Encryption

VPN dangers highlighted as UK’s Online Safety Act comes into force

Britons are being urged to proceed with caution before turning to virtual private networks (VPNs) in response to the new age verification requirements set by the Online Safety Act.

The law, now in effect, aims to protect young users by restricting access to adult and sensitive content unless users verify their age.

Instead of offering anonymous access, some platforms now demand personal details such as full names, email addresses, and even bank information to confirm a user’s age.

Although the legislation targets adult websites, many people have reported being blocked from accessing less controversial content, including alcohol-related forums and parts of Wikipedia.

As a result, more users are considering VPNs to bypass these checks. However, cybersecurity experts warn that many VPNs can pose serious risks by exposing users to scams, data theft, and malware. Without proper research, users might install software that compromises their privacy rather than protecting it.

With Ofcom reporting that eight per cent of children aged 8 to 14 in the UK have accessed adult content online, the new rules are viewed as a necessary safeguard. Still, concerns remain about the balance between online safety and digital privacy for adult users.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Australian companies unite cybersecurity defences to combat AI threats

Australian companies are increasingly adopting unified, cloud-based cybersecurity systems as AI reshapes both threats and defences.

A new report from global research firm ISG reveals that many enterprises are shifting away from fragmented, uncoordinated tools and instead opting for centralised platforms that can better detect and counter sophisticated AI-driven attacks.

The rapid rise of generative AI has introduced new risks, including deepfakes, voice cloning and misinformation campaigns targeting elections and public health.

In response, organisations are reinforcing identity protections and integrating AI into their security operations to improve both speed and efficiency. These tools also help offset a growing shortage of cybersecurity professionals.

After a rushed move to the cloud during the pandemic, many businesses retained outdated perimeter-focused security systems. Now, firms are switching to cloud-first strategies that target vulnerabilities at endpoints and prevent misconfigurations instead of relying on legacy solutions.

By reducing overlap in systems like identity management and threat detection, businesses are streamlining defences for better resilience.

ISG also notes a shift in how companies choose cybersecurity providers. Firms like IBM, PwC, Deloitte and Accenture are seen as leaders in the Australian market, while companies such as TCS and AC3 have been flagged as rising stars.

The report further highlights growing demands for compliance and data retention, signalling a broader national effort to enhance cyber readiness across industries.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

White House launches AI Action Plan with Executive Orders on exports and regulation

The White House has unveiled a sweeping AI strategy through its new publication Winning the Race: America’s AI Action Plan.

Released alongside three Executive Orders, the plan outlines the federal government’s next phase in shaping AI policy, focusing on innovation, infrastructure, and global leadership.

The AI Action Plan centres on three key pillars: accelerating AI development, establishing national AI infrastructure, and promoting American AI standards globally. Four consistent themes run through each pillar: regulation and deregulation, investment, research and standardisation, and cybersecurity.

Notably, deregulation is central to the plan’s strategy, particularly in reducing barriers to AI growth and speeding up infrastructure approval for data centres and grid expansion.

Investment plays a dominant role. Federal funds will support AI job training, data access, lab automation, and domestic component manufacturing, instead of relying on foreign suppliers.

Alongside, the plan calls for new national standards, improved dataset quality, and stronger evaluation mechanisms for AI interpretability, control, and safety. A dedicated AI Workforce Research Hub is also proposed.

In parallel, three Executive Orders were issued. One bans ‘woke’ or ideologically biased AI tools in federal use, another fast-tracks data centre development using federal land and brownfield sites, and a third launches an AI exports programme to support full-stack US AI systems globally.

While these moves open new opportunities, they also raise questions around regulation, bias, and the future shape of AI development in the US.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Quantum-resistant crypto wallets now possible without address changes

Sui Research revealed a way for blockchain wallets to upgrade for quantum safety without a hard fork or address changes. The approach, based on EdDSA cryptography, allows compatible networks like Solana, Sui and Near to transition securely with minimal disruption.

Cryptographer Kostas Chalkias described the breakthrough as the first backward-compatible path to quantum safety for wallets. The upgrade uses zero-knowledge proofs to verify private key control without exposing data, keeping original public keys and supporting dormant accounts.

While praised as one of the most important cryptographic advancements in recent years, the upgrade method does not apply to Bitcoin or Ethereum. These networks use different signature methods, which may need bigger changes to stay secure as quantum tech evolves.

Although quantum computers are not yet capable of breaking blockchain encryption, researchers and developers are racing to prepare. The risk of millions of wallets becoming vulnerable has triggered serious debate in the crypto community.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Google states it has not received UK request to weaken encryption

Google has confirmed it has not received a request from the UK government to create a backdoor in its encrypted services. The clarification comes amid ongoing scrutiny of surveillance legislation and its implications for tech companies offering end-to-end encrypted services.

Reports indicate that the UK government may be reconsidering an earlier request for Apple to enable access to user data through a technical backdoor, which is a move that prompted strong opposition from the US government. In response to these developments, US Senator Ron Wyden has sought to clarify whether similar requests were made to other major technology companies.

While Google initially declined to respond to inquiries from Senator Wyden’s office, the company had not received a technical capabilities notice—an official order under UK law that could require companies to enable access to encrypted data.

Senator Wyden, who serves on the Senate Intelligence Committee, addressed the matter in a letter to Director of National Intelligence Tulsi Gabbard. The letter urged the US intelligence community to assess the potential national security implications of the UK’s surveillance laws and any undisclosed requests to US companies.

Meta, which offers encrypted messaging through WhatsApp and Facebook Messenger, also stated in a 17 March communication to Wyden’s office that it had ‘not received an order to backdoor our encrypted services, like that reported about Apple.’

While companies operating in the UK may be restricted from disclosing certain surveillance orders under law, confirmations such as Google’s provide rare public insight into the current landscape of international encryption policy and cooperation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Tea dating app suspends messaging after the major data breach

The women’s dating safety app Tea has suspended its messaging feature following a cyberattack that exposed thousands of private messages, posts and images.

The app, which helps women run background checks on men, confirmed that direct messages were accessed during the initial breach disclosed in late July.

Tea has 1.6 million users, primarily in the US. Affected users will be contacted directly and offered free identity protection services, including credit monitoring and fraud alerts.

The company said it is working to strengthen its security and will provide updates as the investigation continues. Some of the leaked conversations reportedly contain sensitive discussions about infidelity and abortion.

Experts have warned that the leak of both images and messages raises the risk of emotional harm, blackmail or identity theft. Cybersecurity specialists recommend that users accept the free protection services as soon as possible.

The breach affected those who joined the app before February 2024, including users who submitted ID photos that Tea had promised would be deleted after verification.

Tea is known for allowing women to check if a potential partner is married or has a criminal record, as well as share personal experiences to flag abusive or trustworthy behaviour.

The app’s recent popularity surge has also sparked criticism, with some claiming it unfairly targets men. As users await more information, experts urge caution and vigilance.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Hanwha and Samsung lead Korea’s cyber insurance push

South Korea is stepping up efforts to strengthen its cyber insurance sector as corporate cyberattacks surge across industries. A string of major breaches has revealed widespread vulnerability and renewed demand for more comprehensive digital risk protection.

Hanwha General Insurance launched Korea’s first Cyber Risk Management Centre last November and partnered with global cybersecurity firm Theori and law firm Shin & Kim to expand its offerings.

Despite the growing need, the market remains underdeveloped. Cyber insurance makes up only 1 percent of Korea’s accident insurance sector, with a 2024 report estimating local cyber premiums at $50 million, just 0.3 percent of the global total.

Regulators and industry voices call for higher mandatory coverage, clearer underwriting standards, and financial incentives to promote adoption.

As Korean demand rises, comprehensive policies offering tailored options and emergency coverage are gaining traction, with Hanwha reporting a 200 percent revenue jump in under a year.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

DOJ seizes $2.3 million Bitcoin from Chaos ransomware

The US Department of Justice has moved to seize over $2.3 million in Bitcoin tied to a member of the Chaos ransomware group. The funds, taken from a wallet linked to the individual known as ‘Hors’, are alleged to be proceeds of extortion and money laundering.

Chaos operates as a ransomware-as-a-service group, renting its malware to affiliates targeting Windows, Linux, and NAS systems. The group has been active since early 2025 and is known for encrypting victims’ data while demanding crypto payments under threat of public leaks.

US Federal agents accessed the wallet in April using a recovery seed phrase from an older Electrum platform and transferred the assets to a government-controlled address. The DOJ said the operation demonstrates growing success in disrupting ransomware-related crypto flows.

Despite the seizure, challenges remain as such groups evolve their tactics and benefit from the relative anonymity of decentralised platforms. Authorities stress that continued cross-agency cooperation and advances in blockchain forensics are essential in combating future threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI fuels new wave of global security breaches

Global corporations are under growing threat from increasingly sophisticated cyber attacks as AI tools boost the capabilities of malicious actors.

Allianz Life recently confirmed a breach affecting most of its 1.4 million North American customers, adding to a string of high-profile incidents this year.

Microsoft is also contending with the aftermath of a wide-scale intrusion, as attackers continue to exploit AI-driven methods to bypass traditional defences.

Cybersecurity firm DeepStrike reports that over 560,000 new malware samples are detected daily, underscoring the scale of the threat.

Each month in 2025 has brought fresh incidents. January saw breaches at the UN and Hewlett-Packard, while crypto lender zkLend lost $9.5 million to hackers in February.

March was marked by a significant attack on Elon Musk’s X platform, and Oracle lost six million data records.

April and May were particularly damaging for retailers and financial services. M&S, Harrods, and Coinbase were among the prominent names hit, with the latter facing a $20 million ransom demand. In June, luxury brands and media companies, including Cartier and the Washington Post, were also targeted.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Allianz breach affects most US customers

Allianz Life has confirmed a major cyber breach that exposed sensitive data from most of its 1.4 million customers in North America.

The attack was traced back to 16 July, when a threat actor accessed a third-party cloud system using social engineering tactics.

The cybersecurity breach affected a customer relationship management platform but did not compromise the company’s core network or policy systems.

Allianz Life acted swiftly by notifying the FBI and other regulators, including the attorney general’s office in Maine.

Those impacted are offered two years of credit monitoring and identity theft protection. The company has begun contacting affected individuals but declined to reveal the full number involved due to an ongoing investigation.

No other Allianz subsidiaries were affected by the breach. Allianz Life employs around 2,000 staff in the US and remains a key player within the global insurer’s North American operations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!