An advanced persistent threat (APT) group with suspected ties to India has been accused of targeting Italian defence companies in a cyber-espionage campaign.
Security researchers found that the hackers used phishing emails and malicious documents to infiltrate networks, stealing sensitive data.
The attacks, believed to be state-sponsored, align with growing concerns about nation state cyber operations targeting critical industries.
The campaign, dubbed ‘Operation Tainted Love,’ involved sophisticated malware designed to evade detection while exfiltrating confidential documents.
Analysts suggest the group’s motives may include gathering intelligence on military technology and geopolitical strategies. Italy has not yet issued an official response, but the breach underscores the escalating risks to national security posed by cyber-espionage.
This incident follows a broader trend of state-backed hacking groups increasingly focusing on the defence and aerospace sectors.
Cybersecurity experts urge organisations to strengthen defences, particularly against phishing and supply chain attacks. As geopolitical tensions influence cyberwarfare, such operations highlight the need for international cooperation in combating digital threats.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Corporate login information is harvested using sophisticated tools like infostealer malware, phishing campaigns, and automated credential stuffing.
Security experts warn that compromised credentials allow attackers to masquerade as staff, access internal systems, and move laterally across organisations.
While some major firms rely solely on passwords, rigorous measures such as strong multifactor authentication, proactive monitoring, and cyber awareness training are more effective defences.
Despite awareness of these threats, many companies do not thoroughly scan for leaked credentials or flag suspicious login activity promptly.
However, this hesitancy often stems from budget limitations, competing priorities or bureaucratic inertia.
Security specialists stress the need for coordinated investment in layered security measures to protect against evolving identity‑based attacks.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A sophisticated supply chain cyber attack on Swiss service provider Chain IQ has resulted in data leaks at several financial institutions, including UBS and Pictet. According to the banks, no client data was compromised.
UBS confirmed the breach on Wednesday, stating: ‘A cyber attack at an external supplier has led to information about UBS and several other companies being stolen. No client data has been affected.’ The bank said it had acted swiftly to protect operations.
Chain IQ revealed that it was one of 20 organisations targeted in what it described as ‘a cyber-attack that had never before been seen on a global scale.’
The attackers published stolen data on the dark web on 12 June 2025 at 17:15 CET. The firm said access was revoked and the incident contained within 8 hours and 45 minutes.
The stolen data included employee business contact details from certain clients, such as internal telephone numbers. The company stated that all systems were checked and secured, with law enforcement notified immediately.
Dr Ilia Kolochenko, CEO of ImmuniWeb and a Fellow at the British Computer Society, warned of the potential impact: ‘This breach may have a disastrous and long-lasting effect on the Swiss banking sector. An urgent investigation is essential to determine its scope.’
He added that the incident highlights third-party vulnerabilities: ‘Even major institutions are at risk from supply chain weaknesses. Legal liability could extend to the banks themselves if damage to individuals occurs.’
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Thousands of current and former employees at Lee Enterprises have had their data exposed following a cyberattack earlier this year.
Hackers accessed to the company’s systems in early February, compromising sensitive information such as names and Social Security numbers before the breach was contained the same day.
Although the media firm, which operates over 70 newspapers across 26 US states, swiftly secured its networks, a three-month investigation involving external cybersecurity experts revealed that attackers accessed databases containing employee details.
The breach potentially affects around 40,000 individuals — far more than the company’s 4,500 current staff — indicating that past employees were also impacted.
The stolen data could be used for identity theft, fraud or phishing attempts. Criminals may even impersonate affected employees to infiltrate deeper into company systems and extract more valuable information.
Lee Enterprises has notified those impacted and filed relevant disclosures with authorities, including the Maine Attorney General’s Office.
Headquartered in Iowa, Lee Enterprises draws over 200 million monthly online page views and generated over $611 million in revenue in 2024. The incident underscores the ongoing vulnerability of media organisations to cyber threats, especially when personal employee data is involved.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Adidas has confirmed a cyber attack that led to the compromise of customer data held by a third-party service partner.
According to the company, unauthorised access was gained to consumer contact details submitted during previous interactions with its customer service help desk. Payment credentials and passwords were not affected.
Affected individuals are now being notified directly, with the company expressing sincere regret for any concern caused. Contact information, such as names and email addresses, appears to be the primary type of data exposed.
Steps were taken immediately to contain the incident, with cybersecurity experts brought in to assist in a detailed investigation. Adidas stressed its commitment to safeguarding user data and is reviewing its systems to prevent similar breaches in future.
This incident adds to a growing list of cyber attacks targeting major UK retailers. Recent breaches involving Marks & Spencer, Co-op, and Harrods have caused operational disruption, prompting a wider investigation by the National Crime Agency into possible links among the attacks.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Marks & Spencer has temporarily suspended some of its popular meal deal offers as the retailer continues to grapple with the fallout from a serious cyber attack.
Signs in stores, including at major transport hubs such as Victoria Station, explain that availability issues have made it impossible to fulfil certain promotions, and ask customers for patience while the company works through the disruption.
Instead of offering its usual lunchtime combinations and dine-in meal deals priced between £6 and £15, M&S is facing stock shortfalls due to the hack, which is now in its third week.
The attack is reportedly linked to a group of teenage hackers using ransomware tactics, locking computer systems and demanding payment for their release.
The breach has already caused significant operational challenges, with fears internally that the disruption could drag on for weeks. Sources suggest the financial impact could run into tens of millions in lost orders, as systems remain frozen and supply chains struggle to recover.
Meal deal suspensions are the latest sign of the broader strain the retailer is under as it scrambles to restore normal service.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Elon Musk’s social media platform, X, experienced evident disruptions on Monday, 10 March 2025, affecting tens of thousands of users worldwide. The outages began around 6 a.m. Eastern Time, peaking at approximately 10 a.m. with over 41,000 reported issues, according to Downdetector. Users reported difficulties accessing the platform on mobile devices and computers worldwide, with services gradually returning to normal later in the day.
Elon Musk attributed these disruptions to a ‘massive cyberattack’, suggesting that a large, coordinated group or possibly a nation-state was involved. He said, ‘We get attacked every day, but this was done with many resources. Either a large, coordinated group and/or a country is involved.’ However, cybersecurity experts have expressed scepticism regarding Musk’s claims. They note that Distributed Denial of Service (DDoS) attacks, which overwhelm servers with excessive traffic, can be executed by relatively small groups or even individuals without the backing of a nation-state.
Musk further elaborated in an interview with Fox Business’ Larry Kudlow, asserting that the attack originated from IP addresses in the ‘Ukraine area’. This claim has raised eyebrows among cybersecurity professionals, as attributing cyberattacks based solely on IP addresses is notoriously unreliable. Attackers often use proxy servers and botnets across various countries to mask their true location, making definitive attribution challenging.
Either way, the timing of this cyberattack coincides with a tumultuous period for Musk’s business ventures, notably Tesla. Shares of Tesla have plummeted 15.4% to $222.15, their lowest since October. This decline is attributed to waning investor confidence due to the company’s declining global sales. Namely, Tesla experienced its first annual global sales decline last year, with significant drops in key markets such as California, Europe, and China. Analysts foresee a further 5% drop in US deliveries for 2025.
Compounding these financial challenges is Musk’s public alliance with President Donald Trump. Musk has been a prominent supporter of the Trump administration, contributing $277 million to Trump’s campaign and allied Republicans, making him the largest individual political donor in the 2024 election. This alliance has sparked a backlash from Tesla’s predominantly environmentally conscious customer base, leading to protests at Tesla showrooms and acts of vandalism against vehicles.
Furthermore, Musk has been appointed by President Trump to lead the newly established Department of Government Efficiency (DOGE), aiming to streamline federal operations and reduce unnecessary expenditures. Musk’s unconventional approach to this role, including setting up a gaming PC in the Secretary of War Suite at the Eisenhower Executive Office Building, has drawn both attention and criticism. His methods have been described as radical, openly dismissing traditional roles and respect for federal employees and their work.
Conclusions:
First, the convergence of these events—the cyberattack on X, Tesla’s market challenges, and Musk’s deepening political engagements—paints a complex picture of the current landscape surrounding Musk’s enterprises. The cyberattack raises questions about X’s security infrastructure and the potential motives behind such an attack. If a nation-state were indeed involved, it could signify a targeted effort to disrupt a platform influential in global communications.
Secondly, Tesla’s declining stock value means broader concerns about the company’s future performance amid increasing competition in the electric vehicle market. Companies like China’s BYD are emerging as formidable competitors, challenging Tesla’s market share. Musk’s political affiliations may also alienate a segment of Tesla’s customer base, further impacting sales.
Lastly, Musk’s alliance with President Trump positions him at a crucial intersection of business and politics. While this relationship significantly influences policies that could benefit his ventures, it also subjects him to heightened scrutiny and potential backlash. Public perception of Musk is becoming increasingly polarised, which could have additional and lasting implications for his businesses.
For more information on cybersecurity, digital policies, AI governance and other related topics, visit diplomacy.edu.
Musk suggested the attack was backed by significant resources, possibly indicating involvement by a large group or nation-state.
In other news:
Tusk warns against arrogance after US-Poland social media clash
In a recent post on X, Poland’s Prime Minister, Donald Tusk, has urged allies to show respect and avoid arrogance, following a heated social media exchange between Polish and US officials.
Trump’s viral ‘Everything is computer’ sparks new meme coin frenzy
A new meme coin, Everything is Computer (EIC), has taken the crypto market by storm after a viral comment from US President Donald Trump.
Switzerland will require operators of critical infrastructure to report cyberattacks to the National Cyber Security Centre (NCSC) within 24 hours from 1 April 2025, with fines for non-compliance taking effect…
The tax aims to target the profits of major tech companies to support local tech development, though its timing has sparked internal government debate.
The lawsuit claims Meta violated intellectual property rights by using the authors’ works without permission and removing copyright information to cover up the infringement.
The ECB is also addressing privacy concerns and exploring blockchain technologies amid competitive pressure from global digital currencies like China’s digital yuan and US stablecoins.
The situation has attracted potential buyers, including former Los Angeles Dodgers owner Frank McCourt, with analysts estimating TikTok’s value at up to $50 billion.
Developed using 120 Nvidia H100 GPUs in four weeks, the model is based on Meta’s Llama 3.1 architecture and is optimised for traditional Chinese and Taiwanese language styles.
The EU’s bold Digital Markets and Services Acts set the stage for a transatlantic clash with the US over the regulation of tech giants. As Brussels pursues digital sovereignty, Washington…
Can the SDGs serve as guardrails for metaverse development? In Part 4 of her blog series, Dr Anita Lamprech examines how human rights, ethics, and digital policies must evolve alongside immersive technologies.
UNESCO’s Recommendation on the Ethics of Artificial Intelligence sets a global standard for AI governance. It provides a framework for policymakers to ensure AI development aligns with ethical and inclusive principles.
The Trump administration’s decision to stipulate a cyber peace with Russia marks a dramatic shift in US cyber strategy, reflecting certain diplomatic efforts to resolve the ongoing Russia-Ukraine conflict. The decision to halt offensive cyber operations against Russia, reportedly directed by National Security Adviser Pete Hegseth, has ignited debates over US national security, intelligence operations, and international cyber policy implications. Critics warn that the move weakens US cyber deterrence, emboldening adversaries like Russia to act with impunity, while proponents argue that de-escalation in cyberwarfare could improve diplomatic engagement.
The order to US Cyber Command to stop all ongoing cyber-offensive activities — as well as any planned activity — targeting Russian cyber infrastructure, which has often been linked to disinformation campaigns, espionage, and election interference, comes with other fundamental changes the Trump administration wants to implement to recalibrate US-Russia relations. The same Pete Hegseth, appointed under President Donald Trump as the US Secretary of Defence, played a key role in advocating for the policy shift, aligning it with Trump’s broader agenda of reducing hostilities with Moscow and prioritising direct diplomatic channels over covert cyber operations. Such a cybersecurity policy change is an extension of the administration’s reluctance to escalate confrontations with Russia, especially in cyberspace, which remains a critical battleground in modern geopolitical conflicts.
However, the decision provoked immediate backlash from lawmakers and national security experts. Senate Minority Leader Chuck Schumer labelled the move a ‘critical strategic mistake,’ arguing that an equally strong offensive capability must complement a robust cyber defence. Schumer’s concerns are echoed by a broader faction in Washington that sees this decision as a capitulation to Russian cyber aggression. In an era where cyberattacks have become a core instrument of statecraft, critics argue that the USA cannot afford to cede ground, particularly to a country accused of interfering in elections and orchestrating widespread cyberespionage.
Beyond domestic political implications, the halt of US cyber operations raises serious concerns for America’s allies. Representative Adam Smith, the Ranking Member of the House Armed Services Committee, has called for greater transparency on the matter, demanding clarity from the Pentagon on the policy’s scope and its impact on intelligence-sharing agreements with NATO partners. The USA has long played a leadership role in countering Russian cyber threats, and this policy shift introduces uncertainties for European allies who have relied on American cyber expertise to fortify their digital defences.
Despite mounting criticism, the Pentagon and the Cybersecurity and Infrastructure Security Agency (CISA) have downplayed the significance of the change. The US Department of Defense has officially denied the statements of the press. A senior defence official stated that the USA remains committed to defending its digital infrastructure and countering foreign cyber threats but emphasised that cyber policy adjustments should not be interpreted as a retreat from broader security commitments. However, scepticism remains about whether this is a calculated diplomatic manoeuvre or a strategic misstep that could embolden adversaries like Russia further to expand their cyber operations without fear of US retaliation.
The complexity in the US cybersecurity sector
Recent media coverage of the US government’s actions on cybersecurity with Russia has overlooked the complexity of the US cybersecurity sector. A potential halt in cyber operations against Russia, if implemented, would primarily impact US Cyber Command’s offensive operations, which focus on advancing US national interests and military objectives.
However, such measures would not affect the operations of CISA (Cybersecurity and Infrastructure Security Agency), which is responsible for domestic and civilian cybersecurity, or the NSA (National Security Agency), which handles intelligence gathering.
The US policy shift partially depicts the evolving dynamics of cyberwarfare, where offence and defence are deeply interconnected. Without an offensive cyber strategy, intelligence agencies may struggle to prevent threats, leaving the USA and its allies vulnerable to cyber incursions. Some experts fear this move could set a dangerous precedent, signalling to other adversaries, including China and Iran, that the USA is scaling back its cyber posture. So, we pose the question: Will the Trump administration’s decision ultimately improve diplomatic relationships or expose the USA to greater cyber vulnerabilities in an unstable digital battlefield, geopolitically speaking?
For more information on cybersecurity, digital policies, AI governance and other related topics, visit diplomacy.edu.
The closure of USAID has sparked debate on the future of soft power and public digital diplomacy in a world dominated by hard power. Questions arise about the relevance of…
In other news:
Microsoft retires Skype, focuses on Teams
Skype, the pioneering internet calling service that revolutionised communication in the early 2000s, will make its final call on 5 May, as Microsoft retires the platform after two decades.
Musk’s bid to halt OpenAI’s for-profit transition rejected
A US court has denied Elon Musk’s request for a preliminary injunction against OpenAI’s transition into a for-profit organisation.
The Trump administration is shifting its stance by no longer recognising Russia as a significant cyber threat to US national security, deviating from previous intelligence assessments. This change is communicated…
A landmark agreement to replace the outdated passport stamping process by collecting biometric data, including photos and fingerprints, from non-EU visitors.
The IMF emphasised that the government should not accrue Bitcoin or issue debt instruments tied to it in an effort to improve governance, transparency, and economic resilience while mitigating risks…
The start-up’s transparent approach includes insights into its cost management strategies, such as load balancing to optimise computing power and distribute work efficiently across servers and data centres.
UNESCO’s Recommendation on the Ethics of Artificial Intelligence sets a global standard for AI governance. It provides a framework for policymakers to ensure AI development aligns with ethical and inclusive principles.
In today’s digital world, protecting state data is essential. Data embassies, supported by the Vienna Convention, provide an innovative solution. Countries like Estonia and Monaco use them to enhance cybersecurity, ensuring data remains safe and secure.
The Amazons were real. DNA from warrior burials across the Eurasian steppes proves many were women. But what do they teach us about society? Aldo Matteucci examines.
Last week, the UN Open-Ended Working Group (OEWG) on the security of the use of information and communications technologies in 2021–2025 held its tenth substantive session, the penultimate session of the group before its mandate concludes in July of this year.
Tensions ran high since the first day, with attributions of cyberattacks and rights of reply denouncing those attributions taking centre stage. The states held tightly to their positions, largely unchanged since the last session in December 2024. The Chair pointed out that direct dialogue was lacking, with participants instead opting for a virtual town hall approach—circulating their positions and posting them on the portal, and reminded delegates that whatever decisions to be made would be made by consensus, urging them to demonstrate flexibility.
Ransomware, AI, and threats to critical infrastructure remain the biggest concerns of countries regarding the threat landscape. Even as countries don’t agree on an exhaustive list of threats or their sources, there is a strong emphasis on collective and cooperative responses such as capacity development and knowledge sharing to reduce the risk of these threats, as well as mitigate and manage them.
The long-standing debate between implementing existing norms and developing new ones continued. However, this session saw ASEAN countries take a more pragmatic approach, emphasising concrete steps toward implementing agreed norms while maintaining openness to discussing new ones in parallel. At the same time, the call from developing countries for greater capacity development gained momentum, underscoring the challenge of implementing norms without sufficient resources and support.
The discussions on international law have shown little progress in drawing closer between the positions states hold — there is still no consensus on the necessity of new legally binding regulations for cyberspace. There is also discord on how to proceed with discussing international law in the future permanent UN mechanism on cybersecurity.
Discussions on confidence-building measures (CBMs) were largely subdued, as few new CBMs were introduced, and states didn’t overly detail their POC Directory experience. Many states shared their CBM implementation, which is often linked to regional initiatives and best practices, showing eagerness to operationalise CBMs. It seems states now anticipate the future permanent mechanism to serve as the forum for detailed CBM discussions.
The Voluntary Fund and the Capacity-Building Portal have increasingly been regarded as key deliverables of the OEWG process. However, states remain cautious about the risk of duplicating existing global and regional initiatives, and a clear consensus has yet to emerge regarding the objectives of these deliverables.
States are still grappling with thematic groups and non-state stakeholder engagement questions in the future permanent mechanism. The Chair’s upcoming reflections and town halls will likely get the ball rolling on finding elements for the future permanent mechanism acceptable to all delegations.
Delegations have much to agree upon and exceedingly little time to do so. While this has been the mantra for the last two years, negotiations are now truly entering the eleventh hour, and consensus remains elusive. This spells trouble not just for the group’s final report, but also uncertainty for the future of UN cybersecurity discussions that the report will chart.
For more information on cybersecurity, digital policies, AI governance and other related topics, visit diplomacy.edu.
The Open-Ended Working Group (OEWG) on the security of and in the use of information and communications technologies in 2021–2025 will hold its seventh substantive session on 17-21 February 2025 in New York, the USA.
In other news:
Trump’s team considers tighter semiconductor trade restrictions on China with international cooperation
Donald Trump’s team is considering stronger semiconductor restrictions on China, expanding on measures introduced during Joe Biden’s presidency.
EU Commission proposes enhanced cyber crisis management framework
The EU Commission introduced a proposal aimed at strengthening the EU’s response to large-scale cyber attacks.
The EU Commission’s proposal seeks to boost cybersecurity cooperation among Member States through collaborative clusters, a common crisis management taxonomy, ongoing exercises, improved DNS strategies, and enhanced information sharing.
A new wave of competition is emerging against Elon Musk’s Starlink, with rivals like China’s SpaceSail and Jeff Bezos’s Project Kuiper entering the satellite internet market.
Despite being one of the world’s most influential platforms, YouTube remains shrouded in mystery. A team of researchers has devised an unconventional way to uncover hidden statistics, challenging the carefully…
Known for its cost-effective and innovative strategies, DeepSeek is challenging more expensive Western AI models by using efficient Nvidia hardware and advanced techniques like Mixture-of-Experts (MoE).
The OEWG’s tenth session in February 2025 saw states emphasise collective action against cyber threats, address divisions on norms implementation and binding regulations, highlight the Voluntary Fund and Capacity-Building Portal,…
These approaches illustrate a global shift towards embracing AI’s transformative potential while considering the ethical and societal implications, fostering international cooperation to future-proof technological advancements.
Augmented reality features like ‘Tabletop’ allow NBA fans to view matches from multiple angles, analyse performances in real time, and simulate alternative outcomes.
UNESCO’s Recommendation on the Ethics of Artificial Intelligence sets a global standard for AI governance. It provides a framework for policymakers to ensure AI development aligns with ethical and inclusive principles.
The closure of USAID marks an important shift in U.S. foreign policy, potentially weakening American soft power and leaving a vacuum that rivals like China may exploit. As global diplomacy evolves, questions arise about the future of influence, public diplomacy, and the role of digital networks in shaping international relations.
How ready are countries for the metaverse? Nations are taking different approaches – state-led, industry-driven, or hybrid models. Where does your country stand? Dr Anita Lamprecht explores.
Once, diplomacy was a game of kings, queens, and marriages. Now, it’s a world of sub-federal actors, corporations, NGOs, and diasporas. The ambassador is no longer the sole conduit of statecraft – just one node in a growing network. Aldo Matteucci writes.
The primary goal of this webinar is to provide a platform for dialogue, knowledge sharing, and collaboration among policymakers, tourism stakeholders, and digital technology experts.
A US federal judge has warned key members of the judiciary to remain vigilant against potential cyberattacks by foreign actors that could target election-related litigation. Judge Michael Scudder, who chairs the judiciary’s IT committee, highlighted the risks during a US Judicial Conference meeting, stressing the need for heightened security during the election season to guard against misinformation and interference attempts.
Scudder referenced recent warnings from United States intelligence agencies, which pointed to foreign adversaries using the upcoming elections as an opportunity to undermine trust in the government. He mentioned that while no current cyber threats targeting the judiciary have been identified, the courts could be at risk, especially with the possibility of election-related cases emerging in the near future.
The federal judiciary has faced cyberattacks before, with three foreign actors breaching the document-filing system in 2020. The incident led to changes in how sensitive documents are handled in lower courts. Scudder urged his colleagues to remain cautious, given that election-related litigation may again come before the courts in the upcoming election cycle.
Cybersecurity remains a concern across all branches of government, as both political campaigns and judicial systems are seen as targets for potential foreign interference. Intelligence agencies have reported recent cyber operations by foreign countries, including Iran, aimed at disrupting US elections.
