Encryption

European Commission targets end-to-end encryption and proposes expanding Europol’s powers into an EU-level FBI equivalent

The European Commission announced ProtectEU, a new internal security strategy that sets out the broad priorities it intends to pursue in the coming years in response to evolving security challenges. While the document outlines strategic objectives, it does not include specific legislative proposals.

The Commission highlighted the need to revisit the European Union’s approach to internal security, citing what it described as ‘a changed security environment and an evolving geopolitical landscape.’ Among the identified challenges are hybrid threats from state and non-state actors, organised crime, and increasing levels of online criminal activity.

One of the key elements of the strategy is the proposed strengthening of Europol’s operational role. The Commission suggests developing Europol into a truly operational police agency to reinforce support to member states, with the capacity to assist in cross-border, large-scale, and complex investigations that present serious risks to the Union’s internal security.

That would bring Europol closer in function to agencies such as the US Federal Bureau of Investigation. The strategy also notes the Commission’s intention to develop roadmaps on ‘lawful and effective access to data for law enforcement’ and encryption.

The strategy aims to ‘identify and assess technological solutions that would enable law enforcement authorities to access encrypted data lawfully, safeguarding cybersecurity and fundamental rights.’ These issues continue to be the subject of technical and legal discussion across jurisdictions.

Other aspects of the strategy address long-standing challenges within the EU’s security framework, including limited situational awareness and coordination at the executive level. The strategy proposes enhancing intelligence-sharing through the EU’s Single Intelligence Analysis Capacity, a mechanism for the voluntary sharing of intelligence by member states, which is currently supported by open-source analysis.

The report further emphasised that the effectiveness of any reforms in this area would depend on the commitment of member states, citing ongoing challenges related to differing national priorities and levels of political alignment. In addition, the Commission announced its intention to propose a new Cybersecurity Act and new measures to secure cloud and telecom services and develop technological sovereignty.

For more information on these topics, visit diplomacy.edu.

UK’s Royal Mail investigates major data breach

Royal Mail is investigating a significant cybersecurity incident after a hacker known as ‘GHNA’ claimed to have leaked 144GB of sensitive customer data. The files were allegedly obtained through Spectos, a third-party analytics provider, and posted on the BreachForums platform. While the leaked information includes names, addresses, parcel data, and internal recordings, Royal Mail stated that its delivery services remain unaffected.

Spectos confirmed a breach on 29 March, explaining that the attack stemmed from a 2021 malware infection that compromised an employee’s credentials. Cybersecurity firm Hudson Rock linked the same login data to another recent attack involving Samsung. The exposed dataset includes thousands of files containing mailing lists from Mailchimp, Zoom meetings, logistics details, and a WordPress database, raising concerns about the security of Royal Mail’s extended network.

The breach is the latest in a series of cyber incidents targeting the UK’s Royal Mail, following a 2023 ransomware attack that halted international shipping and a 2022 outage in its tracking systems. While the full extent of the latest leak remains under investigation, experts warn that prolonged access to internal systems may have occurred before the data was released. No public notification procedures have yet been confirmed.

For more information on these topics, visit diplomacy.edu.

North Korean hacker group cashes in on crypto trade

A wallet linked to North Korea’s notorious Lazarus Group has reportedly sold 40.78 Wrapped Bitcoin (WBTC) for $3.51 million, exchanging it for 1,847 Ethereum (ETH), according to data from SpotOnChain.

Instead of holding onto the ETH, the wallet redistributed 2,507 ETH across three separate addresses, with the largest portion of 1,865 ETH sent to another wallet allegedly tied to the hacker group.

The wallet originally purchased the 40.78 WBTC in February 2023 for around $999,900, when the price of WBTC averaged $24,521. Instead of selling earlier, the group waited until WBTC surged to $83,459, securing a realised profit of $2.51 million, representing a 251% gain over two years.

Lazarus Group, instead of operating openly, has been using complex laundering techniques to move stolen funds, particularly after its attack on crypto exchange Bybit.

In March, the group allegedly laundered nearly 500,000 ETH—worth $1.39 billion—through various transactions in just ten days, instead of keeping the stolen assets in a single location. At least $605 million was processed via the THORChain platform in a single day.

According to Arkham Intelligence, a wallet linked to the group still holds approximately $1.1 billion in crypto, with substantial reserves in Bitcoin, Ethereum, and Tether.

Meanwhile, Google’s Threat Intelligence Group has reported increased efforts by North Korean IT workers to infiltrate European tech and crypto firms, acting as insider operatives for state-sponsored cybercrime networks like Lazarus Group instead of working as legitimate employees.

For more information on these topics, visit diplomacy.edu.

Dutch police struggle with cyberattacks and underfunding

A leaked report has revealed serious financial and digital failings within the Dutch police, including unchecked spending on IT and cybersecurity.

Auditors from Ernst & Young found that the force must cut €160 million, raising concerns over national security and officer safety.

The Dutch Police Union warns that chronic understaffing, daily cyberattacks and a lack of digital resilience have pushed the system to breaking point.

A September data breach affected nearly all officers, and experts say over €300 million is needed to restore proper infrastructure.

Police Chief Janny Knol acknowledged the force underestimated the costs of digital transformation.

Merged systems from 24 regional departments have caused spiralling maintenance issues, while key tech projects run over budget and behind schedule. Urgent reforms are now planned.

For more information on these topics, visit diplomacy.edu.

NHS contractor fined after ransomware attack

The tech firm Advanced, which provides services to the NHS, has been fined over £3 million by the UK data watchdog following a major ransomware attack in 2022.

The breach disrupted NHS systems and exposed personal data from tens of thousands across the country.

Originally facing a £6 million penalty, Advanced saw the fine halved after settling with the Information Commissioner’s Office.

Regulators said the firm failed to implement multi-factor authentication, allowing hackers to access systems using stolen login details.

The LockBit attack caused widespread outages, including access to UK patient data. While Advanced acknowledged the resolution, it declined to offer further comment or name a spokesperson when contacted.

For more information on these topics, visit diplomacy.edu.

Messaging app Signal sees rising popularity in US and Europe

Signal’s president, Meredith Whittaker, defended the app’s security after top US officials mistakenly included a journalist in an encrypted chat about military action in Yemen.

While not addressing the incident directly, Whittaker reiterated Signal’s status as the ‘gold standard in private communications’ and highlighted its open-source, nonprofit model. The app is widely used for its strong encryption, which protects both message content and metadata, unlike some competitors.

Signal has gained popularity in the United States and Europe as a more private alternative to WhatsApp. Data from Sensor Tower shows a 16% rise in US downloads in early 2025 compared to the previous quarter and a 25% increase year-on-year.

Whittaker previously criticised WhatsApp for collecting metadata, which she argued could reveal communication patterns. WhatsApp defended its practices, stating that metadata helps prevent spam and abuse while insisting it does not track personal messages for advertising.

The security lapse involving US officials has renewed debate over encrypted messaging platforms and their vulnerabilities. Signal’s strict privacy measures contrast with WhatsApp’s approach, which retains some metadata for security purposes.

As more users prioritise privacy, Signal continues to grow, with advocates praising its encryption technology and lack of corporate data collection.

For more information on these topics, visit diplomacy.edu.

US report highlights China’s growing military capabilities

A US intelligence report has identified China as the top military and cyber threat, warning of Beijing’s growing capabilities in AI, cyber warfare, and conventional weaponry.

The report highlights China’s ambitions to surpass the US as the leading AI power by 2030 and its steady progress towards military capabilities that could be used to capture Taiwan.

It also warns that China could target US infrastructure through cyberattacks and space-based assets.

The findings, presented to the Senate Intelligence Committee, sparked tensions between Washington and Beijing. Chinese officials rejected the report, accusing the US of using outdated Cold War thinking and hyping the ‘China threat’ to maintain military dominance.

China’s foreign ministry also criticised US support for Taiwan, urging Washington to stop backing separatist movements.

Meanwhile, Beijing dismissed accusations that it has failed to curb fentanyl shipments, a key source of US overdose deaths.

The report also notes that Russia, Iran, and North Korea are working to challenge US influence through military and cyber tactics.

While China continues to expand its global footprint, particularly in Greenland and the Arctic, the report points to internal struggles, including economic slowdowns and demographic challenges, that could weaken the Chinese government’s stability.

The intelligence report underscores ongoing concerns in Washington about Beijing’s long-term ambitions and its potential impact on global security.

For more information on these topics, visit diplomacy.edu.

How to protect your business from infostealer malware and credential theft

Cybercriminals stole billions of login credentials last year using infostealer malware, putting businesses worldwide at serious risk.

These malicious tools quietly harvest passwords and session tokens from infected devices, often within minutes.

To fight back, companies must use strong multi-factor authentication, store passwords in dedicated managers, and protect devices with advanced endpoint security.

Simple browser-stored logins are no longer safe, and attackers are getting better at bypassing weak defences.

Reducing session lifespans, using hardware-backed logins, and training staff to spot phishing threats are all key to staying secure.

By combining tech with human vigilance, organisations can stay ahead of attackers and safeguard their systems and data.

For more information on these topics, visit diplomacy.edu.

AI powers Microsoft’s latest security upgrade

Microsoft has launched a new set of AI agents as part of its Security Copilot platform, aiming to automate key cybersecurity tasks like phishing detection, data protection, and identity management. The release includes six in-house agents and five developed with partners.

Among the tools is a phishing triage agent that can autonomously process routine alerts, freeing analysts to focus on advanced incidents.

Microsoft said its new AI-driven approach goes beyond traditional security platforms, using generative AI to prioritise threats, correlate data, and even recommend or execute responses.

The rollout also brings new capabilities to Microsoft Defender, Entra, and Purview, enhancing organisations’ ability to manage and secure AI systems.

While analysts welcome the move as a step forward in proactive cybersecurity, some warn that full reliance on one platform carries strategic risks like vendor lock-in and reduced flexibility.

Experts suggest a balanced approach that combines Microsoft’s core capabilities with specialised solutions for areas such as threat intelligence and cloud protection, helping organisations stay agile in a fast-evolving threat landscape.

For more information on these topics, visit diplomacy.edu.

New HP printers designed to withstand quantum computing attacks

HP has introduced the 8000 Series printers, designed to protect against future cyber threats posed by quantum computing.

Announced at the Amplify 2025 event, the new models include the HP Color LaserJet Enterprise MFP 8801, Mono MFP 8601, and LaserJet Pro Mono SFP 8501. These printers are built to resist sophisticated attacks that could exploit vulnerabilities at the firmware level.

To enhance security, HP has integrated quantum-resistant cryptography within the printers’ ASIC chips. These chips provide digital signature verification, reducing the risk of unauthorised firmware modifications and potential data breaches.

HP emphasised that, without these safeguards, printers could be fully compromised by malicious firmware updates, allowing attackers to gain persistent control over the devices.

The new printers are also designed to integrate seamlessly with Zero Trust network architectures, reinforcing security within enterprise environments.

By incorporating advanced cryptographic measures, HP aims to future-proof its printing solutions against emerging cybersecurity threats.

For more information on these topics, visit diplomacy.edu.