Malaysia is moving forward with a plan to regulate social media platforms by requiring them to obtain licences if they have more than eight million users. The move aims to tackle rising cybercrime in the country, with legal action possible for non-compliance by January 2025. While tech industry group Asia Internet Coalition (AIC), whose members include Google, Meta, and X, raised concerns over the clarity of the regulations, Communications Minister Fahmi Fadzil stated that tech companies must respect Malaysian laws if they wish to continue operating.
The AIC initially called for a pause on the plan in an open letter to Prime Minister Anwar Ibrahim, describing the licensing regime as ‘unworkable’ and warning it could stifle innovation by placing undue burdens on businesses. The group also highlighted the need for formal public consultation, leaving uncertainty regarding the obligations imposed on social media companies. However, the letter was later edited, removing references to the regulations being ‘unworkable’ and deleting a list of AIC member companies.
Malaysia‘s communications ministry has remained firm on the new regulations, asserting that its laws are bigger than the tech giants operating within its borders. The government has been in discussions with industry representatives and plans to conduct a public inquiry to gather feedback from industry players and the public on the regulatory framework. Despite the objections from AIC, implementing the new licensing regime is set to proceed without delay.
Google has introduced a new AI-powered chat assistant to help YouTube creators recover hacked accounts. Currently, in testing, the tool is accessible to select users and aims to guide them through securing their accounts. The AI assistant will assist affected users by helping them regain control of their login details and reverse any changes made by hackers. Presently, the feature supports only the English language, but there are plans to expand its availability.
To use the new tool, users must visit the YouTube Help web page and log into their Google Account. They will then find the option to ‘Recover a hacked YouTube channel’ under the Help Centre menu. This new option opens a chat window with the AI assistant, who will guide them through securing their accounts.
Google’s latest innovation reflects its ongoing commitment to enhancing user security. Although the tool is in its early stages, efforts are being made to make it available to all YouTube creators.
As cyber threats evolve, Google’s AI assistant represents an important step forward in providing robust security solutions. The initiative shows the company’s dedication to protecting its users’ online presence.
Islamic State supporters increasingly use AI to bolster their online presence and create more sophisticated propaganda. A recent video praised a deadly attack in Russia, underscoring the evolving methods used by extremists. While AI has been part of the Islamic State’s toolkit for some time, the video’s high production quality marked a new level of sophistication.
Experts have observed a broader trend of extremist groups exploiting those tools to bypass safety controls on social media. These groups use it to generate content that mixes extremist messaging with popular culture, making it easier to reach and radicalise potential recruits. A study by the Combating Terrorism Center revealed that AI could facilitate attack planning and recruitment, with some tools already providing specific and dangerous guidance.
Why does this matter?
The misuse by extremist groups highlights the urgent need for stronger regulations. While some tech companies have developed ethical standards, concerns persist about the effectiveness of current safety measures. The rapid deployment of technologies without adequate safeguards poses a significant risk as these tools become more accessible to malicious actors.
As the debate over regulation continues, the potential for extremist groups to exploit this technology grows. Experts warn that without more robust oversight, AI could become a powerful tool in the hands of those seeking to spread violence and extremism.
OpenAI has appointed a former Meta executive, Irina Kofman, as head of strategic initiatives. The recruiting of the new entry follows a series of high-profile hires from major tech firms as OpenAI expands. Kofman, who worked on generative AI for five years at Meta, will report directly to Mira Murati, OpenAI’s chief technology officer.
Kofman’s role at OpenAI will involve addressing critical areas such as AI safety and preparedness. Her appointment is part of a broader strategy by OpenAI to bring in seasoned professionals to navigate the competitive landscape, which includes rivals like Google and Meta.
Meta has yet to comment on Kofman’s departure. The company increasingly relies on AI to enhance its advertising business, using the technology to optimise ad placements and provide marketers with tools for better campaign design.
Meta recently announced that it had detected attempts to hack WhatsApp accounts belonging to US officials from both the Biden and Trump administrations. The company linked these efforts to an Iranian hacker group, APT42, which has previously been connected to breaches in the Trump campaign. Meta described the attempts as a small-scale operation using social engineering tactics, where hackers posed as technical support from major companies like AOL, Google, Yahoo, and Microsoft.
After users flagged these suspicious activities, Meta blocked the accounts and confirmed that none of the targeted WhatsApp accounts had been compromised. The company explained that APT42 is known for deploying surveillance software on victims’ mobile devices, enabling them to access calls and text messages and even activate cameras and microphones without detection.
These hacking attempts are reportedly part of a broader campaign targeting US presidential campaigns earlier this month, just ahead of the upcoming presidential election. While Meta did not disclose the identities of those targeted, it indicated that the hackers focused on political and diplomatic figures, as well as business leaders from several countries, including the US, UK, Israel, the Palestinian territories, and Iran.
Meta’s findings underscore the ongoing risks of cyber-attacks targeting political figures and highlight the need for increased vigilance as the US heads into a critical election period.
Microsoft plans to host a cybersecurity summit in September following a global IT outage caused by a flawed update from CrowdStrike in July. The outage disrupted nearly 8.5 million Windows devices and had widespread impacts across sectors, including airlines, banks, and healthcare. In response, Microsoft’s summit, scheduled for 10 September at its Redmond, Washington headquarters, will focus on strengthening cybersecurity systems and include discussions with government representatives and industry stakeholders.
The July outage highlighted the risks of relying on single-vendor cybersecurity solutions, as many organisations struggled to manage the disruption. CrowdStrike, the company at the centre of the incident, faces multiple legal challenges, including a lawsuit from shareholders alleging that the company failed to test its software, leading to the massive disruption properly. Delta Air Lines, one of the companies severely affected, has also initiated legal action, citing at least $500 million in losses due to flight cancellations.
CrowdStrike’s market value has dropped by approximately $9 billion since the outage, and the company is under intense scrutiny as it prepares to report its second-quarter financial results. The upcoming summit is seen as a critical step in addressing the vulnerabilities exposed by the incident and fostering a more resilient cybersecurity ecosystem.
Oilfield services company Halliburton disclosed on Friday that an unauthorised third party had breached some of its systems. The company, which discovered the breach two days prior, has initiated an internal investigation and taken affected systems offline to safeguard its data.
Halliburton is currently assessing the impact of the incident, but as of now, there is no evidence of any disruption to energy services. The US Department of Energy confirmed on Thursday that the breach had not affected the provision of energy services.
The collaboration will focus on creating software tailored to Australia’s regulatory environment. Google will contribute its existing open-source vulnerability database and AI services, while CSIRO will apply its research expertise to enhance the project’s outcomes. The goal is to provide customised cybersecurity solutions that align with local laws and promote greater compliance and trust.
The partnership is part of Google’s commitment to invest A$1 billion in Australia over five years, a pledge made in 2021 amidst Australia’s efforts to enforce stricter regulations on global tech companies. The collaboration is seen as a critical step in bolstering the country’s defences against cyber threats.
Why does this matter?
The Australian government has recently imposed stricter requirements on critical infrastructure operators to report and prevent cyberattacks following a series of breaches that compromised the personal data of millions of Australians. The tools developed through this partnership aim to mitigate such risks and ensure the security of essential services.
The findings from this research will be made publicly available, ensuring that critical infrastructure operators can easily access the information and improve their cybersecurity measures.
Tech platforms are under increasing pressure from Sweden and Denmark to address the rising issue of gang recruitment ads targeting young Swedes. These ads, often found on platforms like Telegram and TikTok, are being used to recruit individuals for violent crimes across the Nordic region. Concerns have grown as Swedish gang violence has begun spilling over into neighbouring countries, with incidents of Swedish gang members being hired for violent acts in Denmark.
The justice ministers of both countries announced their plans to summon tech companies to discuss their role in enabling these activities. They will demand that the platforms take greater responsibility and implement stronger measures to prevent gang-related content. If the responses from these companies are deemed insufficient, further action may be considered to increase pressure on them.
Danish Minister of Justice Peter Hummelgaard highlighted the challenges posed by encrypted services and social media, which are often used to facilitate criminal activities. Although current legal frameworks do not allow for geoblocking or shutting down such platforms, efforts are being made to explore new avenues to curb their misuse.
Sweden, which has the highest rate of gun violence in the European Union, recently announced plans to strengthen police cooperation across the Nordic region. The country is also increasing security measures at its borders with Denmark to prevent further cross-border gang activity. The growing concern over gang-related violence underscores the urgent need for coordinated efforts between governments and tech platforms.
Halliburton, a major US oilfield services company, experienced a cyberattack on Wednesday, affecting certain systems and disrupting business operations at its north Houston campus and global networks. The company is working with external experts to resolve the issue and has advised some staff not to connect to internal networks as they investigate the cause and impact of the attack.
Cyberattacks have become a significant concern for the energy sector following high-profile incidents like the 2021 Colonial Pipeline ransomware attack that led to fuel shortages and price spikes. Although details about the Halliburton attack remain unclear, ransomware attacks typically involve hackers encrypting data and demanding payment for its release, with threats to leak confidential information if their demands are not met.
Halliburton, one of the largest oilfield services firms globally, is now the latest in a series of major US companies targeted by cybercriminals, raising further alarm in an industry already on high alert for such threats.
