Germany’s federal cabinet has approved draft legislation that would expand cyber defence capabilities for three federal agencies, the Federal Office for Information Security (BSI), the Federal Criminal Police Office (BKA), and the Federal Police (Bundespolizei), as part of a broader effort to strenghten the country’s response to cyber threats.
Under the proposal, authorities would be able to block or disrupt software and server infrastructure used in cyberattacks, including systems located outside Germany. The BSI would also receive expanded authority to collect, store, and analyse data to detect activities indicative of attack preparation. Telecommunications providers and major digital platforms would be required to relay BSI warnings about identified threats directly to users.
The government describes the measures as ‘active cyber defence,’ arguing that they are intended to stop or disrupt ongoing attacks rather than conduct retaliatory cyber operations. Current practice involves redirecting attacks to isolated network areas; the new framework would instead authorize direct action against attacker-controlled systems.
According to the Federal Situation Report on Cybercrime 2025, presented by Federal Interior Minister Alexander Dobrindt and the Vice President of the Federal Criminal Police Office, Martina Link, Germany is among Europe’s most frequently targeted countries for cyberattacks.
Federal authorities in Germany have documented sustained campaigns against industrial companies, small and medium-sized enterprises, research institutions, government bodies, and political parties, with a portion attributed to state-affiliated actors.
The draft will now proceed to parliamentary debate. It requires a legislative vote before entering into force.
Why does it matter?
The proposal reflects a broader shift among governments toward more proactive cybersecurity strategies as cyberattacks become increasingly frequent and sophisticated. Rather than focusing solely on defending networks, authorities are seeking legal powers to disrupt malicious infrastructure before attacks cause significant harm.
The legislation also raises important questions about the scope of state cyber powers, oversight mechanisms, and the legal implications of taking action against infrastructure located outside national borders. If adopted, it would mark one of Germany’s most significant cybersecurity policy changes in recent years.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!
With the rapid expansion of AI technologies, agentic AI is rapidly moving from experimentation to deployment on a scale larger than ever before. As a result, these systems have been given far greater autonomy to perform tasks with limited human input, much to the delight of enterprise magnates.
Companies such as Microsoft, Google, Anthropic, and OpenAI are increasingly developing agentic AI systems capable of automating vulnerability detection, incident response, code analysis, and other security tasks traditionally handled by human teams.
The appeal of using agentic AI as a first line of defence is palpable, as cybersecurity teams face mounting pressure from the growing volume of attacks. According to the Microsoft Digital Defense Report 2025, the company now detects more than 600 million cyberattacks daily, ranging from ransomware and phishing campaigns to identity attacks. Additionally, the International Monetary Fund has also warned that cyber incidents have more than doubled since the COVID-19 pandemic, potentially triggering institutional failures and incurring enormous financial losses.
To add insult to injury, ransomware groups such as Conti, LockBit, and Salt Typhoon have shown increased activity from 2024 through early 2026, targeting critical infrastructure and global communications, as if aware of the upcoming cybersecurity fortifications and using a limited window of time to incur as much damage as possible.
In such circumstances, fully embracing agentic AI may seem like an ideal answer to the cybersecurity challenges looming on the horizon. Systems capable of autonomously detecting threats, analysing vulnerabilities, and accelerating response times could significantly strengthen cyber resilience.
Yet the same autonomy that makes these systems attractive to defenders could also be exploited by malicious actors. If agentic AI becomes a defining feature of cyber defence, policymakers and companies may soon face a more difficult question: how can they maximise its benefits without creating an entirely new layer of cyber risk?
Why cybersecurity is turning to agentic AI
The growing interest in agentic AI is not simply driven by the rise in cyber threats. It is also a response to the operational limitations of modern security teams, which are often overwhelmed by repetitive tasks that consume time and resources.
Security analysts routinely handle phishing alerts, identity verification requests, vulnerability assessments, patch management, and incident prioritisation — processes that can become difficult to manage at scale. Many of these tasks require speed rather than strategic decision-making, creating a natural opening for AI systems to operate with greater autonomy.
Microsoft has aggressively moved into this space. In March 2025, the company introduced Security Copilot agents designed to autonomously handle phishing triage, data security investigations, and identity management. Rather than replacing human analysts, Microsoft positioned the tools to reduce repetitive workloads and enable security teams to focus on more complex threats.
Google has approached the issue through vulnerability research. Through Project Naptime, the company demonstrated how AI systems could replicate parts of the workflow traditionally handled by human security researchers by identifying vulnerabilities, testing hypotheses, and reproducing findings.
Anthropic introduced another layer of complexity through Claude Mythos, a model built for high-risk cybersecurity tasks. While the company presented the model as a controlled release for defensive purposes, the announcement also highlighted how advanced cyber capabilities are becoming increasingly embedded in frontier AI systems.
Meanwhile, OpenAI has expanded partnerships with cybersecurity organisations and broadened access to specialised tools for defenders, signalling that major AI firms increasingly view cybersecurity as one of the most commercially viable applications for autonomous systems.
Together, these developments show that agentic AI is gradually becoming embedded in the cybersecurity infrastructure. For many companies, the question is no longer whether autonomous systems can support cyber defence, but how much responsibility they should be given.
When agentic AI tools become offensive weapons
The same capabilities that make agentic AI valuable to defenders also make it attractive to malicious actors. Systems designed to identify vulnerabilities, analyse code, automate workflows, and accelerate decision-making can be repurposed for offensive cyber operations.
Anthropic offered one of the clearest examples of that risk when it disclosed that malicious actors had used Claude in cyber campaigns. The company said attackers were not simply using the model for basic assistance, but were integrating it into broader operational workflows. The incident showed how agentic AI can move cyber misuse beyond advice and into execution.
The risk extends beyond large-scale cyber operations. Agentic AI systems could make phishing campaigns more scalable, automate reconnaissance, accelerate vulnerability discovery, and reduce the technical expertise needed to launch certain attacks. Tasks that once required specialist teams could become easier to coordinate through autonomous systems.
Security researchers have repeatedly warned that generative AI is already making social engineering more convincing through realistic phishing emails, cloned voices, and synthetic identities. More autonomous systems could further push those risks by combining content generation with independent action.
The concern is not that agentic AI will replace human hackers. Cybercrime could become faster, cheaper, and more scalable, mirroring the same efficiencies that organisations hope to achieve through AI-powered defence.
The agentic AI governance gap
The governance challenge surrounding agentic AI is no longer theoretical. As autonomous systems gain access to internal networks, cloud infrastructure, code repositories, and sensitive datasets, companies and regulators are being forced to confront risks that existing cybersecurity frameworks were not designed to manage.
Policymakers are starting to respond. In February 2026, the US National Institute of Standards and Technology (NIST) launched its AI Agent Standards Initiative, focused on identity verification and authentication frameworks for AI agents operating across digital environments. The aim is simple but important: organisations need to know which agents can be trusted, what they are allowed to do, and how their actions can be traced.
Governments are also becoming more cautious about deployment risks. In May 2026, the Cybersecurity and Infrastructure Security Agency (CISA) joined cybersecurity agencies from Australia, Canada, New Zealand, and the United Kingdom in issuing guidance on the secure adoption of agentic AI services. The warning was clear: autonomous systems become more dangerous when they are connected to sensitive infrastructure, external tools, and internal permissions.
The private sector is adjusting as well. Companies are increasingly discussing safeguards such as restricted permissions, audit logs, human approval checkpoints, and sandboxed environments to limit the degree of autonomy granted to AI agents.
The questions facing businesses are becoming practical. Should an AI agent be allowed to patch vulnerabilities without approval? Can it disable accounts, quarantine systems, or modify infrastructure independently? Who is held accountable when an autonomous system makes the wrong decision?
Agentic AI may become one of cybersecurity’s most effective defensive tools. Its success, however, will depend on whether governance frameworks evolve quickly enough to keep pace with the technology itself.
How companies are building guardrails around agentic AI
As concerns around autonomous cyber systems grow, companies are increasingly experimenting with safeguards designed to prevent agentic AI from becoming an uncontrolled risk. Rather than granting unrestricted access, many organisations are limiting what AI agents can see, what systems they can interact with, and what actions they can execute without human approval.
Anthropic has restricted access to Claude Mythos over concerns about offensive misuse, while OpenAI has recently expanded its Trusted Access for Cyber programme to provide vetted defenders with broader access to advanced cyber tools. Both approaches reflect a growing consensus that powerful cyber capabilities may require tiered access rather than unrestricted deployment.
The broader industry is moving in a similar direction. CrowdStrike has increasingly integrated AI-driven automation into threat intelligence and incident response workflows while maintaining human oversight for critical decisions. Palo Alto Networks has also expanded its AI-powered security automation tools designed to reduce response times without fully removing human analysts from the decision-making process.
Cloud providers are also becoming more cautious about autonomous access. Amazon Web Services, Google Cloud, and Microsoft Azure have increasingly emphasised zero-trust security models, role-based permissions, and segmented access controls as enterprises deploy more automated tools across sensitive infrastructure.
Meanwhile, sectors such as finance, healthcare, and critical infrastructure remain particularly cautious about fully autonomous deployment due to the potential consequences of false positives, accidental shutdowns, or disruptions to essential services.
As a result, security teams are increasingly discussing safeguards such as audit logs, sandboxed environments, role-based permissions, staged deployments, and human approval checkpoints to balance speed with accountability. For now, many companies seem ready to embrace agentic AI, but without keeping one hand on the emergency brake.
The future of cybersecurity may be agentic
Agentic AI is unlikely to remain a niche experiment for long. The scale of modern cyber threats, combined with the mounting pressure on security teams, means organisations will continue to look for faster and more scalable defensive tools.
That shift could significantly improve cybersecurity resilience. Autonomous systems may help organisations detect threats earlier, reduce response times, address workforce shortages, and manage the growing volume of attacks that human teams increasingly struggle to handle alone.
At the same time, the technology’s long-term success will depend as much on restraint as on innovation. Without clear governance frameworks, operational safeguards, and human oversight, the same tools designed to strengthen cyber defence could introduce entirely new vulnerabilities.
The future of cybersecurity may increasingly belong to agentic AI. Whether that future becomes safer or more volatile may depend on how responsibly governments, companies, and security teams manage the transition.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Cybercrime Atlas has launched Cosmos, an open-source platform designed to map global cybercrime networks and strengthen cooperation among defenders, investigators, prosecutors and policymakers.
Hosted by the World Economic Forum’s Centre for Cybersecurity, Cybercrime Atlas aims to build a shared understanding of cybercriminal ecosystems at a time when ransomware, fraud and illicit digital services are becoming increasingly organised and industrialised.
Cosmos links cybercriminal groups, tools, infrastructure, markets and services in an interactive framework. It was developed by the Cybercrime Atlas community, led by Orange Cyberdefense, with contributions from Banco Santander, Universitat de Girona, Scitum and TrendAI.
The initiative responds to a long-standing problem in cybercrime disruption: fragmented terminology, isolated investigations and inconsistent reporting structures. Cosmos aims to standardise definitions, organise threat intelligence into a shared structure and help different actors coordinate more effectively across borders.
The first version of the platform contains nine core categories, 229 identified cybercrime-related elements and 849 mapped connections showing how criminal networks, tools and services interact. The dataset is designed to expand as the wider community contributes new intelligence.
Why does it matter?
Cybercrime increasingly functions as an interconnected ecosystem, with specialised groups, tools, infrastructure providers and illicit services supporting one another across borders. A shared map of those relationships could help shift cyber defence from isolated incident response towards more coordinated disruption of criminal networks, while giving investigators and policymakers a clearer view of how digital crime is organised.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!
A major study by researchers from the universities of Cambridge, Edinburgh, and Strathclyde, published by the Centre for Emerging Technology and Security at the Alan Turing Institute, suggests cybercriminals are still struggling to use AI effectively in their operations despite widespread attention around tools such as ChatGPT.
Researchers analysed more than 100 million posts from underground and dark web forums to assess how AI is being adopted within cybercrime communities.
The research, carried out by the universities of Edinburgh, Strathclyde, and Cambridge using the CrimeBB database, found that most offenders lack the technical skills and resources needed to integrate AI into criminal activity. Rather than lowering barriers to entry, AI tools benefit already skilled actors far more than inexperienced ones.
The analysis shows AI is used most successfully in already highly automated areas, such as social media bots linked to harassment and fraud, as well as in efforts to mask patterns that cybersecurity systems might otherwise detect. While experimentation is increasing, the researchers found little sign that AI is delivering a broad or transformative boost to overall cybercriminal capability. Mainstream chatbot guardrails were also found to be limiting harmful use in practice.
The researchers argue that the more immediate concern for industry is not dramatic AI-enabled innovation among cybercriminals, but insecure adoption of AI within legitimate organisations. They point to risks from poorly secured agentic AI systems and from AI-generated ‘vibecoded’ software being deployed without adequate safeguards.
Why does it matter?
The findings challenge a common assumption that generative AI is already giving cybercriminals a major operational advantage. Instead, the more immediate and scalable risk may come from companies deploying insecure AI systems faster than they can secure them. That shifts attention away from worst-case speculation about criminal innovation and towards a more practical cyber policy question: whether organisations are introducing new AI-enabled vulnerabilities into mainstream digital infrastructure.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
A major international crackdown led by Europol has targeted more than 75,000 users involved in distributed denial-of-service (DDoS)-for-hire activity. The coordinated Operation PowerOFF brought together 21 countries in a global effort to dismantle cyberattack infrastructure.
Authorities issued tens of thousands of warning messages, carried out arrests, executed search warrants, and seized dozens of domains linked to illegal booter platforms.
The operation also disrupted technical systems used to facilitate attacks, including servers and databases that enabled users to target online services and websites.
Analysis of seized data provided access to millions of user accounts, strengthening ongoing investigations across participating jurisdictions. Europol supported the operation through intelligence analysis, forensic work, and coordination between national agencies, helping identify and track those involved.
Alongside enforcement, the initiative has shifted towards prevention, including awareness campaigns, search engine interventions, and blockchain-based warnings.
Officials stress that DDoS-for-hire services remain widely accessible but are illegal, with users ranging from inexperienced actors to more organised cybercriminals driven by financial or ideological motives.
By targeting both infrastructure and users, authorities reduce the accessibility of tools that enable low-skill attackers to cause significant disruption to online services. Such actions strengthen cyber resilience and reflect a shift towards more proactive, internationally coordinated responses to digital threats.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
The UK has stepped up its crackdown by sanctioning a crypto marketplace tied to major scam centres in Southeast Asia. Measures aim to disrupt the sale of stolen personal data and limit the financial infrastructure enabling online fraud targeting British victims.
Authorities also targeted operators behind ‘#8 Park’, Cambodia’s largest scam compound, believed to house up to 20,000 trafficked workers. Many individuals forced to run scams were lured with false job offers before being coerced into fraudulent activity under severe threats.
Sanctions extend to key entities and individuals connected to the wider network, including those facilitating crypto laundering and cross-border financial flows. Earlier UK action froze over £1 billion in assets and helped shut down platforms used for laundering illicit funds.
Officials said the measures will isolate these operations from the crypto ecosystem and freeze UK-based assets. The measures come ahead of an international summit in June aimed at strengthening global coordination against illicit finance and digital fraud.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A global law enforcement operation supported by Europol has led to the shutdown of more than 373,000 dark web websites linked to fraudulent activity and the advertisement of child sexual abuse material.
The operation, known as ‘Operation Alice’, was launched on 9 March 2026 under the leadership of German authorities, with participation from 23 countries. The investigation, which began in 2021, initially targeted a dark web platform referred to as ‘Alice with Violence CP’.
According to Europol, investigators identified a single operator responsible for managing a network of hundreds of thousands of onion domains. These websites advertised child sexual abuse material and cybercrime-as-a-service offerings, including access to stolen financial data and systems.
Authorities state that the services were fraudulent, designed to extract payments without delivering the advertised material.
The operation has so far resulted in the identification of 440 customers worldwide, with further investigations ongoing against more than 100 individuals. Law enforcement agencies also seized 105 servers and multiple electronic devices during the coordinated action.
Europol provided analytical support, facilitated information exchange, and assisted in tracing cryptocurrency transactions linked to the network.
Authorities also reported that measures were taken throughout the investigation to identify and protect children at risk. An international arrest warrant has been issued for the suspected operator, who is reported to have generated significant profits through the scheme.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
An INTERPOL-coordinated operation targeting phishing, malware, and ransomware infrastructure has resulted in the takedown of more than 45,000 malicious IP addresses and servers.
Law enforcement agencies from 72 countries and territories participated in Operation Synergia III (from 18 July 2025 to 31 January 2026). The operation resulted in 94 arrests, with 110 additional individuals under investigation. A total of 212 electronic devices and servers were seized.
During the operation, INTERPOL processed threat data into actionable intelligence, facilitated cross-border coordination, and provided tactical operational support to participating countries. Preliminary investigations informed a series of coordinated national actions, including searches of identified locations and the disruption of malicious cyber infrastructure.
Several investigations remain ongoing. Preliminary case reports illustrate the range of criminal methods. For instance, in Macau, China, law enforcement identified more than 33,000 phishing and fraudulent websites impersonating casinos, banks, government portals, and payment services.
The sites were used to collect payments via fraudulent top-up mechanisms or to harvest users’ personal and financial data.
In Togo, police arrested 10 suspects operating from a residential location. The group’s activities included unauthorised access to social media accounts and social engineering schemes such as romance fraud and sextortion.
After compromising accounts, suspects contacted the account holder’s connections, impersonating the original user to initiate fraudulent relationships or solicit money transfers from secondary victims.
In Bangladesh, police arrested 40 suspects and seized 134 electronic devices linked to a range of schemes, including fraudulent loan and employment offers, identity theft, and credit card fraud.
INTERPOL collaborated with private sector partners Group-IB, Trend Micro, and S2W to monitor illicit cyber activity and identify malicious servers during the operation.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
President Donald Trump released his administration’s national cybersecurity strategy, outlining priorities across six policy areas: offensive and defensive cyber operations, federal network security, critical infrastructure protection, regulatory reform, emerging technology leadership, and workforce development. Trump also signed an executive order the same day, directing federal agencies to increase the prosecution of cybercrime and fraud.
The strategy document spans five pages of substantive text, with administration officials describing it as intentionally high-level. The White House stated that more detailed implementation guidance would follow.
The strategy’s six pillars include the following provisions:
Shaping adversary behaviour requires deploying US offensive and defensive cyber capabilities and incentivising private-sector disruption of adversary networks. It also states the administration will “counter the spread of the surveillance state and authoritarian technologies.”
Promoting regulation advocates for reducing compliance requirements characterised as ‘costly checklists’ and addresses liability frameworks — a priority also present in the prior administration’s approach.
Modernising federal networks involves adopting post-quantum cryptography, AI, zero-trust architecture, and reducing procurement barriers for technology vendors.
Securing critical infrastructure emphasises supply chain resilience and preference for domestically produced technology, alongside a role for state, local, tribal, and territorial governments.
Sustaining technological superiority focuses primarily on AI, quantum cryptography, data centre security, and privacy protection.
Building cyber talent commits to removing barriers among industry, academia, government, and the military to develop a skilled cybersecurity workforce. This pillar follows a period in which the administration reduced the number of federal cyber positions.
The accompanying executive order directs the attorney general to prioritise cybercrime prosecution, tasks agencies with reviewing tools to counter international criminal organisations, and assigns the Department of Homeland Security expanded training responsibilities. The strategy itself references cybercrime once.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The cybercrime unit of the Paris prosecutor has raided the French office of X as part of an expanding investigation into alleged algorithm manipulation and illicit data extraction.
Authorities said the probe began in 2025 after a lawmaker warned that biassed algorithms on the platform might have interfered with automated data systems. Europol supported the operation together with national cybercrime officers.
Prosecutors confirmed that the investigation now includes allegations of complicity in circulating child sex abuse material, sexually explicit deepfakes and denial of crimes against humanity.
Elon Musk and former chief executive Linda Yaccarino have been summoned for questioning in April in their roles as senior figures of the company at the time.
The prosecutor’s office also announced its departure from X in favour of LinkedIn and Instagram, rather than continuing to use the platform under scrutiny.
X strongly rejected the accusations and described the raid as politically motivated. Musk claimed authorities should focus on pursuing sex offenders instead of targeting the company.
The platform’s government affairs team said the investigation amounted to law enforcement theatre rather than a legitimate examination of serious offences.
Regulatory pressure increased further as the UK data watchdog opened inquiries into both X and xAI over concerns about Grok producing sexualised deepfakes. Ofcom is already conducting a separate investigation that is expected to take months.
The widening scrutiny reflects growing unease around alleged harmful content, political interference and the broader risks linked to large-scale AI systems.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
