Encryption

Dutch police struggle with cyberattacks and underfunding

A leaked report has revealed serious financial and digital failings within the Dutch police, including unchecked spending on IT and cybersecurity.

Auditors from Ernst & Young found that the force must cut €160 million, raising concerns over national security and officer safety.

The Dutch Police Union warns that chronic understaffing, daily cyberattacks and a lack of digital resilience have pushed the system to breaking point.

A September data breach affected nearly all officers, and experts say over €300 million is needed to restore proper infrastructure.

Police Chief Janny Knol acknowledged the force underestimated the costs of digital transformation.

Merged systems from 24 regional departments have caused spiralling maintenance issues, while key tech projects run over budget and behind schedule. Urgent reforms are now planned.

For more information on these topics, visit diplomacy.edu.

NHS contractor fined after ransomware attack

The tech firm Advanced, which provides services to the NHS, has been fined over £3 million by the UK data watchdog following a major ransomware attack in 2022.

The breach disrupted NHS systems and exposed personal data from tens of thousands across the country.

Originally facing a £6 million penalty, Advanced saw the fine halved after settling with the Information Commissioner’s Office.

Regulators said the firm failed to implement multi-factor authentication, allowing hackers to access systems using stolen login details.

The LockBit attack caused widespread outages, including access to UK patient data. While Advanced acknowledged the resolution, it declined to offer further comment or name a spokesperson when contacted.

For more information on these topics, visit diplomacy.edu.

Messaging app Signal sees rising popularity in US and Europe

Signal’s president, Meredith Whittaker, defended the app’s security after top US officials mistakenly included a journalist in an encrypted chat about military action in Yemen.

While not addressing the incident directly, Whittaker reiterated Signal’s status as the ‘gold standard in private communications’ and highlighted its open-source, nonprofit model. The app is widely used for its strong encryption, which protects both message content and metadata, unlike some competitors.

Signal has gained popularity in the United States and Europe as a more private alternative to WhatsApp. Data from Sensor Tower shows a 16% rise in US downloads in early 2025 compared to the previous quarter and a 25% increase year-on-year.

Whittaker previously criticised WhatsApp for collecting metadata, which she argued could reveal communication patterns. WhatsApp defended its practices, stating that metadata helps prevent spam and abuse while insisting it does not track personal messages for advertising.

The security lapse involving US officials has renewed debate over encrypted messaging platforms and their vulnerabilities. Signal’s strict privacy measures contrast with WhatsApp’s approach, which retains some metadata for security purposes.

As more users prioritise privacy, Signal continues to grow, with advocates praising its encryption technology and lack of corporate data collection.

For more information on these topics, visit diplomacy.edu.

US report highlights China’s growing military capabilities

A US intelligence report has identified China as the top military and cyber threat, warning of Beijing’s growing capabilities in AI, cyber warfare, and conventional weaponry.

The report highlights China’s ambitions to surpass the US as the leading AI power by 2030 and its steady progress towards military capabilities that could be used to capture Taiwan.

It also warns that China could target US infrastructure through cyberattacks and space-based assets.

The findings, presented to the Senate Intelligence Committee, sparked tensions between Washington and Beijing. Chinese officials rejected the report, accusing the US of using outdated Cold War thinking and hyping the ‘China threat’ to maintain military dominance.

China’s foreign ministry also criticised US support for Taiwan, urging Washington to stop backing separatist movements.

Meanwhile, Beijing dismissed accusations that it has failed to curb fentanyl shipments, a key source of US overdose deaths.

The report also notes that Russia, Iran, and North Korea are working to challenge US influence through military and cyber tactics.

While China continues to expand its global footprint, particularly in Greenland and the Arctic, the report points to internal struggles, including economic slowdowns and demographic challenges, that could weaken the Chinese government’s stability.

The intelligence report underscores ongoing concerns in Washington about Beijing’s long-term ambitions and its potential impact on global security.

For more information on these topics, visit diplomacy.edu.

How to protect your business from infostealer malware and credential theft

Cybercriminals stole billions of login credentials last year using infostealer malware, putting businesses worldwide at serious risk.

These malicious tools quietly harvest passwords and session tokens from infected devices, often within minutes.

To fight back, companies must use strong multi-factor authentication, store passwords in dedicated managers, and protect devices with advanced endpoint security.

Simple browser-stored logins are no longer safe, and attackers are getting better at bypassing weak defences.

Reducing session lifespans, using hardware-backed logins, and training staff to spot phishing threats are all key to staying secure.

By combining tech with human vigilance, organisations can stay ahead of attackers and safeguard their systems and data.

For more information on these topics, visit diplomacy.edu.

AI powers Microsoft’s latest security upgrade

Microsoft has launched a new set of AI agents as part of its Security Copilot platform, aiming to automate key cybersecurity tasks like phishing detection, data protection, and identity management. The release includes six in-house agents and five developed with partners.

Among the tools is a phishing triage agent that can autonomously process routine alerts, freeing analysts to focus on advanced incidents.

Microsoft said its new AI-driven approach goes beyond traditional security platforms, using generative AI to prioritise threats, correlate data, and even recommend or execute responses.

The rollout also brings new capabilities to Microsoft Defender, Entra, and Purview, enhancing organisations’ ability to manage and secure AI systems.

While analysts welcome the move as a step forward in proactive cybersecurity, some warn that full reliance on one platform carries strategic risks like vendor lock-in and reduced flexibility.

Experts suggest a balanced approach that combines Microsoft’s core capabilities with specialised solutions for areas such as threat intelligence and cloud protection, helping organisations stay agile in a fast-evolving threat landscape.

For more information on these topics, visit diplomacy.edu.

New HP printers designed to withstand quantum computing attacks

HP has introduced the 8000 Series printers, designed to protect against future cyber threats posed by quantum computing.

Announced at the Amplify 2025 event, the new models include the HP Color LaserJet Enterprise MFP 8801, Mono MFP 8601, and LaserJet Pro Mono SFP 8501. These printers are built to resist sophisticated attacks that could exploit vulnerabilities at the firmware level.

To enhance security, HP has integrated quantum-resistant cryptography within the printers’ ASIC chips. These chips provide digital signature verification, reducing the risk of unauthorised firmware modifications and potential data breaches.

HP emphasised that, without these safeguards, printers could be fully compromised by malicious firmware updates, allowing attackers to gain persistent control over the devices.

The new printers are also designed to integrate seamlessly with Zero Trust network architectures, reinforcing security within enterprise environments.

By incorporating advanced cryptographic measures, HP aims to future-proof its printing solutions against emerging cybersecurity threats.

For more information on these topics, visit diplomacy.edu.

London court holds secret hearing on Apple’s cloud encryption dispute

A London court has reportedly heard Apple’s appeal against a British government order requiring it to provide access to encrypted cloud storage.

The hearing, held at the Investigatory Powers Tribunal on Friday, took place behind closed doors, with no media or civil rights groups allowed to attend.

The case stems from a ‘technical capability notice’ issued to Apple, which allegedly compelled the company to create a backdoor into its encrypted services. In response, Apple removed its Advanced Data Protection feature for new users in Britain.

Neither Apple nor the UK government has confirmed the existence of the order, but reports suggest it has raised concerns among privacy advocates and foreign governments.

Civil rights groups, including Privacy International and Liberty, have condemned the secrecy of the proceedings, calling the order ‘unacceptable and disproportionate.’

Critics argue that allowing governments to bypass encryption undermines privacy and security for users worldwide. The issue has drawn international attention, with United States officials investigating whether Britain’s actions violated the CLOUD Act, which restricts demands for US citizens’ data.

Government officials have remained tight-lipped, with the Home Office refusing to comment and security ministers maintaining a policy of neither confirming nor denying such notices.

While authorities argue that encryption access is essential for tackling serious crimes, opponents warn that weakening security protections could have far-reaching consequences. The case highlights ongoing tensions between governments and tech companies over privacy, security, and law enforcement.

For more information on these topics, visit diplomacy.edu.

HQC announced as safeguard against future quantum attacks

The National Institute of Standards and Technology (NIST) has introduced HQC, a backup encryption algorithm designed to protect sensitive data from potential threats posed by future quantum computers.

As part of its ongoing efforts to strengthen cybersecurity, the agency selected HQC to complement the existing post-quantum cryptography (PQC) standard, ML-KEM, in case quantum advancements compromise current encryption methods.

HQC relies on error-correcting codes, a mathematical approach used in data protection for decades, including in NASA missions.

The algorithm is larger than ML-KEM and requires more computing power, but experts determined it to be a secure and reliable alternative. A draft standard for HQC is expected within a year, with final approval anticipated by 2027.

NIST has been working to prepare for the so-called ‘Q day,’ when quantum computers could break conventional encryption. Three PQC algorithms were finalized in 2024, including ML-KEM and two digital signature standards.

In addition to announcing HQC, NIST is preparing to release a draft standard for the FALCON algorithm, further strengthening protections against future cyber threats.

For more information on these topics, visit diplomacy.edu.

UK Government removes encryption guidance after calls for iCloud backdoor access

The UK government has removed encryption advice from its official web pages, shortly after requesting backdoor access to encrypted data stored on Apple’s iCloud service.

The change was noticed by security expert Alec Muffett, who highlighted in a blog post that the National Cyber Security Centre (NCSC) no longer recommends encryption for high-risk individuals.

Previously, the NCSC had advised the use of encryption tools such as Apple’s Advanced Data Protection (ADP) for secure iCloud backups, which provide end-to-end encryption to ensure only the user has access to their data.

However, the webpage now redirects to a different page with no mention of encryption, instead recommending Apple’s Lockdown Mode—a security feature designed to limit access to certain phone functions.

Muffett pointed out that the original advice is no longer available on government sites, though it can still be accessed via the Wayback Machine.

This development follows reports that the UK government requested Apple to build a backdoor to access encrypted iCloud data.

In response, Apple removed the ADP feature for new users in the UK and stated that existing users would eventually need to disable it. Apple is reportedly challenging the UK’s data access order in the Investigatory Powers Tribunal (IPT).

For more information on these topics, visit diplomacy.edu.

Diplo chatbot can make mistakes. Consider checking important information.