Cybersecurity

Major US telecoms reportedly hit by Chinese cyberattack on wiretap systems

Chinese hackers reportedly accessed US broadband networks, compromising systems used for government-authorised wiretapping. The Wall Street Journal revealed that major telecom providers, including Verizon, AT&T, and Lumen Technologies, were affected by the breach.

Hackers are believed to have maintained access for months, enabling them to intercept internet traffic and sensitive communications data. US investigators, who labelled the hacking group ‘Salt Typhoon’, indicated that the breach was intelligence-focused.

China’s foreign ministry responded to the accusations, denying knowledge of the incident and condemning the US for what they called ‘a false narrative’. Beijing had previously denied involvement in similar cyber-espionage claims.

Lumen Technologies declined to comment, while Verizon and AT&T did not respond immediately. The breach follows the exposure of another Chinese hacking group earlier this year, as part of a broader campaign by US law enforcement.

UN report: Telegram used by Southeast Asian crime syndicates

Criminal networks in Southeast Asia are increasingly exploiting Telegram for large-scale illicit activities, according to a new report from the United Nations. The encrypted messaging app is used to trade hacked data, including credit card details and passwords, across sprawling, poorly-moderated channels. The report also notes that unlicensed cryptocurrency exchanges on the platform provide money laundering services.

Fraud tools, such as deepfake software and data-stealing malware, are widely sold, enabling organised crime syndicates to innovate and expand their operations. One vendor in Chinese reportedly claimed to move millions in stolen cryptocurrency daily. Southeast Asia has become a hub for these activities, where criminal groups target victims worldwide, generating up to $36.5 billion annually.

The controversy surrounding Telegram escalated when its founder, Pavel Durov, was arrested in Paris for allowing criminal activity on the platform. Durov, who is now out on bail, has since announced steps to cooperate with law enforcement by sharing users’ information when requested legally and removing certain features used for illegal purposes.

As the UNODC report warns, the widespread use of Telegram for underground markets places consumers’ data at heightened risk. Criminals are not only exploiting technology like artificial intelligence but are also leveraging the platform’s ease of use to target victims globally.

Starlink to test new satellite limits in Romania

In partnership with Romania’s National Authority for Communications Administration and Regulation (ANCOM) and the Ministry of National Defence, Starlink is conducting an innovative real-world test to assess whether its non-geostationary satellite (NGSO) systems can operate without interfering with geostationary satellite (GSO) networks. The test aims to investigate relaxed power flux density (EPFD) limits, which, if successful, could enable Starlink satellites to operate at up to eight times the current capacity allowed by the International Telecommunication Union (ITU) while ensuring the protection of GSO networks.

Moreover, the existing EPFD limits, established 25 years ago, were designed to prevent unacceptable interference with GSO Fixed Satellite Service (FSS) and Broadcasting Satellite Service (BSS) networks. However, many experts contend that these limits may no longer be relevant. Consequently, ANCOM has initiated this testing campaign to contribute valuable insights to ongoing ITU studies regarding EPFD limits and their implications for GSO networks.

Furthermore, the test includes installing equipment to monitor signal and interference levels, with specific protection criteria set at a 10% aggregate increase in service unavailability and a 3% increase in individual service unavailability. Over the course of at least six months, SpaceX will exceed the current EPFD limits in a designated area to collect essential operational data.

The findings will subsequently be presented at ITU meetings to demonstrate that efficient NGSO operations can coexist harmoniously with GSO networks. Additionally, Romania underscores the importance of establishing a regulatory framework that balances the protection of geostationary networks with the potential of NGSO networks to enhance connectivity. As a result, ITU is set to review EPFD limits at the upcoming World Radiocommunication Conference (WRC-27), where Romania will advocate for a collaborative approach to harness both types of satellites effectively.

US and Poland sign cybersecurity MOU to enhance global digital security and cooperation

The US Department of Homeland Security (DHS) and the Polish Ministry of Digital Affairs (MDA) have signed a Memorandum of Understanding (MOU) to bolster their collaboration in cybersecurity and emerging technology. This MOU strengthens the longstanding partnership between the United States and Poland, providing a structured framework for coordinated efforts in addressing global security challenges, including cyber threats and responsible technology development.

By focusing on key areas such as cyber policy, Secure by Design practices, information sharing, incident response, human capital development, and the safe deployment of AI and the Internet of Things (IoT), both nations demonstrate a shared commitment to transatlantic security. The timing of this MOU, which coincides with the Fourth Counter Ransomware Initiative Summit, reflects a united stance against the growing ransomware threat, as nearly 70 countries gathered to reinforce global resilience against cybercrime.

Various agencies will spearhead the implementation of the MOU as part of the agreement. In the United States, DHS entities like the Cybersecurity and Infrastructure Security Agency (CISA), the Office of Strategy, Policy, and Plans, and the Science and Technology Directorate will drive projects that enhance cybersecurity and support critical infrastructure. On the Polish side, the National Research Institute (NASK) will be instrumental in coordinating these efforts, positioning Poland for its upcoming EU Council presidency in 2025, where it aims to strengthen US-EU relations and prioritise European information security.

Why does it matter?

Together, these agencies will focus on collaborative initiatives that ensure safe technology practices, build critical skills, and enable a proactive response to digital threats, securing a stronger digital future for both nations.

FERMA calls on European institutions to simplify cyber reporting obligations

The Federation of European Risk Management Associations (FERMA) has called on European institutions to simplify cyber reporting requirements and consider the insurance implications of cyber legislation. This appeal follows the release of the Cyber Reporting Stack report, developed in collaboration with WTW, which offers risk managers vital guidance on navigating the landscape of cyber policy and reporting obligations.

The report outlines current and forthcoming regulations, along with incident reporting requirements, featuring the General Data Protection Regulation (GDPR), Network and Information Security (NIS) 2 Directive, the Digital Operational Resilience Act (DORA), and the Cyber Resilience Act (CRA).

Charlotte Hedemark, President of FERMA, highlighted the growing burden of cyber reporting and added that FERMA believes companies need a streamlined and consistent set of requirements for reporting cyber incidents. The report recommends establishing a ‘single point of entry’ for cyber incident notifications and guides EU member states to streamline their processes and participant involvement.

Philippe Cotelle, Chair of FERMA’s Digital Committee, emphasised there currently needs to be regulations specifying the necessary risk management measures or considering their insurance implications.

INTERPOL operation with Swiss police led to eight arrested in West Africa for phishing

Eight individuals have been arrested in an ongoing international effort to combat cybercrime, significantly disrupting criminal activities in Côte d’Ivoire and Nigeria. These arrests were made during INTERPOL’s Operation Contender 2.0, which focuses on tackling cyber-enabled crimes in West Africa through improved international intelligence sharing.

The suspects were linked to extensive phishing scams aimed at Swiss citizens. They utilised QR codes to direct victims to fraudulent websites that closely resembled legitimate payment platforms, where they solicited sensitive personal information, including login credentials and credit card numbers. The hackers masqueraded as buyers on small advertising sites to build trust or pretended to be customer service agents.

INTERPOL reports that this scheme led to over $1.4 million in financial losses, with Swiss authorities receiving more than 260 reports about the scam between August 2023 and April 2024. As part of the investigation, law enforcement successfully apprehended the main suspect behind these attacks, who admitted to the scheme and revealed that he had made over $1.9 million from it.

Additionally, five other suspects were found engaging in cybercriminal activities at the same location. The investigation continues as authorities work to identify more victims, recover stolen funds, and trace items purchased with the proceeds from the scam.

Forrester: Cybercrime to cost $12 trillion in 2025

Forrester’s 2025 Predictions report outlines critical cybersecurity, risk, and privacy challenges on the horizon. Cybercrime costs are expected to cost $12 trillion by 2025, with regulators stepping up efforts to protect consumer data. Organisations are urged to adopt proactive security measures to mitigate operational impacts, particularly as AI technologies and IoT devices expand.

Another major prediction is that Western governments plan to prohibit certain third-party or open-source software due to rising concerns over software supply chain attacks, which are a leading cause of worldwide data breaches. Increased pressure from Western governments has prompted private companies to produce software bills of materials (SBOMs), enhancing transparency regarding software components.

However, these SBOMs also reveal the reliance on third-party and open-source software in government purchases. In 2025, armed with this knowledge, Forrester says that a government will impose restrictions on a specific open-source component for national security reasons. Consequently, software suppliers will need to eliminate the problematic components and find alternatives to maintain functionality.

Among the key forecasts is the EU issuing its first fine under the new EU AI Act to a general-purpose AI (GPAI) model provider. Forrester warns that companies unprepared for AI regulations will face significant third-party risks. As generative AI models become more widespread, businesses must thoroughly vet providers and gather evidence to avoid fines and investigations. Another major prediction is a large-scale Internet of Things (IoT) device breach, with malicious actors finding it easier to compromise common IoT systems. Such breaches could lead to widespread disruption, forcing organisations to engage in costly remediation efforts.

Forrester also anticipates that Chief Information Security Officers (CISOs) will reduce their focus on generative AI applications by 10%, citing a need for measurable value. Currently, 35% of global CISOs and CIOs prioritise AI to boost employee productivity, but growing disillusionment and limited budgets are expected to hinder further AI adoption. The report reveals that 18% of global AI decision-makers already see budget limitations as a major barrier, a figure projected to increase as organisations struggle to justify investment in AI initiatives.

The report also highlights a rise in cybersecurity incidents. In 2023, 28% of security decision-makers reported six or more data breaches, up 16 percentage points from 2022. Additionally, 72% of those decision-makers experienced data breach costs exceeding $1 million. Despite these alarming statistics, only 16% of global security leaders prioritised testing and refining their incident response processes in 2023, leaving many organisations unprepared for future attacks.

Human-related cybersecurity risks, such as deepfakes, insider data theft, generative AI misuse, and human error, are expected to become more complex as communication channels expand. Forrester also explores how generative AI could reshape identity and access management, addressing challenges like identity administration, audit processes, lifecycle management, and authentication. In conclusion, the report urges companies to brace for evolving threats and adopt forward-thinking strategies to protect their assets as cybersecurity landscapes shift.

Rising fears of foreign interference in US election

Concerns are rising ahead of the US presidential election, with the latest intelligence suggesting interference from foreign nations like Russia, Iran, and China. The annual threat assessment released by the Department of Homeland Security highlights the use of AI by these countries to spread misinformation and create fake websites.

Russian actors have focused on amplifying divisive narratives, particularly around immigration. Iran has adopted a more aggressive approach, posing as activists online to encourage protests related to the conflict in Gaza. China is also seen as a potential player in efforts to undermine confidence in US democratic institutions.

The upcoming election, expected to be highly contested between Kamala Harris and Donald Trump, presents further opportunities for foreign interference. Tensions within the US could be exacerbated by these external efforts, along with potential threats from domestic extremists.

Domestic violent extremism also remains a serious concern. The report warns of the risk posed by lone actors or small cells driven by grievances related to race, religion, or anti-government views. These groups may attempt violent actions to instill fear or disrupt the electoral process.

Russia opens criminal case against Cryptex founders

Russian authorities have initiated a criminal investigation against the founders of UAPS and Cryptex, accusing them of generating over $40 million in illegal profits. It follows allegations of running unlicensed banking operations, unauthorised access to protected information, and creating a payment infrastructure that supported cybercriminal activities. The probe is being led by Moscow’s Investigative Committee.

UAPS, established in 2013, and Cryptex, launched in 2018, were primarily used by criminals for illegal currency exchanges and money laundering. In 2023 alone, the network saw more than $1.2 billion in illicit transactions. Russian law enforcement conducted 148 raids across 14 regions, detaining 96 suspects, many of whom face charges of organised crime and illegal banking.

The investigation comes just days after OFAC sanctioned Cryptex and its founder, Sergey Ivanov, accusing them of laundering funds linked to ransomware attacks and darknet markets. US authorities have labelled Ivanov’s other exchange, PM2BTC, as a major money laundering concern.

Thousands of Indians trapped in Southeast Asia cyber scams

Tens of thousands of Indian nationals are reportedly ensnared in Southeast Asia, coerced into participating in cyber scams, including cryptocurrency fraud and phishing schemes. These individuals are often lured by enticing job offers for IT and data entry positions, only to find their passports confiscated upon arrival in countries like Cambodia and Laos, leaving them trapped in guarded compounds under inhumane conditions.

The Indian government has taken action, launching rescue efforts and collaborating with international organisations and local authorities to repatriate citizens caught in these cyber slavery networks. Recent reports indicate that Indian nationals have lost approximately 500 crores (about $60 million) to these operations between October 2023 and March 2024. Alarmingly, nearly 30,000 Indians who travelled to Southeast Asia from January 2022 to May 2024 have not returned home.

Investigations suggest that these cyber scams may be part of a more extensive human trafficking operation, linking financial fraud to severe exploitation. This alarming connection has drawn the attention of international authorities, including the US Department of the Treasury, which recently imposed sanctions on a Cambodian senator involved in these illicit activities.

As the situation unfolds, the Indian government is intensifying its efforts to crack down on these networks, including blocking international spoofed calls and monitoring suspicious activity in Southeast Asia to protect its citizens.

Diplo chatbot can make mistakes. Consider checking important information.