without the consent of the other state involved.

‘The fact that we have a convention is also a positive note on what diplomacy and multilateralism can achieve. This convention helps bridge gaps between existing agreements and brings in new countries that are not part of those instruments, making it an instrumental tool for addressing cybercrime. That’s another positive aspect to consider.’

Catalina Vera Toro, Alternate Representative, Permanent Mission of Chile to the OAS, Ministry of Foreign Affairs (Chile)

Catalina noted that this approach balances effective law enforcement with respect for sovereignty. Unlike the Budapest Convention, which raised sovereignty concerns, the UN Convention emphasises cooperation to address these fears. While some states worry it may bypass formal processes, the Convention’s focus on mutual assistance aims to respect jurisdictions while enabling cybercrime cooperation.

Briony Daley Whitworth, Assistant Secretary, Cyber Affairs & Critical Technology Branch, Department of Foreign Affairs and Trade (Australia), added on the placement of this article in the convention as it pertains to law enforcement powers for investigating cybercrime within a state’s territory, distinct from cross-border data sharing. This article must be considered alongside the jurisdiction chapter, which outlines the treaty’s provisions for investigating cybercrimes, including those linked to the territory of each state party. The sovereignty provisions set limits on enforcement powers, dictating where they apply. The article also includes procedural safeguards for data submission requests, such as judicial review. Importantly, ‘specified electronic data’ must be clarified, covering data on personal devices and data controlled but not possessed by individuals, such as cloud-stored information. Legal entities, not just individuals, may be involved; for example, law enforcement would need to request data from a provider like Google rather than the user. Briony highlighted that this framework in the UN Convention drew heavily from the Budapest Convention and stressed the importance of examining its existing interpretations, used by over 76 countries, to guide how Article 27 might be applied, reinforcing that cross-border data access requires the knowledge of the state involved.

Does the convention clarify how individuals and entities can challenge data requests from law enforcement? Briony emphasised the need for clear conditions and safeguards, noting that the convention requires compliance with international human rights laws and domestic review mechanisms. Individuals can challenge orders through judicial review, and law enforcement must justify warrants with scope, duration, and target limitations. However, Briony cautioned that the treaty’s high-level language relies on countries implementing these safeguards domestically. Catalina added that the convention’s protections work best as an integrated framework, noting that countries with strong checks and balances, like Chile, already offer resources for individual rights protection.

‘Human rights protections were really at the forefront of a lot of the negotiations over the last couple of years. We managed to set a uniquely high bar in the general provisions on human rights protections for a UN convention, particularly a criminal convention. This convention not only affirms that human rights apply but also states that nothing in it can be interpreted to permit the suppression of human rights. Additionally, it includes an article on the protection of personal data during international transfers, which is rare for a UN crime convention. Objectively, this convention offers more numerous and robust safeguards than other UN conventions. One of our priorities was ensuring that this convention does not legitimise bad actions. While we cannot stop bad actors, we can ensure that this convention helps combat their actions without legitimising them, which we have largely achieved through the human rights protections.’

Briony Daley Whitworth, Assistant Secretary, Cyber Affairs & Critical Technology Branch, Department of Foreign Affairs and Trade (Australia)

How does the UN Convention define and protect ‘electronic data’?

Catalina noted that defining ‘electronic data’ was challenging throughout negotiations, with interpretations varying based on a country’s governance, which impacts legal frameworks and human rights protections. The convention defines electronic data broadly, covering all types of data stored in digital services, including personal documents, photos, and notes – regardless of whether that data has been communicated to anyone. Importantly, accessing electronic data generally has a lower threshold than accessing content or traffic data, which have more specific definitions within the convention.

This broader definition enables states to request access to electronic data, even if it contains private information intended to remain confidential. However, Catalina emphasised that domestic legal frameworks and other provisions within the convention are designed to protect human rights and safeguard individual privacy. 

Briony also clarified that electronic data’ specifically refers to stored data, not actively communicated data. States differentiate electronic data from subscriber, traffic, and content data related to network communications. This definition is based on the Budapest Convention’s terminology for computer data, allowing for a wider interpretation of the types of data involved. She also emphasised that the UN Convention establishes a high standard for human rights protections, affirming their applicability and stating that it should not be interpreted to suppress rights. It includes provisions for protecting personal data during international transfers and reinforcing commitment to human rights in electronic data contexts. However, Briony added that the Convention has some flaws, noting that Australia wishes certain elements had been more thoroughly addressed. Nonetheless, the UN convention is a foundational framework for building trust among states to combat cybercrime effectively while balancing human rights commitments.

Technology transfer: What are the main takeaways from the convention to facilitate capacity building?

Andrew highlighted that technical assistance and capacity development are fundamental to effectively implementing this convention. The UN Cybercrime Treaty lays a robust foundation for technical assistance and capacity development, offering practical mechanisms such as MOUs, personnel exchanges, and collaborative events to strengthen countries’ capacities in their fight against cybercrime. The convention’s technical assistance chapter encourages parties to enter multilateral or bilateral agreements to implement relevant provisions. These MOUs, in particular, can facilitate the development of the capacities of law enforcement agencies, judges, and prosecutors, ensuring that cybercrime is prosecuted effectively.

Implementation and additional protocols: Which mechanisms does the draft convention include for keeping up to date with the pace of technological developments?

Irene clarified that, although the UN Convention has been adopted at the AHC, some topics need further discussion among member states. Due to time constraints, these discussions were postponed, including which crimes should be included in the criminalisation chapter. Some states, like Switzerland, prefer a focused list of cyber-dependent crimes, while others advocate for a broader inclusion of both cyber-dependent and cyber-enabled crimes. Irene noted that resource considerations influence Switzerland’s perspective, emphasising the need to focus on ratification and implementation rather than dividing resources with a supplementary protocol. While a supplementary protocol will need discussion in the future, there is still time to determine its content or negotiation topics.

Irene emphasised that the convention uses technology-neutral language to keep the text up-to-date with technological developments, allowing it to focus on behaviour rather than specific technologies, similar to the successful Budapest Convention. Adopted in 2001, the Budapest Convention has remained relevant for over two decades, and we hope for the same with the UN Convention. Additionally, the convention allows for future amendments; once in force and the Conference of States Parties is established, member states can address any coverage inadequacies and consider amendments five years after implementation.

Ambassador Asoke Mukerji, India’s former ambassador to the United Nations in New York, who chaired India’s national multiple-stakeholder group on recommending cyber norms for India in 2018, noted that, despite initial scepticism about the feasibility of such a framework, the current momentum demonstrates that, with trust and commitment, it is possible to establish international agreements addressing cybercrime. He also praised the effectiveness of multistakeholder participation in addressing the evolving challenges in cyberspace. However, Ambassador Mukerji cautioned about challenges regarding technology transfer, referring to recent statements at the UN General Assembly that could restrict such efforts. He expressed hope that developing countries would receive the necessary flexibility to negotiate favourable terms.

‘The negotiations took place against a very difficult global environment, and our participation from India proved to be useful. It demonstrated that countries, committed to a functional multilateral system, can benefit from it, impacting our objectives of international cooperation. Additionally, the process highlighted the effectiveness of multistakeholder participation in cyberspace. The convention and its negotiation process validate our choice to use this model to address the new challenges facing multilateralism.’

Ambassador Asoke Mukerji, India’s former ambassador to the United Nations in New York

Concluding remarks

The panellists unanimously highlighted the indispensable role of human rights standards, emphasising that any practical international cooperation against cybercrime must prioritise these principles. Briony also pointed out that the increasingly complex cyber threat landscape demands a collective response to enhance cybersecurity resilience and capabilities. The treaty’s significant achievements, including protections against child exploitation and the non-consensual dissemination of intimate images, reflect a commitment to safeguarding both victims’ and offenders’ rights. Catalina highlighted that certain types of crimes, such as gender-based violence, were also included in the text, and this is another significant achievement.

All experts also agreed that the active involvement of civil society, NGOs, and the private sector is vital for ensuring that diverse expertise contributes meaningfully to the ratification and implementation processes. Public-private partnerships were specifically mentioned as essential for fostering collaboration in cybercrime prevention. Ultimately, the success of the Convention lies not only in its provisions but also in the collaborative spirit that must underpin its implementation. By working together, stakeholders can create a safer and more secure cyberspace for all.

We at Diplo invite you all to re-watch the online expert discussion and engage in a broader conversation about the impacts of this negotiation process. In the meantime, stay tuned! We’ll further provide updates and analysis on the UN cybercrime convention and relevant processes.

Germany’s cybersecurity on high alert ahead of elections

Germany is strengthening its cyber defences as elections approach, with Interior Minister Nancy Faeser highlighting the need for robust protections against cyber-attacks and disinformation. Faeser warned of potential threats from Russia and other foreign actors, stressing that democracy must also be safeguarded in the digital realm.

The annual report from the Federal Office for Information Security pointed to Germany’s vulnerability to hybrid threats, which include hacking, manipulation, and disinformation. Faeser confirmed plans to bolster cybersecurity, aiming to counteract any attempts at digital interference that could destabilise the election process.

Germany’s snap elections are set for early next year, following the collapse of Chancellor Olaf Scholz’s coalition government amid economic concerns and rising populism. While recent elections saw no major cybersecurity incidents, authorities continue to monitor for risks.

With the political landscape in flux, security agencies remain vigilant. Enhanced measures are in place to detect and address cyber threats as the nation prepares for a potentially turbulent electoral period.

GIGA investor loses $6 million in phishing scam

A prominent Gigachad (GIGA) investor lost $6.09 million in a sophisticated phishing attack after clicking on a fake Zoom meeting link. The link redirected them to a malicious website that installed malware, enabling the hacker to drain three crypto wallets and steal 95.3 million GIGA tokens.

The hacker swiftly exchanged the stolen tokens for Solana and stablecoins like Tether and USD Coin, later transferring some funds to the KuCoin exchange. Crypto investigation firm Scam Sniffer revealed the method, and law enforcement, including the FBI, has been involved in the case.

Despite the significant loss, the investor remains optimistic, declaring confidence in recouping their funds during the ongoing crypto bull market. “I’m going to make it all back and more. Just watch me,” they said.

TSA proposes new cybersecurity rule to bolster US transportation infrastructure resilience

The US Transportation Security Administration (TSA) has proposed a new cybersecurity rule designed to strengthen the resilience of surface transportation infrastructure. Specifically, the rule mandates high-risk operators, including those in the pipeline, railroad, and bus sectors, to implement comprehensive Cyber Risk Management (CRM) programs to manage and mitigate cybersecurity risks.

In addition to this, operators will be required to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA) and physical security concerns to TSA. Furthermore, the rule stipulates that operators must develop and maintain detailed cybersecurity plans, including a Cybersecurity Assessment Plan (CAP) for annual evaluations and a Cybersecurity Operational Implementation Plan (COIP) to guide improvements.

These plans must incorporate governance structures, designate cybersecurity coordinators, and undergo regular audits to assess their effectiveness. Moreover, the rule promotes a defence-in-depth approach to cybersecurity by including system monitoring, patch management, and incident response planning, all of which aim to reduce the impact of cyberattacks.

Additionally, TSA seeks public feedback on the rule’s potential compliance burdens, economic impacts, and ways to streamline the process, particularly for smaller entities. TSA’s initiative reflects a broader commitment to enhancing the cybersecurity posture of surface transportation systems while ensuring regulatory consistency across federal, state, and local levels.

Why does it matter?

The agency is seeking input on reducing redundancies and improving alignment with existing regulations, particularly in cybersecurity training and personnel vetting for high-risk industries. By gathering feedback, TSA aims to refine the rule and ensure it effectively addresses the evolving cyber threats facing the nation’s critical transportation infrastructure.

South Korea attributes cyberattacks to pro-Russia groups amid rising tensions with North Korea

South Korea has reported a rise in cyberattacks by pro-Russia hacking groups following North Korea’s recent deployment of troops to Russia in support of its war against Ukraine. Seoul’s presidential office held an emergency meeting after detecting denial-of-service attacks on government and private websites, leading to temporary outages but no significant damage. Officials have pledged to strengthen cybersecurity defences in response to the attacks.

The South Korean government noted that pro-Russian hacktivist attacks have grown more frequent since North Korea sent troops to Russia. Reports indicate that over 10,000 North Korean soldiers are now stationed in Russia, with some reportedly engaged in combat near Ukraine.

The new military partnership between Pyongyang and Moscow has drawn condemnation from South Korea, the US, and Western allies, with Ukrainian President Volodymyr Zelensky warning that these developments mark a new era of global instability.

FCA cracks down on £1.5 million crypto scam targeting UK investors

The UK’s Financial Conduct Authority (FCA) has successfully prosecuted two men, Raymondip Bedi and Patrick Mavanga, for running a £1.5 million cryptocurrency investment fraud that misled 65 investors. Between 2017 and 2019, Bedi and Mavanga lured investors through cold calls and fraudulent, professional-looking websites, offering high returns on fake crypto platforms. The tactic resulted in substantial losses for their victims, totalling over £1.5 million.

The FCA charged both men with conspiracy to defraud, operating without FCA authorisation, and money laundering. Mavanga also faced additional charges for perverting the course of justice by deleting phone records linked to the scheme. The prosecution underscores the FCA’s mandate to uphold financial service standards and highlights the importance of being wary of unsolicited calls and online investment offers.

Two other suspects were involved: Rowena Bedi was acquitted, while a third defendant awaits a retrial in 2025. Another individual, Minas Filippidis, remains at large. The FCA advises consumers to stay vigilant against scams and only trust financial services authorised by the agency.

Rocket lab CEO’s X account hacked, company responds

Rocket Lab, a leading player in the small satellite launch industry, announced that its CEO Peter Beck’s account on X (formerly Twitter) was compromised on Wednesday. The company, which has a market valuation of $6.5 B and manufactures the Electron rocket, confirmed that they are working closely with X to secure Beck’s account.

The breach came to light after a suspicious post from Beck’s account promoted a new Ethereum-based token supposedly aimed at funding space-themed projects. Rocket Lab quickly issued a statement clarifying that this post was not official, and their team is collaborating with X to restore account control.

Rocket Lab is actively addressing the issue, emphasising their commitment to safeguarding their leadership’s social media presence against further cybersecurity breaches.

FTC charges Sitejabber over fake reviews

The Federal Trade Commission (FTC) has charged Sitejabber, an online review platform, for violating its new rules on fake reviews. This marks one of the agency’s first enforcement actions under updated regulations designed to curb deceptive practices. The FTC alleges that Sitejabber misled consumers by using point-of-sale reviews—feedback collected before customers had received any products or services—to falsely inflate businesses’ review scores.

The company allowed its clients to publish these premature reviews, giving a false impression that they reflected actual customer experiences. The FTC has now ordered Sitejabber to stop this practice and prohibited it from assisting other businesses in misrepresenting reviews. The new rules, which took effect last month, aim to tackle deceptive online review practices, including those involving AI-generated reviews and fake review websites masquerading as independent.

The FTC’s crackdown is part of a broader effort to address the rising problem of fake reviews on e-commerce platforms like Amazon. With the new regulations in place, the agency intends to prevent misleading online content that could deceive consumers into making purchasing decisions based on false information.

South Korean Bitcoin scam uncovered after targeting police detective

A South Korean detective has helped bring down a Bitcoin mining scam operation after accidentally becoming one of its targets. The scammers, who operated an illegal call centre, contacted the detective in April, unaware of his position. Realising it was a scam, the detective pretended to fall for the “high-yield” Bitcoin investment scheme, providing his details as if he was interested in investing. This move allowed police to trace the call and investigate further.

Following the detective’s lead, officers were able to track down the scam’s headquarters in Incheon, arresting 81 individuals involved. Among them were those suspected of buying leaked personal data and using fake SIM cards to contact potential victims. Nine key members, including the suspected ringleader, have been detained, while others face charges related to economic crimes and data privacy violations.

Police revealed the group had been running the scheme since October last year, defrauding at least 50 victims. They allegedly lured investors by offering small “dividends” during a free trial period, then asking for larger sums. Altogether, the group is thought to have raised over $1.6 million, promising easy profits through Bitcoin mining. Authorities have urged the public to be cautious of schemes that promise high returns with minimal effort, warning these are often fraudulent.

Diplo chatbot can make mistakes. Consider checking important information.