Network security Archives | Page 116 of 177

Binance faces new investigation in France over alleged crimes

French prosecutors have launched a new investigation into Binance, marking the second time authorities have scrutinised the crypto exchange. The probe includes allegations of drug trafficking, money laundering, and tax evasion, with possible additional charges yet to be disclosed. This follows an earlier inquiry in 2023 over suspected financial crimes linked to the platform.

Regulators worldwide have tightened their grip on cryptocurrency firms after the collapse of FTX and other high-profile failures. Binance has faced mounting legal challenges, including a record $4.3 billion settlement with US authorities. Despite leadership changes, including the resignation of founder Changpeng Zhao, the company remains under regulatory pressure.

As Binance navigates legal battles across multiple jurisdictions, its future in key markets remains uncertain. The latest investigation in France adds to the exchange’s ongoing struggles, reinforcing the global crackdown on crypto platforms accused of financial misconduct.

OpenAI warns about Chinese firms accessing US AI

OpenAI has raised concerns about Chinese companies attempting to access US AI technologies to enhance their models. In a statement released on Tuesday, OpenAI highlighted the critical need to protect its intellectual property and the most advanced capabilities in its AI systems. The company emphasised that it has put in place countermeasures to safeguard its innovations and is working closely with the US government to protect the technology from being exploited by competitors and adversaries.

These comments come in response to the White House’s ongoing review of national security risks posed by Chinese AI companies, particularly the rapidly growing startup DeepSeek. The US government has been looking into potential threats as China increasingly seeks to advance its AI capabilities. David Sacks, the White House’s AI and crypto czar, explained that Chinese firms are using an AI technique called “distillation,” which allows them to extract knowledge from leading US AI models, further raising concerns about intellectual property theft.

OpenAI’s statement underscores the challenges and security risks that arise as AI becomes a critical technology with broad applications, from national defence to economic competitiveness. The company’s efforts to protect its proprietary AI models are part of a broader push by the US to ensure that its technological edge is not compromised by foreign competitors who might attempt to bypass intellectual property protections. The situation highlights the increasing geopolitical tension surrounding AI development, especially as China continues to make significant strides in the field.

Australia warns public over Chinese AI model DeepSeek

The treasurer of Australia, Jim Chalmers, has urged caution regarding the use of the Chinese AI model DeepSeek, citing potential risks associated with the technology. Speaking at a news conference on Monday, Chalmers emphasised that the government is closely monitoring the situation and continuously receiving advice on its implications.

DeepSeek, a cost-efficient AI model released by China, has raised global concerns, particularly over its ability to challenge the dominance of US AI developers. Its debut caused significant market turbulence, with shares of AI chip leader Nvidia plunging by 17% on Monday before making a partial recovery.

The United States has also voiced concerns, announcing an investigation into the national security implications of DeepSeek. The scrutiny highlights growing geopolitical tensions around the advancement and control of AI technologies.

Italy blocks DeepSeek chatbot over privacy concerns

Italy’s data protection authority, the Garante, has ordered the Chinese AI startup DeepSeek to block its chatbot in the country, citing insufficient responses to queries about its privacy policy. The watchdog had requested detailed information on data collection practices, sources, purposes, and storage, particularly concerning whether user data is stored in China. DeepSeek’s failure to adequately address these concerns prompted the Garante to impose an immediate ban and launch an investigation.

DeepSeek had removed its AI assistant from Italian app stores earlier this week but claimed it was not subject to local regulation. Agostino Ghiglia, a member of the Garante’s board, stated that the company’s stance worsened its position. Italian users who had already downloaded the app still reported access to the chatbot, while the web version remains operational. The Garante emphasised that European citizens must have clear consent and data protection guarantees, especially regarding servers located in China.

The Garante’s action highlights growing scrutiny of AI platforms in Europe, with data regulators in Ireland and France also questioning DeepSeek’s privacy practices. Italy‘s proactive approach has drawn attention; the country temporarily banned ChatGPT in 2023 over similar concerns. DeepSeek has positioned its AI as a cost-effective alternative to US models, surpassing ChatGPT as the top-rated app on Apple’s US App Store. However, its refusal to cooperate with European regulators may jeopardise its expansion.

EU sanctions three Russians over 2020 cyberattacks on Estonia

The European Union has imposed sanctions on three Russian nationals for their alleged role in cyberattacks targeting Estonia in 2020. Nikolay Korchagin, 28, Vitaly Shevchenko, 28, and Yuriy Denisov, 45—suspected operatives of the cyber division of Russia’s GRU military intelligence service—are accused of breaching classified Estonian government networks and stealing sensitive data.

According to the Council of the EU, the attacks compromised thousands of confidential documents, including business secrets, health records, and other critical information. In September 2024, Estonia publicly attributed the attack to Unit 29155, marking the first time the country formally identified a state-backed cyber operation.

‘Both a national and an international investigation that included 10 countries showed that Russia aimed to damage national computer systems, obtain sensitive information and strike a blow against our sense of security,’ Estonian Foreign Minister Margus Tsahkna stated at the time.

As part of the sanctions, Korchagin, Shevchenko, and Denisov face an asset freeze, a prohibition on EU individuals and businesses providing them with funds, and a travel ban barring them from entering or transiting through the EU territory.

The move follows a similar decision by the US government in September last year. The US Department of Justice indicted members of Unit 29155 and placed a $10 million bounty for information aiding prosecution. The indictment primarily focused on the WhisperGate cyberattack—a data-wiping operation targeting Ukraine ahead of Russia’s 2022 invasion. Korchagin and Denisov were specifically named in the US sanctions, while Shevchenko was labelled an ‘associated individual’ by the State Department.

Last year, the EU’s credibility in cyber sanctions was undermined when a clerical error in a formal sanctions notice mistakenly identified the wrong Russian intelligence agency responsible for a series of cyberattacks. Additionally, Bart Groothuis, a Dutch MEP and former Ministry of Defence employee, noted that the EU’s response remains fragmented, particularly in comparison to coordinated actions taken by the US and UK.

Europol highlights encryption concerns at the World Economic Forum

At the World Economic Forum in Davos, Europol’s executive director, Catherine De Bolle, urged tech companies to provide law enforcement access to encrypted messages, citing public safety concerns. While she argued this is necessary to combat crime and protect democracy, critics highlighted the risks of undermining encryption, which is essential for privacy and individual freedoms.

De Bolle compared accessing encrypted communications to executing a search warrant in a locked house. However, this analogy oversimplifies the issue, as encryption safeguards sensitive data and ensures private communication, even under authoritarian regimes. Weakening it could lead to widespread misuse, enabling mass surveillance and suppression, as seen in places like Russia.

Advocates for privacy stress that encryption is not merely a barrier to crime but a cornerstone of democracy, enabling free speech and safeguarding against state overreach. While law enforcement has other tools for crime-fighting, creating backdoors to encryption would expose everyone to cyber risks and potentially render digital security obsolete.

If governments succeed in weakening encryption, decentralised solutions backed by blockchain technology could rise, making such access nearly impossible in the future. The debate underscores the critical balance between security and preserving fundamental rights.

Breaking Bad star’s X account hijacked for fake meme coin promotion

Dean Norris, famed for his role as Hank Schrader in Breaking Bad, had his X account hacked to promote a fraudulent memecoin. The coin, DEAN, which briefly reached a market cap of over $8 million, was part of a pump-and-dump scheme. Norris confirmed the hack on 26 January, stating that the coin was a ‘complete, fake scam’ and slamming Reddit users who blamed him for the incident.

The hackers used Norris’s likeness in a doctored video and images to deceive people into thinking he was endorsing the token. Although the promotional posts were eventually removed, screenshots of the fraudulent content circulated online. Blockchain data showed a massive spike in the coin’s value, which quickly collapsed after the scam was exposed.

It is not the first time Norris has been targeted by crypto fraudsters. In November, his account was also hijacked in a similar scheme, with connections to other high-profile account takeovers. Norris, who rarely uses X and does not have a Telegram account, revealed he was unaware of the hack until friends alerted him.

Undersea cable damaged between Latvia and Sweden

A fibre optic cable running under the Baltic Sea between Latvia and Sweden sustained significant damage, likely due to external factors, according to Latvian authorities. The incident prompted NATO to deploy patrol ships and launch a coordinated investigation with Sweden, where the Security Service seized control of a vessel as part of its probe. Latvian Prime Minister Evika Silina confirmed that her government is collaborating with NATO and neighboring Baltic Sea countries to determine the cause.

Senior prosecutor Mats Ljungqvist stated that investigators are conducting several actions but refrained from disclosing details due to the ongoing preliminary inquiry.

NATO’s recently launched ‘Baltic Sentry’ mission, involving naval and aerial assets, aims to safeguard critical infrastructure in the region following a series of incidents affecting cables, pipelines, and telecom links since Russia’s invasion of Ukraine in 2022. The project also includes the deployment of new technologies, including a small fleet of naval drones. Swedish Prime Minister Ulf Kristersson also emphasized close cooperation with NATO and Latvia in response to the situation.

The damaged cable, located in Sweden’s exclusive economic zone, connects Latvia’s Ventspils to Sweden’s Gotland island. The Latvian State Radio and Television Centre (LVRTC), which operates the cable, reported switching communications to alternative routes and is contracting a repair vessel. Repairs are expected to proceed more quickly than those for gas pipelines or power cables, as fibre optic cables in the Baltic Sea are typically restored within weeks.

This incident follows last month’s damage to the Finnish-Estonian Estlink 2 power line and telecom cables, reportedly caused by a Russian tanker dragging its anchor. Finnish and Swedish leaders underscored the importance of bolstering the protection of critical undersea infrastructure in the Baltic Sea. NATO also stated it reserves the right to act against ships deemed security risks while continuing to monitor the situation closely.

Denmark warns of cyber threats to its water infrastructure

Denmark’s national Centre for Cybersecurity (Center for Cybersikkerhed, CCS) has identified a ‘very high’ risk of cyberattacks targeting the country’s water infrastructure following its first official assessment of threats to the sector.

According to CCS acting head Mark Fiedel, the water sector plays a vital role within Denmark’s critical infrastructure, highlighting the potential impacts of disruptions to drinking water supplies.

As an example of the risks faced by the sector, Fiedel noted an incident in December 2024 when hackers accessed a small water plant in Denmark, resulting in a temporary disruption of water services for approximately 50 households.

CCS classifies cyber threats into various categories, including cybercrime, which poses the significant risk to critical infrastructure. Ransomware attacks are among the identified threats, and in 2021, a water plant in Kalundborg reported a ransomware attack that briefly locked technicians out of IT systems.

Japan introduces active cyber defence bill to strengthen national security

Among the 59 bills to be introduced to the Japanese government’s review this year within next 150 days, the Active Cyber Defense Legislation stands out due to its importance for Japan’s national security.

This bill, presented to the Liberal Democratic Party (LDP) on January 16 and swiftly approved, is part of an effort to bolster Japan’s cybersecurity capabilities. We also earlier reported that Japan’s Liberal Democratic Party proposed an ‘active cyber defence’ system, allowing the government to collect telecom metadata to detect and prevent cyberattacks as part of broader national security reforms to strengthen the country’s cybersecurity capabilities.

The proposed legislation includes three main components: improving collaboration between the public and private sectors, allowing the government to access telecommunications data in cases of suspected cyberattacks, and enabling the neutralisation of attackers’ servers. Critical infrastructure sectors such as energy, transportation, and telecommunications would be required to report cyber incidents, with the government offering guidance on damage control and prevention.

The bill also grants the government the ability to monitor specific communications between Japan and foreign nations, but limits this to non-content data to address privacy concerns. In the event of a major cyberattack, the Self-Defense Forces (SDF) may be deployed to defend critical systems.

Although the bill has received widespread support, it faces legal challenges, particularly with regard to Japan’s constitutional protection of communication secrecy and its pacifist defense policies. Despite these concerns, public opinion remains favorable, with a recent poll showing 65% support for the legislation.

The government is moving forward with the proposal, aiming to enhance the protection of Japan’s critical infrastructure from increasing cyber risks. While the Japanese Communist Party opposes the bill, it has gained backing from major opposition parties, highlighting its broad political support.