Geopolitical tensions drive OT and ICS cyberattacks, a new report warns

Attacks on operational technology (OT) networks have increased, driven in part by geopolitical factors, with OT security gaining broader attention, according to the annual report from Dragos.

In 2024, two additional threat groups began targeting OT systems, bringing the total number of known active groups to nine.

Additionally, researchers from Dragos identified two new malware families designed to compromise industrial control systems (ICS).

According to Dragos’ annual report, barriers to OT/ICS attacks have lowered, making these systems more accessible targets for adversaries.

Ransomware attacks against OT/ICS asset owners also increased by 87% in 2024, with the number of ransomware groups targeting these systems growing by 60%.

Dragos monitors 23 threat groups that engage with OT networks for intelligence gathering or system manipulation. Nine of these groups were active in 2024, including two newly identified ones.

For more information on these topics, visit diplomacy.edu

Coinbase calls for a unified crypto scam reporting system

The reporting system for crypto scams in the US is fragmented and needs to be unified, according to Coinbase’s chief security officer, Philip Martin. Speaking at the SXSW conference, Martin explained that victims often struggle to know where to report scams, with different organisations handling cases in a disjointed manner. He called for a single reporting system that would help track the scale of the issue and improve coordination between organisations.

Martin pointed out that victims of crypto scams often feel frustrated, as many reports seem to go unnoticed, especially with platforms like the FBI’s Internet Crime Complaint Centre (IC3). He suggested that a more centralised approach would provide better visibility for victims and more effective resources to address the problem.

In addition, Martin noted that many crypto scams originate from outside the US, making it harder for law enforcement to take action. He advocated for stronger international cooperation to ensure scammers have no safe havens. Meanwhile, California’s financial regulator reported over 2,600 complaints last year, revealing new types of scams in the crypto space.

For more information on these topics, visit diplomacy.edu

Allstate faces lawsuit for security failures in data breach

New York State has taken legal action against Allstate, accusing its National General unit of mishandling customer data security and failing to report a breach that exposed sensitive information.

The state’s Attorney General, Letitia James, filed the lawsuit in Manhattan, claiming that the breaches, which occurred in 2020 and 2021, resulted in hackers accessing the driver’s license numbers of over 360,000 people.

According to the lawsuit, National General did not notify affected drivers or state agencies about the first breach, which occurred between August and November 2020.

The second, larger breach, was discovered three months later in January 2021. James alleges that National General violated the state’s Stop Hacks and Improve Electronic Data Security Act by failing to protect customer information adequately.

In response, Allstate defended its actions, stating that it had resolved the issue years ago, secured its systems, and offered free credit monitoring to affected consumers.

The lawsuit seeks civil fines of $5,000 per violation, in addition to other remedies. This legal action follows similar penalties imposed on other US companies for data security lapses, including fines for Geico and Travelers.

For more information on these topics, visit diplomacy.edu.

Musk blames ‘major cyberattack’ for X outage, points to Ukraine

Elon Musk’s social media platform, X, experienced widespread disruptions on Monday, which the billionaire attributed to a major cyberattack.

Musk claimed the platform was targeted by an unusually powerful denial-of-service (DoS) attack, suggesting that a well-coordinated group or nation-state might be responsible. However, he offered no concrete evidence to support the claim, leaving cybersecurity experts sceptical.

Many pointed out that DoS attacks, which flood websites with excessive traffic to overwhelm their servers, are commonly executed by small groups or individuals with relatively limited resources.

Reports of outages spiked early in the day, with Downdetector tracking over 39,000 complaints from users in the US at the peak of the disruption. By the afternoon, the number had dwindled significantly, though intermittent service issues persisted for some.

According to an anonymous industry source, the attack consisted of multiple waves of rogue traffic bombarding X’s servers, beginning around 9:45 UTC.

While Musk later asserted in an interview with Fox Business that the cyberattack originated from Ukraine, the same industry source disputed this claim, stating that the bulk of the malicious traffic came from various locations, including the USA, Vietnam, and Brazil, with only a minimal amount from Ukraine.

Tracing the true origin of DoS attacks is notoriously tricky, as attackers often use proxy servers and botnets to disguise their locations.

Cybersecurity specialists have noted that assigning blame based solely on IP addresses can be misleading, as they rarely indicate the actual perpetrators. Despite Musk’s insistence on a Ukraine-based origin, no definitive proof has been presented to substantiate the claim.

Musk’s comments come amid his increasingly vocal criticisms of Ukraine’s ongoing war efforts against Russia, aligning with sentiments echoed by US President Donald Trump, whom he advises.

Over the weekend, Musk suggested that Ukraine’s battlefield operations would collapse without his Starlink satellite communication system, although he clarified that he had no intention of cutting off access.

The latest controversy surrounding X’s cyberattack has further fueled speculation about Musk’s political and strategic positioning in the ongoing geopolitical conflict.

For more information on these topics, visit diplomacy.edu.

NHS looks into Medefer data flaw after security concerns

NHS is investigating allegations that a software flaw at private medical services company Medefer left patient data vulnerable to hacking.

The flaw, discovered in November, affected Medefer’s internal patient record system in the UK, which handles 1,500 NHS referrals monthly.

A software engineer who found the issue believes the vulnerability may have existed for six years, but Medefer denies this claim, stating no data has been compromised.

The engineer discovered that unprotected application programming interfaces (APIs) could have allowed outsiders to access sensitive patient information.

While Medefer has insisted that there is no evidence of any breach, they have commissioned an external security agency to review their systems. The agency confirmed that no breach was found, and the company asserts that the flaw was fixed within 48 hours of being discovered.

Cybersecurity experts have raised concerns about the potential risks posed by the flaw, emphasising that a proper investigation should have been conducted immediately.

Medefer reported the issue to the Information Commissioner’s Office (ICO) and the Care Quality Commission (CQC), both of which found no further action necessary. However, experts suggest that a more thorough response could have been beneficial given the sensitive nature of the data involved.

For more information on these topics, visit diplomacy.edu.

Reddit launches new tools to improve user engagement

Reddit has introduced new tools to help users follow community rules and track content performance, aiming to boost engagement on the platform. The update comes after a slowdown in user growth due to Google’s algorithm changes, though traffic from the search engine has since recovered.

Among the new features is a ‘rules check’ tool, currently being tested on smartphones, which helps users comply with subreddit guidelines. Additionally, a post-recovery option allows users to repost content in alternative subreddits if their original submission is removed. Reddit will also suggest subreddits based on post content and clarify posting requirements for specific communities.

The company has enhanced its post insights feature, offering detailed engagement metrics to help users refine their content. This follows Reddit’s December launch of Reddit Answers, an AI-powered search tool designed to provide curated summaries of community discussions, which is still in beta testing.

For more information on these topics, visit diplomacy.edu.

Musk’s Starlink eyes expansion in Italy despite regulatory delays

Elon Musk’s Starlink is seeking to acquire additional spectrum in Italy to enhance its satellite communications network, but regulatory approval remains stalled.

The company applied for access to E-band frequencies two years ago, but the Italian government has yet to grant final approval. Authorities are waiting for a European Union-wide decision on spectrum allocation before moving forward.

Starlink, which operates thousands of low-orbit satellites, has been offering services in Italy since 2021 and currently serves around 55,000 customers.

The company is considering building another ground station in northern Italy due to strong demand while potentially scaling back operations in the south, where uptake has been lower than expected.

The Italian government is also exploring the use of Starlink’s network for secure communications in diplomatic and military operations, as well as to improve internet access in remote areas.

However, progress has been slow amid political opposition and broader EU regulatory uncertainties.

For more information on these topics, visit diplomacy.edu.

FCC to vote on GPS alternatives amid rising interference fears

The US Federal Communications Commission (FCC) is set to vote next month on exploring alternatives to GPS due to growing national security concerns.

FCC Chair Brendan Carr warned that relying on a single system for navigation and timing leaves the United States vulnerable to disruptions. Reports of increased GPS interference, particularly spoofing attacks since 2023, have raised fears of accidents if aircraft are misdirected.

Concerns over GPS security have been discussed for years, with President Donald Trump and bipartisan lawmakers calling for action.

The FCC’s March 27 vote will launch an inquiry into alternative Positioning, Navigation, and Timing (PNT) systems that could complement or replace GPS. The aim is to encourage innovation in navigation technology and strengthen resilience against disruptions.

GPS plays a crucial role in aviation, replacing traditional ground-based navigation systems. However, its reliance on satellite signals makes it susceptible to interference.

The Federal Aviation Administration is already working on global authentication measures to counter spoofing threats and improve the security of satellite-based navigation.

For more information on these topics, visit diplomacy.edu.

Google acknowledges AI being used for harmful content

Google has reported receiving over 250 complaints globally about its AI software being used to create deepfake terrorist content, according to Australia’s eSafety Commission.

The tech giant also acknowledged dozens of user reports alleging that its AI program, Gemini, was being exploited to generate child abuse material. Under Australian law, companies must provide regular updates on their efforts to minimise harm or risk hefty fines.

The eSafety Commission described Google’s disclosure as a ‘world-first insight’ into how AI tools may be misused to produce harmful and illegal content.

Between April 2023 and February 2024, Google received 258 reports of suspected AI-generated extremist material and 86 related to child exploitation. However, the company did not specify how many of these reports were verified.

A Google spokesperson stated that the company strictly prohibits AI-generated content related to terrorism, child abuse, and other illegal activities.

While it uses automated detection to remove AI-generated child exploitation material, the same system is not applied to extremist content.

Meanwhile, the regulator has previously fined platforms like X (formerly Twitter) and Telegram for failing to meet reporting requirements, with both companies planning to appeal.

For more information on these topics, visit diplomacy.edu.

EU set to implement Entry/Exit System for border control

The European Union has reached an agreement to finally implement the long-awaited Entry/Exit System (EES), which will modernise border checks for short-stay travellers.

After several delays due to technical issues and a lack of readiness, the system is now set to begin operations in autumn, though a specific launch date has yet to be determined.

Member states will have the option to introduce the system all at once or in phases over a six-month transition period, with the full implementation to be completed by the end of the transition.

The EES, which was first proposed in 2016, aims to replace traditional passport stamping by collecting biometric data from non-EU visitors, including photos and fingerprints.

This data will be recorded each time visitors enter or exit the Schengen Area. The system is designed to improve border control, help authorities identify overstayers, and prevent identity fraud.

While Cyprus and Ireland will not participate in the new system, all other EU member states and four Schengen-associated countries will be involved.

Poland, which currently holds the EU Council’s rotating presidency, will lead negotiations with the European Parliament to finalise the law.

Tomasz Siemoniak, Poland’s Minister for Internal Affairs, indicated that a final agreement should be reached smoothly, with October set as the target for full implementation.

The EES is expected to provide authorities with new tools to enhance security and better manage borders within the Schengen Area.

For more information on these topics, visit diplomacy.edu.