CISA launches critical infrastructure security partnership

The US Cybersecurity and Infrastructure Security Agency has launched a new advisory framework to strengthen public-private cooperation on critical infrastructure security and resilience.

The initiative, called the Alliance of National Councils for Homeland Operational Resilience, or ANCHOR-CI, is designed to improve information sharing between government and industry and broaden participation across critical infrastructure sectors.

CISA said the framework builds on lessons from the Critical Infrastructure Partnership Advisory Council while expanding engagement to a wider range of public and private stakeholders.

ANCHOR-CI will provide forums for federal, state, local, tribal and territorial officials to engage with critical infrastructure owners, operators and other organisations with responsibilities for cybersecurity, physical security and resilience.

The framework will allow participants to discuss the threat environment, identify vulnerabilities and develop recommendations for securing more resilient critical infrastructure and cyberspace.

CISA will manage the governance of councils established under ANCHOR-CI, including sector, cross-sector, industry and regional councils.

The launch comes as critical infrastructure operators and public authorities face growing pressure from ransomware, cyberespionage and other threats affecting essential services.

Why does it matter?

Critical infrastructure security depends on cooperation between government agencies and the private-sector operators that own or manage many essential services. ANCHOR-CI is important because it creates a new structure for sharing sensitive information, coordinating resilience planning and giving sector stakeholders a formal way to advise the government. The framework could be especially relevant for cyber threats that cross sectors, such as ransomware, supply-chain compromise and attacks on water, energy, transport or communications systems.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK ATOC says social media ban is not enough

The UK Alliance Tackling Online Child Sexual Exploitation and Abuse has welcomed the UK government’s plan to ban social media use by children under 16, while warning that the measure alone will not stop online child sexual abuse.

The alliance said age restrictions on mainstream social media platforms could reduce some risks. Still, children may move to less regulated digital spaces, including encrypted messaging services, gaming platforms and other online environments where grooming, sexual extortion and abuse can continue.

UK ATOC called for a broader, system-wide response focused on prevention, stronger platform accountability and safer-by-design digital services. It said governments, regulators, technology companies and online service providers share responsibility for reducing opportunities for abuse before harm occurs.

The alliance proposed a package of technical, legislative and regulatory measures. These include stronger safeguards in end-to-end encrypted environments, robust age-assurance systems, mandatory safer-by-design principles, stronger enforcement under the Online Safety Act and clearer regulation of AI chatbots and companion services.

It also called for device-level nudity detection, upload prevention for known child sexual abuse material and measures to address livestreamed abuse, grooming and sexual extortion.

UK ATOC welcomed the government’s plan to introduce nudity-detection tools on children’s devices, describing it as an important additional safeguard.

The statement reflects a wider concern that age bans may reduce children’s exposure to some mainstream platforms, but cannot replace a comprehensive child-safety framework across the broader digital ecosystem.

Why does it matter?

The UK debate shows the limits of age-based social media bans as a child-safety tool. Online child sexual exploitation and abuse can move across platforms, devices, encrypted services, gaming environments and AI-enabled systems. UK ATOC’s response therefore shifts the focus from access restrictions alone towards prevention, safer design, platform duties and technical safeguards that address how abuse actually happens across digital services.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Canada’s CSE expands cyber defence amid growing threats

The Communications Security Establishment Canada (CSE) has published its 2025-2026 Annual Report, detailing the activities of the agency and the Canadian Centre for Cyber Security between April 2025 and March 2026 as cyber threats continued to grow in scale and complexity.

During the reporting period, the Canadian Centre for Cyber Security responded to more than 3,200 cybersecurity incidents affecting federal institutions and critical infrastructure. It also issued 25 alerts, 995 advisories and more than 97,000 notifications through the National Cyber Threat Notification System to 1,363 subscribed organisations.

CSE also took direct action against ten of the ransomware groups causing the greatest harm to Canada and its allies, while completing 1,772 supply chain risk assessments to strengthen cyber resilience across government. During the year, the agency received 13 ministerial authorisations, including four supporting foreign cyber operations.

The report highlights how recent defence investments are supporting work on secure digital infrastructure, stronger cyber defence capabilities, AI, post-quantum cryptography and deeper collaboration with trusted international partners.

Minister of National Defence David J. McGuinty said the report demonstrates the importance of CSE’s work to Canada’s security and economic well-being. Chief of CSE Caroline Xavier noted that the agency will mark its 80th anniversary in 2026 and said recent investments are providing the tools needed to address an increasingly complex threat environment.

Why does it matter?

The report illustrates how national cybersecurity agencies are shifting from responding to isolated incidents to maintaining continuous operations against increasingly sophisticated digital threats. Activities ranging from ransomware disruption to supply chain assessments demonstrate the expanding role of cyber defence in protecting governments and critical infrastructure.

The emphasis on AI, post-quantum cryptography and secure digital infrastructure also signals Canada’s long-term approach to cybersecurity. By investing in emerging technologies while strengthening cooperation with allies, CSE is preparing for a threat environment in which cyber resilience is closely tied to national security, economic stability and technological competitiveness.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Australia doubles penalties and expands eSafety powers under social media age law

The Australian Government has introduced legislation to strengthen enforcement of its minimum age law for social media platforms, expanding the powers of the eSafety Commissioner and significantly increasing penalties for non-compliance.

The reforms are intended to strengthen oversight of platforms operating in Australia that fail to prevent users under the age of 16 from accessing their services.

Under the proposed legislation, the eSafety Commissioner would receive enhanced information-gathering powers, including the authority to compel platforms and relevant third parties, such as age assurance providers and app stores, to provide documents and evidence demonstrating compliance.

The reforms would also substantially increase penalties for failing to comply with information requests and for systemic breaches of the legislation.

The government said millions of accounts belonging to users under 16 have already been removed, deactivated or restricted since the law entered into force.

However, the government argues that some major platforms continue to do only the minimum required, prompting the need for stronger enforcement powers and greater regulatory accountability.

Why does it matter?

The reforms mark a shift from establishing online child safety rules to enforcing them more aggressively. By expanding the eSafety Commissioner’s investigative powers and increasing penalties, Australia is signalling that platforms will face greater accountability if they fail to implement effective age assurance measures.

The legislation also reinforces Australia’s position as one of the most active jurisdictions in regulating children’s online safety. Its approach could influence other countries considering stronger enforcement mechanisms for age verification, platform responsibility and the protection of minors in digital environments.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

KIDZONET joins IWF to strengthen child online safety

KIDZONET has joined the Internet Watch Foundation (IWF), strengthening its efforts to protect children online through network-level safeguards.

The company provides child online safety services to telecommunications operators, internet service providers, governments and schools, helping them create safer digital environments without requiring users to install additional software or configure applications.

Through its membership, KIDZONET will integrate the IWF URL List and Non-Photographic Image (NPI) URL List, enabling its partners to identify and block confirmed webpages containing child sexual abuse material more quickly and accurately.

The collaboration reflects a broader move towards embedding child protection directly into internet infrastructure rather than relying solely on platform-level moderation.

By combining KIDZONET’s network-level protection with IWF’s specialist intelligence, the partnership aims to reduce access to criminal content, disrupt its distribution and strengthen protections for children across the digital ecosystem.

Why does it matter?

The partnership highlights a growing shift towards infrastructure-based approaches to online child protection. By integrating verified intelligence directly into telecommunications and internet networks, organisations can prevent access to child sexual abuse material before users encounter it, complementing platform-level moderation and law enforcement efforts.

It also demonstrates the importance of collaboration between specialist organisations and network providers. Combining trusted threat intelligence with network-level filtering can improve the speed and consistency of blocking illegal content while strengthening the broader digital ecosystem’s ability to combat online child sexual exploitation.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EU launches funding for youth-centred social media platforms

The European Commission has launched a €1.48 million call for proposals to support the development and testing of safer, more inclusive social media platforms designed for young people.

The initiative aims to involve young people from diverse backgrounds in designing digital services that prioritise privacy, well-being, accessibility and user safety.

Selected projects will develop or enhance protocol-based social media platforms aligned with EU values, while giving users greater control over their data, content moderation and overall online experience.

The programme also supports market analysis, platform development, adoption strategies and recommendations for the future of social media in the EU.

Why does it matter?

The initiative reflects the EU’s growing emphasis on promoting digital platforms that prioritise user wellbeing, privacy and safety rather than engagement-driven business models. By supporting protocol-based alternatives, the Commission is seeking to encourage a more open and user-centric social media ecosystem.

It also highlights a broader policy shift towards involving young people directly in the design of digital services. Giving users greater control over their data, online experience and content moderation aligns with the EU’s wider objectives on digital rights, platform accountability and safer online environments.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Europol highlights technology-driven organised crime threats

The European Commission, Europol and the Cypriot Presidency of the Council of the EU have presented a new assessment of Europe’s most threatening organised criminal networks, warning that they are becoming increasingly adaptive, technologically advanced and deeply embedded across the region.

The report finds that organised crime is expanding across multiple sectors, including drug trafficking, cybercrime, migrant smuggling, human trafficking, fraud and money laundering.

Criminal organisations are increasingly exploiting digital technologies, global trade routes and legitimate business structures while operating through flexible cross-border networks instead of traditional hierarchical organisations.

The European Commission said stronger cross-border cooperation and an updated Europol mandate are needed to respond to increasingly digital, cross-border and technologically sophisticated forms of organised crime.

Why does it matter?

The assessment highlights how organised crime is evolving alongside digital transformation. Criminal networks are increasingly using digital technologies, legitimate businesses and international supply chains to expand their operations, making traditional law enforcement approaches less effective against increasingly decentralised and cross-border threats.

The report also reinforces the need for stronger European cooperation. As cybercrime, fraud and money laundering become more interconnected with other forms of organised crime, improved intelligence sharing, operational coordination and investigative capabilities will be essential to disrupting criminal networks operating across multiple jurisdictions.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Australia pushes more AI nudify services offline over child safety

Three more AI-powered ‘nudify’ services have withdrawn access for Australian users after enforcement action by Australia’s eSafety Commissioner under the country’s Age-Restricted Material codes.

The codes require AI services that allow users to access or generate age-restricted material, including sexually explicit material, to put appropriate age-assurance measures in place to prevent access by children under 18.

The latest action followed a formal Direction to Comply issued to one of the most widely used nudify services in Australia, requiring the provider to implement stronger protections within 14 days. Instead, the company disabled access for Australian users, while two associated services also withdrew.

eSafety said users in Australia will no longer be able to log in or use the service’s features, although landing pages may remain visible with content blurred.

The regulator said AI nudification tools pose serious risks because they can be used to create non-consensual sexually explicit deepfakes and child sexual exploitation material. It has also warned that such tools are increasingly being misused in school settings.

The action is part of eSafety’s broader enforcement focus on generative AI and nudify services now that Australia’s online safety codes and standards are in force. The regulator said seven of the most frequently accessed nudify services in Australia have either withdrawn from the market or introduced age-assurance measures following intervention.

Australia is also preparing further legislation to prohibit nudify services used to generate non-consensual sexually explicit material.

Why does it matter?

Australia’s approach shows how regulators can use age-assurance and online safety rules to restrict children’s access to high-risk generative AI tools before new AI-specific laws are fully in place. The case is also important because nudify services sit at the intersection of AI-generated abuse, child protection, image-based harm and platform accountability. By forcing services to either introduce safeguards or withdraw access, eSafety is creating a practical enforcement model that other jurisdictions may closely watch.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

IWF urges EU to restore legal basis for voluntary CSAM detection

The Internet Watch Foundation has urged the EU policymakers to adopt a permanent legal framework allowing technology companies to voluntarily detect, report and remove child sexual abuse material online.

The organisation said Europe cannot keep relying on children to protect themselves from online predators, warning that awareness campaigns and digital literacy measures cannot replace platform responsibility, technical safeguards and proactive detection tools.

The IWF said the EU’s failure to agree on a long-term Child Sexual Abuse Regulation has created legal uncertainty after the expiry of the temporary framework that previously allowed online services to use voluntary detection measures.

According to the organisation, child sexual abuse increasingly begins online through grooming, coercion, sextortion and blackmail. The IWF said that more than a quarter of the 500,000 unique child sexual abuse images and videos it identified in 2025 were self-generated after children were manipulated into creating explicit material.

The group argues that voluntary detection should become a minimum standard across the EU, supported by legal safeguards that protect privacy and prevent misuse.

The debate remains one of the EU’s most contested digital policy issues. Child-safety organisations warn that legal uncertainty could reduce the detection of abuse, while privacy advocates have raised concerns about surveillance, false positives and the scanning of private communications.

The IWF said policymakers should not treat child protection and privacy as a binary choice, but should create a framework that allows technology companies to detect abuse while maintaining appropriate safeguards.

Why does it matter?

The debate goes to the heart of EU online safety policy: how to protect children from grooming, sextortion and the circulation of abuse material while preserving privacy and communications rights. The IWF’s intervention highlights the child-protection argument for legal certainty around voluntary detection tools. At the same time, the controversy shows why any permanent framework will need strong safeguards, transparency and limits on how detection technologies are used.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Microsoft and Europol disrupt Amadey and StealC malware infrastructure

Microsoft has disrupted more than 200 command-and-control servers linked to Amadey and StealC, two widely used cybercrime tools that support credential theft, fraud and ransomware attacks.

The company’s Digital Crimes Unit said the action targeted the shared infrastructure behind the two tools rather than treating them as separate threats. In the first two weeks of May, Amadey and StealC were linked to more than 140,000 infected computers worldwide.

Amadey is often used to gain access to devices, while StealC is used to steal passwords and sensitive information. Microsoft said the tools form part of a wider cybercrime supply chain in which specialised malware services help attackers turn initial access into fraud, ransomware, espionage or other operations.

Microsoft said investigators used AI, including Copilot, to analyse malware and identify connections between the two tools more quickly. The company said the analysis helped its legal team treat both malware families as part of a single conspiracy under the US Racketeer Influenced and Corrupt Organizations Act.

The action was carried out with Europol and industry partners, including ESET, BitSight, Lumen and Mitsui Bussan Secure Directions. Europol’s European Cybercrime Centre also investigated StealC as part of Operation Endgame, alongside European law enforcement partners and cybersecurity companies, including IBM X-Force and Proofpoint.

Microsoft said it has identified more than 18,000 victim computers since the start of the operation and is working with telecommunications providers to help protect affected users.

The company said findings from the case will feed into its Statutory Automated Disruption programme, which accelerates the removal of malicious domains and infrastructure.

Why does it matter?

The operation reflects a shift in cybercrime disruption strategy. Instead of targeting one malware family or service at a time, Microsoft and its partners focused on the shared infrastructure that allows criminal tools to work together. That matters because modern cybercrime increasingly operates as a modular supply chain: one tool gains access, another steals credentials, and other actors monetise that access through fraud, ransomware or espionage. The use of AI to accelerate malware analysis also points to how defenders are trying to match the speed and scale of cybercriminal operations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot