The 34th International Conference of the Red Cross and Red Crescent has adopted a new resolution to protect civilians and essential infrastructure from the potential risks posed by ICT activities during armed conflict. Recognising the increased likelihood of information and communication technologies (ICTs) being used in future conflicts, the resolution addresses the need to safeguard civilian lives and critical systems from the unintended human costs of these operations.
The resolution highlights concerns over the malicious use of ICT capabilities by parties in conflict, noting that such activities could impact protected persons and objects, including essential infrastructure like power, water, and healthcare systems. It underscores that these civilian objects are crucial for survival and should remain unaffected during hostilities. The resolution further emphasises the importance of preventing these activities from crossing international borders, which could inadvertently impact civilians in other regions.
Acknowledging the limited resources and capacities of some states and humanitarian organisations, the resolution also draws attention to the vulnerability this may create. Without adequate defences, states and components of the Red Cross and Red Crescent Movement could face greater risks from cyber incursions during the conflict.
Another focus of the resolution is the potential for civilians to become involved in cyber activities related to conflict, either by conducting or supporting operations. It points to the need for greater awareness of the risks and legal implications, as civilians may need to fully understand the consequences of their involvement in ICT-related activities in conflict situations.
The resolution also calls for further study and dialogue on how international humanitarian law (IHL) applies to ICT activities in warfare. It acknowledges that while IHL traditionally protects civilians and critical infrastructure during conflict, the unique characteristics of cyberspace may require additional interpretation and understanding.
By adopting this resolution, the Red Cross aims to ensure that, as the nature of conflict changes, a strong international framework remains to protect civilians and essential infrastructure from the emerging threats posed by cyber activities in armed conflict.
The Consumer Financial Protection Bureau (CFPB) has informed Meta of its intention to consider ‘legal action’ concerning allegations that the tech giant improperly acquired consumer financial data from third parties for its targeted advertising operations. This federal investigation was revealed in a recent filing that Meta submitted to the Securities and Exchange Commission (SEC).
The filing indicates that the CFPB notified Meta on 18 September that it evaluated whether the company’s actions violate the Consumer Financial Protection Act, designed to protect consumers from unfair and deceptive financial practices. The status of the investigation remains uncertain, with the filing noting that the CFPB could initiate a lawsuit soon, seeking financial penalties and equitable relief.
Meta, the parent company of Instagram and Facebook, is facing increased scrutiny from regulators and state attorneys general regarding various concerns, including its privacy practices.
In the SEC filing, Meta disclosed that the CFPB has formally notified the company about an investigation focusing on the alleged receipt and use for advertising of financial information from third parties through specific advertising tools. The inquiry targets explicitly advertising related to ‘financial products and services,’ although it remains to be seen whether the scrutiny pertains to Facebook, Instagram, or both platforms.
While a Meta spokesperson refrained from commenting on the matter, the company stated in the filing that it disputes the allegations and believes any enforcement action would be unjustified. The CFPB also opted not to provide additional comments.
Amid this scrutiny, Meta recently reported $41 billion in revenue for the third quarter, a 19 percent increase from the previous year. A significant portion of this revenue is generated from its targeted advertising business, which has faced criticism from the Federal Trade Commission (FTC) and European regulators for allegedly mishandling user data and violating privacy rights.
In 2019, Meta settled privacy allegations related to the Cambridge Analytica scandal by paying the FTC $5 billion after it was revealed that the company had improperly shared Facebook user data with the firm for voter profiling. Last year, the European Union fined Meta $1.3 billion for improperly transferring user data from Europe to the United States.
Google researchers announced a breakthrough in cybersecurity, revealing they have discovered the first vulnerability using a large language model. This vulnerability, identified as an exploitable memory-safety issue in SQLite—a widely used open-source database engine—marks a significant milestone, as it is believed to be the first public instance of an AI tool uncovering a previously unknown flaw in real-world software.
The vulnerability was reported to SQLite developers in early October, who promptly addressed the issue on the same day it was identified. Notably, the bug was discovered before being included in an official release, ensuring that SQLite users were unaffected. Google emphasised this development as a demonstration of AI’s significant potential for enhancing cybersecurity defences.
The initiative is part of a collaborative project called Big Sleep, which involves Google Project Zero and Google DeepMind, stemming from previous efforts focused on AI-assisted vulnerability research.
Many companies, including Google, typically employ a technique known as ‘fuzzing,’ where software is tested by inputting random or invalid data to uncover vulnerabilities. However, Google noted that fuzzing often needs to improve in identifying hard-to-find bugs. The researchers expressed optimism that AI could help bridge this gap. ‘We see this as a promising avenue to achieve a defensive advantage,’ they stated.
The identified vulnerability was particularly intriguing because it was missed by existing testing frameworks, including OSS-Fuzz and SQLite’s internal systems. One of the key motivations behind the Big Sleep project is the ongoing challenge of vulnerability variants, with more than 40% of zero-day vulnerabilities identified in 2022 being variants of previously reported issues.
Aleksei Andriunin, the founder of cryptocurrency firm Gotbit, has been indicted in the US for alleged involvement in a conspiracy to manipulate cryptocurrency markets. The Justice Department claims that Andriunin and his firm provided market manipulation services to increase artificial trading volumes for various cryptocurrency companies from 2018 to 2024.
The superseding indictment also names Gotbit’s directors, Fedor Kedrov and Qawi Jalili, who were already charged earlier in October. Prosecutors allege that these actions aimed to distort the cryptocurrency markets, with several companies, including some in the United States, reportedly benefitting from these tactics.
If convicted, Andriunin faces significant penalties, with wire fraud charges carrying a potential 20-year prison sentence. He could also face an additional five years for conspiracy charges. The allegations form part of a larger crackdown on crypto market manipulation, which has already led to several arrests and asset seizures worth $25 million.
Recent moves by federal prosecutors highlight a more aggressive stance on crypto-related fraud. They have targeted multiple firms, including Gotbit, and several leaders have already agreed to plead guilty. The crackdown aims to strengthen transparency and curb malpractice in the cryptocurrency market.
China’s People’s Liberation Army (PLA) has adapted Meta’s open-source AI model, Llama, to create a military-focused tool named ChatBIT. Developed by researchers from PLA-linked institutions, including the Academy of Military Science, ChatBIT leverages an earlier version of Llama, fine-tuned for military decision-making and intelligence processing tasks. The tool reportedly performs better than some alternative AI models, though it falls short of OpenAI’s ChatGPT-4.
Meta, which supports open innovation, has restrictions against military uses of its models. However, the open-source nature of Llama limits Meta’s ability to prevent unauthorised adaptations, such as ChatBIT. In response, Meta affirmed its commitment to ethical AI use and noted the need for US innovation to stay competitive as China intensifies its AI research investments.
China’s approach reflects a broader trend, as its institutions reportedly employ Western AI technologies for areas like airborne warfare and domestic security. With increasing US scrutiny over the national security implications of open-source AI, the Biden administration has moved to regulate AI’s development, balancing its potential benefits with growing risks of misuse.
ElonMusk’s social media platform, X, is facing criticism from the Center for Countering Digital Hate (CCDH), which claims its crowd-sourced fact-checking feature, Community Notes, is struggling to curb misinformation on the upcoming US election. According to a CCDH report, out of 283 analysed posts containing misleading information, only 26% showed corrected notes visible to all users, allowing false narratives to reach massive audiences. The 209 uncorrected posts gained over 2.2 billion views, raising concerns over the platform’s commitment to truth and transparency.
Community Notes was launched to empower users to flag inaccurate content. However, critics argue this system alone may be insufficient to handle misinformation during critical events like elections. Calls for X to strengthen its safety measures follow a recent legal loss to CCDH, which faulted the platform for an increase in hate speech. The report also highlights Musk’s endorsement of Republican candidate Donald Trump as a potential complicating factor, since Musk has also been accused of spreading misinformation himself.
In response to the ongoing scrutiny, five US state officials urged Musk in August to address misinformation on X’s AI chatbot, which has reportedly circulated false claims related to the November election. X has yet to respond to these calls for stricter safeguards, and its ability to manage misinformation effectively remains under close watch as the election approaches.
The US Federal Communications Commission (FCC) is set to review its oversight of global undersea communications cables, marking the first major revision of its rules since 2001. Undersea cables, which carry over 95% of the world’s internet traffic, are seen as increasingly vulnerable to cyber threats and foreign interference, particularly from China and Russia. On 21 November, FCC Chair Jessica Rosenworcel plans to address how the commission’s regulations could adapt to the evolving economic and security challenges facing these crucial cables.
A bipartisan group of senators recently urged the Biden administration to prioritise securing the United States’ undersea infrastructure, highlighting concerns about possible sabotage and the growing involvement of Chinese firms in cable laying and maintenance. Washington has already restricted China from participating in key subsea cable contracts, citing espionage risks, and prevented direct connections between US territory and mainland China or Hong Kong.
In recent years, the US has blocked or canceled multiple subsea cable projects linked to China, emphasising the need to protect internet traffic from potential rerouting and mismanagement. The upcoming FCC review underscores the agency’s commitment to ensuring the resilience of global data flows, with potential policy shifts expected to impact both domestic and international internet security.
Colt Technology Services and Rivada Space Networks collaborate to develop a next-generation connectivity network that leverages innovative satellite technology, specifically utilising a unique global data constellation of 600 low Earth orbit (LEO) satellites. The partnership aims to enhance Colt’s digital infrastructure capabilities by delivering ultra-secure and low-latency connectivity, which combines the high speed of fibre optics with the expansive reach of satellite technology.
Notably, with the first satellite launch planned for 2025 and services expected to commence in 2026, the collaboration effectively addresses the pressing needs of enterprises that require rapid and secure data transfer. Furthermore, Rivada’s ‘Outernet’ allows data to remain in space from origin to destination, resulting in a satellite network with global pole-to-pole coverage and lower latency than traditional terrestrial fibre.
The physically separate network routing enhances security and provides organisations with greater protection when sharing sensitive information, particularly in industries such as banking and finance. In addition to these advancements, Colt Technology Services will join Rivada’s Customer Advisory Board and participate in a series of technical workshops.
These initiatives will facilitate knowledge exchange and strengthen collaboration around the Outernet’s capabilities. Through this strategic alliance, Colt and Rivada aim to revolutionise the connectivity landscape by providing robust, secure, and scalable solutions that meet customers’ evolving needs worldwide.
Canada’s signals intelligence agency has identified China’s hacking activities as the most significant state-sponsored cyber threat facing the country, according to a new threat assessment. The Communications Security Establishment (CSE) highlighted China’s advanced and aggressive cyber campaigns, describing them as highly sophisticated and primarily targeting political and commercial objectives, including espionage, intellectual property theft, and influence operations. This announcement comes amid strained relations between Ottawa and Beijing, fueled by past allegations of Chinese interference in Canada’s electoral process.
The CSE report also noted that Russia’s cyber operations are active in attempts to destabilise Canada and its allies, while Iran poses an additional cyber threat. These findings underscore the ongoing cyber challenges Canada faces from multiple state actors seeking influence and intelligence. The Chinese embassy in Ottawa has not yet commented on the CSE report, and Beijing has historically rejected similar accusations.
Canadian authorities have grown increasingly vocal about foreign interference, with Prime Minister Justin Trudeau previously accusing China of election meddling. Security experts warn that Canada will need to strengthen defenses as geopolitical tensions continue to heighten cyber risks.
Big technology firms, including Microsoft and Meta, are significantly increasing their investments in AI data centres to meet soaring demand, but Wall Street is looking for quicker returns on these expenditures. Both companies reported rising capital expenses due to their AI initiatives, with Alphabet also indicating that its costs would remain elevated. Amazon is expected to follow suit in its upcoming earnings report.
This surge in capital spending could impact profit margins, causing concern among investors. Shares of major tech companies, including Meta and Microsoft, fell by around 4% in premarket trading, despite reporting better-than-expected profits for the July-September quarter. Analysts warn that while the race to build AI capacity is intensifying, it will take time for these investments to yield returns.
Microsoft’s capital expenditures for a single quarter now surpass its total annual spending from prior years. The company noted a 5.3% increase in spending, amounting to $20 billion, while also predicting further increases related to AI. However, they warned of potential slowdowns in growth for their Azure cloud business due to data centre capacity constraints. Similarly, Meta anticipates a “significant acceleration” in AI infrastructure costs next year.
The tech industry is experiencing bottlenecks, particularly as chipmakers like Nvidia struggle to keep up with the demand for AI chips. Advanced Micro Devices has also reported that AI chip demand is outpacing supply, limiting growth potential. Despite these challenges, both Microsoft and Meta maintain that it is still early in the AI cycle and emphasise the long-term benefits of their investments, echoing earlier experiences during the development of cloud technology.
