Microsoft is set to host a cybersecurity summit on Tuesday, following a significant global IT outage in July caused by a faulty software update from security firm CrowdStrike. The outage, which affected nearly 8.5 million Windows devices and disrupted industries like airlines, banks, and healthcare, highlighted vulnerabilities in the cybersecurity landscape.
The summit, held at Microsoft’s Redmond headquarters, will bring together government representatives to discuss ways to strengthen cybersecurity systems. The July incident raised concerns about organisations’ ability to handle system failures and the risks of relying heavily on a single vendor for security solutions.
One of the most impacted companies, Delta Air Lines, reported mass flight cancellations due to the outage, resulting in losses of at least $500 million. The airline is now pursuing legal action against both CrowdStrike and Microsoft.
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has recently updated its Russia General License (GL) 25E, maintaining authorisation for essential and incidental transactions to telecommunications involving the Russian Federation. That license facilitates various internet-based services, including instant messaging, social networking, and e-learning platforms.
It supports the ongoing exchange of communications and allows for the export or reexport of related software, hardware, and technology, provided such transactions comply with the Department of Commerce’s Export Administration Regulations. However, it is important to note that transactions involving significant Russian telecommunications companies designated by OFAC remain unauthorised under this license and must be carefully analysed.
The Department of the Treasury’s Office of Foreign Assets Control has also issued a critical alert regarding Russia’s attempts to evade sanctions by establishing new overseas branches and subsidiaries of Russian financial institutions. That alert warns that these efforts to open new international branches or subsidiaries should be considered potential red flags for sanction evasion.
Financial institutions and foreign regulators are advised to exercise caution when engaging with these entities, as activities such as maintaining accounts, transferring funds, or providing financial services may carry significant risks of facilitating Russia’s attempts to bypass sanctions.
In 2023, the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) reported a significant rise in financial fraud involving cryptocurrencies such as bitcoin, ether, and tether. The IC3 received over 69,000 public complaints about cryptocurrency fraud, resulting in estimated losses exceeding $5.6 billion.
The report highlights that investment scams are the most pervasive form of cryptocurrency exploitation, responsible for nearly 71% of all cryptocurrency-related losses. Call centre frauds, including tech support scams and government impersonation schemes, accounted for about 10% of these losses. The decentralised nature of cryptocurrencies, coupled with the speed and irreversibility of transactions, makes them particularly attractive to criminals and poses substantial challenges in recovering stolen funds.
IC3 plays a central role in aggregating and analysing these complaints to identify trends and develop strategies to combat fraud. Timely and accurate complaint reporting is crucial for aiding law enforcement in their investigations.
Social media platform X experienced an outage on Saturday that lasted for less than an hour, according to Downdetector.com. The outage tracking site recorded over 8,200 reports at the peak of the disruption around 10:31 a.m. ET (1501 GMT). By 11:01 a.m. ET, the number of reports had dropped to fewer than 164, indicating that the platform had largely recovered.
The cause of the outage remains unknown, and X has yet to issue a statement regarding the incident. The company did not respond to requests for comment outside of regular business hours.
Downdetector.com, which tracks outages by gathering status reports from multiple sources, confirmed the swift resolution of the issue, allowing users to regain access to the platform.
Outages on major social media platforms like X can have a significant impact, given their widespread use, but Saturday’s disruption was resolved quickly.
Germany’s domestic intelligence agency has warned about a Russian cyber group tied to the military intelligence agency, GRU. Known as Unit 29155 or UNC2589, the group has been accused of launching cyberattacks against NATO and the EU countries, escalating concerns about Russian interference. In a coordinated effort, Germany’s Bundesverfassungsschutz issued the alert in collaboration with the FBI, US cybersecurity agencies, and other international partners.
The warning follows a wave of suspicion across Europe regarding Russian cyber activities, particularly since the invasion of Ukraine in 2022. Earlier this year, Germany accused Russia of targeting the Social Democratic Party as well as industries like defence, aerospace, and logistics. These attacks have been attributed to UNC2589, also known by other names such as Cadet Blizzard or Ember Bear.
The cyber group is reportedly involved in espionage and sabotage, with tactics that include defacing websites and leaking stolen data. The GRU unit to which it belongs is notorious for its alleged role in the poisoning of former Russian double agent Sergei Skripal and his daughter Yulia in Britain in 2018, further cementing its reputation as a severe threat to international security.
New Mexico has filed a lawsuit against Snap Inc, alleging that Snapchat’s design facilitates the sharing of child sexual exploitation material. Attorney General Raul Torrez stated that a months-long investigation found Snapchat to be a key platform for sextortion, where predators coerce minors into sending explicit content.
Snap said it is reviewing the complaint and will respond in court. The company has invested significant funds into trust and safety measures and continues to work with law enforcement and safety experts to combat such issues.
Snapchat is widely used by teens due to its disappearing message feature, which has been criticised for misleading users. According to Torrez, predators can permanently capture the content, creating a virtual collection of child sexual images that are shared indefinitely.
Investigators opened a decoy Snapchat account as part of the investigation, discovering 10,000 records of child sexual abuse material on the dark web. Snapchat was identified as a major source for such content in these sites. New Mexico also sued Meta last December for similar reasons.
Japan and Australia have recently strengthened their collaboration to enhance economic security for Pacific Island nations, responding to China’s growing influence in the region. The initiative was formalised during a ‘two-plus-two’ meeting of foreign and defence ministers, where both countries committed to establishing the Japan-Australia Pacific Digital Development Initiative.
That framework aims to support the development of telecommunications infrastructure, including installing submarine cables, which are crucial for secure communication. By investing in these projects, Japan and Australia aim to reduce the reliance of Pacific Island nations on Chinese technology, which poses potential security risks due to vulnerabilities in data extraction and disruption.
Additionally, Japan and Australia are upgrading their Economic Security Dialogue and enhancing military collaboration as part of their broader security initiative. The Economic Security Dialogue will explore practical cooperation against economic coercion from China, focusing on enhancing the financial resilience of Pacific Island nations. The two countries are also dispatching a liaison officer from Japan’s Self-Defense Forces to Australia’s Joint Operations Command to improve operational coordination and strengthen their collective defence posture.
Furthermore, both nations have reaffirmed their strong opposition to unilateral attempts to alter the status quo in the East and South China Seas, emphasising their commitment to regional stability and international law.
The White House met with major tech companies and civil society activists on Thursday to address the need for increased digital bandwidth for government-funded tools that help bypass internet censorship. Companies like Amazon, Google, Microsoft, and Cloudflare were encouraged to provide discounted or subsidised server bandwidth for virtual private networks (VPNs) supported by the US-backed Open Technology Fund (OTF).
The OTF has seen a dramatic increase in VPN usage due to rising internet censorship in countries like Russia, Iran, and Myanmar. The number of VPN users has surged from around nine million monthly to over 46 million, driven by heightened demand for privacy and access to uncensored information. Despite receiving additional funding from the US State Department, the OTF struggles to keep up with the increased demand due to high hosting costs.
The meeting aimed to address these challenges by persuading tech giants to help manage the growing need for VPN infrastructure. The OTF’s president, Laura Cunningham, highlighted the urgent need for support to sustain the surge in VPN usage and continue providing critical services to users in restrictive environments.
The US National Telecommunications and Information Administration (NTIA) has launched an inquiry to address the challenges surrounding US data centres’ growth, resilience, and security. This initiative is crucial in light of the increasing demand for computing power driven by advancements in AI and other emerging technologies. Currently, the US has over 5,000 data centres, with demand projected to grow by approximately 9% annually through 2030, highlighting their role as foundational elements of a secure technology ecosystem.
To effectively tackle these challenges, the NTIA has issued a Request for Comment (RFC) to solicit stakeholders’ input on various data centre growth issues. Key focus areas include supply chain resilience, access to trusted equipment, energy demands, and the need for a specialised workforce. The RFC also explores the implications of data centre modernisation on society and the necessary data security practices for facilities hosting AI models. Insights from this inquiry will help develop comprehensive policy recommendations supporting sustainable and resilient data centre growth.
The inquiry is being conducted in coordination with the Department of Energy (DOE), highlighting the importance of addressing energy challenges associated with data centres. The collaboration aims to ensure the US can meet the energy demands of expanding data centre infrastructure while promoting clean energy solutions. The feedback received from the RFC will inform a report that outlines actionable recommendations for the US government, ultimately fostering a robust data centre ecosystem capable of supporting future technological advancements.
The US government indicted two Russian nationals and seized over 30 internet domains on Wednesday, disrupting an operation aimed at influencing the American election. However, an extensive FBI dossier revealed a broader Russian campaign targeting political and social stability in Europe. The 277-page affidavit detailed plans to manipulate politicians, businesspeople, journalists, and influencers in Germany, France, Italy, and the UK, with the Kremlin intending to sow division, discredit the US, and undermine support for Ukraine.
Documents showed the Social Design Agency, under the directive of Sergey Kiriyenko, Deputy Chief of Staff to President Vladimir Putin, orchestrated these efforts. The agency used real posts on social media to bypass bot filters and created ‘doppelgänger domains’ that mimicked reputable media outlets like Reuters and Le Monde to spread fake news. Funded by cryptocurrencies such as bitcoin, these sophisticated methods aimed to provoke rational and emotional anti-West sentiments, questioning the necessity of supporting Ukraine and criticising Americans.
Germany was identified as particularly vulnerable due to its economic ties with Russia. Russian memos stressed discrediting the USA, Great Britain, and NATO, while convincing Germans to oppose sanctions.
Another operation, ‘International Conflict Incitement,’ focused on escalating tensions in France and Germany, using fake articles and targeted social media posts to create conflicts and destabilise these societies.
Why does it matter?
The findings underscore how pervasive strategic manipulation of public opinion through sophisticated cyber operations is. Through FBI evidence, the depth and breadth of these influence operations to escalate internal tensions and to promote the interests of the Russian Federation are made clear, highlighting ongoing geopolitical tensions and the sophisticated nature of modern information warfare.
