Consumer protection

Ransomware disrupts Ingram Micro’s systems and operations

Ingram Micro has confirmed a ransomware attack that affected internal systems and forced some services offline. The global IT distributor says it acted quickly to contain the incident, implemented mitigation steps, and involved cybersecurity experts.

The company is working with a third-party firm to investigate the breach and has informed law enforcement. Order processing and shipping operations have been disrupted while systems are being restored.

While details remain limited, the attack is reportedly linked to the SafePay ransomware group.

According to BleepingComputer, the gang exploited Ingram’s GlobalProtect VPN to gain access last Thursday.

In response, Ingram Micro shut down multiple platforms, including GlobalProtect VPN and its Xvantage AI platform. Employees were instructed to work remotely as a precaution during the response effort.

SafePay first appeared in late 2024 and has targeted over 220 companies. It often breaches networks using password spraying and compromised credentials, primarily through VPNs.

Ingram Micro has not disclosed what data was accessed or the size of the ransom demand.

The company apologised for the disruption and said it is working to restore systems as quickly as possible.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

SatanLock ends operation amid ransomware ecosystem turmoil

SatanLock, a ransomware group active since April 2025, has announced it is shutting down. The group quickly gained notoriety, claiming 67 victims on its now-defunct dark web leak site.

Cybersecurity firm Check Point says more than 65% of these victims had already appeared on other ransomware leak pages. However, this suggests the group may have used shared infrastructure or tried to hijack previously compromised networks.

Such tactics reflect growing disorder within the ransomware ecosystem, where victim double-posting is rising. SatanLock may have been part of a broader criminal network, as it shares ties to families like Babuk-Bjorka and GD Lockersec.

A shutdown message was posted on the gang’s Telegram channel and leak page, announcing plans to leak all stolen data. The reason for the sudden closure has not been disclosed.

Another group, Hunters International, announced its disbandment just days earlier.

Unlike SatanLock, Hunters offered free decryption keys to its victims in a parting gesture.

These back-to-back exits signal possible pressure from law enforcement, rivals, or internal collapse in the ransomware world. Analysts are watching closely to see whether this trend continues.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Survey reveals sharp rise in cyberattacks on Japan’s small businesses

A May 2025 survey by Teikoku Databank reveals that nearly one in three Japanese companies have experienced a cyberattack. The survey targeted over 26,000 businesses and received 10,645 valid responses.

Among respondents, 32% reported having been targeted by cyberattacks. Large firms in Japan were more likely to be affected at 41.9%, compared to 30.3% for small and medium-sized businesses and just 28.1% for small firms.

Interestingly, while larger firms showed a higher lifetime rate, cyber incidents over the past month were more common among smaller enterprises. Around 6.9% of SMEs and 7.9% of small firms were affected, compared to the overall rate of 6.7%.

Teikoku Databank warned of a sharp increase in risk for small businesses, which often lack the robust cybersecurity infrastructure of larger corporations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Inside Visa’s war room: How AI battles $15 trillion in threats

In Virginia’s Data Centre Alley, Visa operates a high-security fraud command centre to protect $15 trillion in annual transactions — nearly 15% of the global economy. With cybercrime growing more sophisticated, the company has spent $12 billion in five years to bolster its AI-powered defences.

‘From lone hackers to criminal syndicates generating hundreds of millions, fraud today is highly structured,’ said Michael Jabbara, Visa’s global head of fraud solutions. Some groups now operate like corporations, with risk managers and customer support.

Much of today’s fraud preys on emotions. Scammers trick people into making payments by posing as romantic interests or sellers. Victims are often lured into schemes run by trafficked workers in scam centres in Myanmar.

Once card details are stolen, criminals test them across websites using recurring micro-charges. These fly under the radar for months, draining money slowly but steadily. Some operations mimic tech firms, offering fraud-as-a-service tools on the dark web.

‘You can buy a full toolkit — the software, instructions, bot access and even a mule network,’ Jabbara said. Brute-force payment attacks are now industrial in scale, enabled by the same cloud infrastructure that powers startups.

Visa’s defence includes round-the-clock global monitoring centres in Virginia, London and Singapore. Inside its Cyber Fusion Centre, teams handle millions of threats daily, mostly stopped automatically. But it’s an arms race — one that never sleeps.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Court ruling raises alarm over saved ChatGPT chats

A US federal court has ordered OpenAI to preserve nearly all user chats with ChatGPT, including those that users had deleted. The decision comes as part of The New York Times’s ongoing copyright lawsuit, triggering widespread privacy concerns.

The ruling means that millions of personal conversations, previously thought erased, will remain accessible during litigation. These exchanges may include medical queries, relationship issues, and other private matters shared in confidence.

Privacy advocates argue that users were not notified or allowed to object. Critics warn the US ruling sets a dangerous precedent, enabling mass data preservation in lawsuits unrelated to most users.

The Times claims users may have deleted chats to hide copyright infringement. Lawyers and privacy experts counter that people delete chats for legitimate, non-infringing reasons and should retain control over their data.

Legal experts call the preservation order excessive, noting it undermines trust in AI tools and could lead to a chilling effect on their use. The decision could reshape how user privacy is treated in tech litigation for years.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU rejects delay for AI Act rollout

The EU has confirmed it will enforce its originally scheduled AI Act, despite growing calls from American and European tech firms to delay the rollout.

Major companies, including Alphabet, Meta, ASML and Mistral, have urged the European Commission to push back the timeline by several years, citing concerns over compliance costs.

Rejecting the pressure, a Commission spokesperson clarified there would be no pause or grace period. The legislation’s deadlines remain, with general-purpose AI rules taking effect this August and stricter requirements for high-risk systems following August 2026.

The AI Act represents the EU’s effort to regulate AI across various sectors, aiming to balance innovation and public safety. While tech giants argue that the rules are too demanding, the EU insists legal certainty is vital and the framework must move forward as planned.

The Commission intends to simplify the process later in the year, such as easing reporting demands for smaller businesses. Yet the core structure and deadlines of the AI Act will not be altered.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Global instability fuels surge in cyberattacks

A surge in cyberattacks is fuelled by global instability, with businesses worldwide now facing heightened risks. A new report by GlobalData warns that rising geopolitical tensions are giving state actors, terrorists, hacktivists and cybercriminals more opportunities to strike.

Conflicts in Ukraine and the Middle East have created a volatile digital landscape. Cyberattackers are exploiting weakened defences, targeting both national infrastructure and private enterprises.

‘Those not after money are often motivated by revenge,’ the report states. The key perpetrators are disgruntled employees, unhappy customers, and ideologically driven hackers. While some attackers aim to cause reputational harm or attract attention, others seek to turn off critical systems.

Nation states, in particular, use cyberwarfare as a strategic tool against rival governments. Businesses are warned to prepare for disruption as cyber threats become more frequent and sophisticated. The report concludes that no organisation is immune in today’s digital and geopolitical uncertainty climate.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

FBI issues warning as airline cyberattacks rise, posing national security threat

Less than a year after the cyberattack that shut down Sea-Tac Airport, the FBI has issued a stark new warning: America’s airlines are now targets. The agency confirmed that the cybercrime gang Scattered Spider is actively attacking aviation systems.

This group, known for crippling MGM Resorts, uses social engineering to bypass security. By posing as airline staff, they access systems, steal data and deploy ransomware within hours of a breach.

WestJet, Hawaiian Airlines and Qantas have all been hit in the last two months alone. Qantas reported a data breach affecting more than six million passengers.

Today’s airlines depend on interconnected digital infrastructure. Disruption to crew scheduling, flight planning or maintenance can trigger chaos across entire networks.

The FBI says these attacks are shifting from isolated incidents to coordinated campaigns. Experts fear that state and non-state actors are watching closely, ready to exploit aviation vulnerabilities.

Aircraft are now flying data centres. Their connectivity brings both efficiency and risk. Flight safety could be at stake if attackers compromise weather feeds or ground systems.

Sea-Tac was a warning. What happens when multiple airports are targeted at once? Fictional scenarios are edging closer to reality.

Previous attacks — from Warsaw to London — exposed system weaknesses. The threat has only grown. It is no longer a question of if, but when.

The industry must act decisively. Stronger identity checks, hardened systems, and real-time intelligence sharing are no longer optional. Cybersecurity must become as essential as flight safety.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

SK Telecom unveils $700B cybersecurity upgrade

SK Telecom has announced a major cybersecurity initiative worth KRW 700 billion, designed to restore trust and enhance information security after a recent incident.

The company’s new programme, called the Accountability and Commitment Program, includes four elements to protect customers and reinforce transparency.

A central part of the initiative is the Information Protection Innovation Plan, which involves a five-year investment to build a world-class cybersecurity system.

The project will follow the US National Institute of Standards and Technology’s Cybersecurity Framework and aims to position SK Telecom as Korea’s leader in information security by 2028.

To further support affected customers, the company is upgrading its Customer Assurance Package and introducing a Customer Appreciation Package to thank users for their patience and loyalty.

A subscription cancellation fee waiver has also been included to reduce friction for those reconsidering their service.

SK Telecom says it will maintain its commitment to customer safety and service reliability, pledging to fully address all concerns and enhance security and service quality across the board.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Spotify hit by AI band hoax controversy

A band called The Velvet Sundown has gone viral on Spotify, gaining over 850,000 monthly listeners, yet almost nothing is known about the people behind it.

With no live performances, interviews, or social media presence for its supposed members, the group has fuelled growing speculation that both it and its music may be AI-generated.

The mystery deepened after Rolling Stone first reported that a spokesperson had admitted the tracks were made using an AI tool called Suno, only to later reveal the spokesperson himself was fake.

The band denies any connection to the individual, stating on Spotify that the account impersonating them on X is also false.

AI detection tools have added to the confusion. Rival platform Deezer flagged the music as ‘100% AI-generated’, although Spotify has remained silent.

While CEO Daniel Ek has said AI music isn’t banned from the platform, he expressed concerns about mimicking real artists.

The case has reignited industry fears over AI’s impact on musicians. Experts warn that public trust in online content is weakening.

Musicians and advocacy groups argue that AI is undercutting creativity by training on human-made songs without permission. As copyright battles continue, pressure is mounting for stronger government regulation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!