cybersecurity

Washington Post confirms hit in Oracle-linked Cl0p hacking spree

The Washington Post said it was affected by a wider breach tied to Oracle’s E-Business Suite, joining a growing list of victims. The vulnerability was reportedly exploited by the Cl0p ransomware gang, which demands payment from victims in exchange for not leaking stolen files.

Oracle, a major enterprise software provider, disclosed in October that a zero-day flaw in its E-Business Suite had been exploited over the summer. Google also warned that Oracle systems were being targeted in what appeared to be a broader wave of data theft attempts. An initial emergency patch on 2 October failed, and a second critical fix on 11 October left customers exposed for days.

Cl0p’s campaign has already hit high-profile targets including Harvard University, Envoy Air, DXC Technology and Chicago Public Schools. The group, active since at least 2019, previously abused MOVEit, GoAnywhere and Cleo file-transfer tools.

Would you like to learn more aboutAI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Bank Indonesia reports over 370 million cyber threat attempts in 2024

Bank Indonesia (BI) has reported more than 370 million attempted cyber threats targeting the country, highlighting the growing exposure linked to Indonesia’s rapid digital transformation.

The central bank also noted a 25% increase in anomalous cyber traffic in 2024 compared to the previous year. Deputy Governor Filianingsih Hendarta stated that the rise in cyber activity underscores the need for all stakeholders to remain vigilant as Indonesia continues to develop its digital infrastructure.

She also added that public trust is essential to sustaining a resilient digital ecosystem, as trust takes a long time to build and can be lost in to moment.

To strengthen cybersecurity and prepare for continued digitalisation, BI has developed the Indonesian Payment System Blueprint (BSPI) 2030, a strategic framework intended to enhance institutional collaboration and reinforce the security of the national payment system.

BI data shows that internet penetration in Indonesia has reached 80.66%, equivalent to approximately 229 million people, surpassing the global average of 68.7% (around 6.66 billion people worldwide).

Filianingsih also emphasised that strengthening digital infrastructure requires cross-sectoral and international cooperation, given the global and rapidly evolving nature of cyber threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Australian government highlights geopolitical risks to critical infrastructure

According to the federal government’s latest Critical Infrastructure Annual Risk Review, Australia’s critical infrastructure is increasingly vulnerable due to global geopolitical uncertainty, supply chain vulnerabilities, and advancements in technology.

The report, released by the Department of Home Affairs, states that geopolitical tensions and instability are affecting all sectors essential to national functioning, such as energy, healthcare, banking, aviation and the digital systems supporting them.

It notes that operational environments are becoming increasingly uncertain both domestically and internationally, requiring new approaches to risk management.

The review highlights a combination of pressures, including cyber threats, supply chain disruptions, climate-related risks and the potential for physical sabotage. It also points to challenges linked to “malicious insiders”, geostrategic shifts and declining public trust in institutions.

According to the report, Australia’s involvement in international policy discussions has, at times, exposed it to possible retaliation from foreign actors through activities ranging from grey zone operations to preparations for state-sponsored sabotage.

It further notes that the effects of overseas conflicts have influenced domestic sentiment and social cohesion, contributing to risks such as ideologically driven vandalism, politically motivated violence and lone-actor extremism.

To address these challenges, the government emphasises the need for adaptable risk management strategies that reflect shifting dependencies, short- and long-term supply chain issues and ongoing geopolitical tensions.

The report divides priority risks into two categories: those considered most plausible and those deemed most harmful. Among the most convincing are extreme-impact cyber incidents and geopolitically driven supply chain disruption.

The most damaging risks include disrupted fuel supplies, major cyber incidents and state-sponsored sabotage. The review notes that because critical sectors are increasingly interdependent, disruption in one area could have cascading impacts on others.

Australia currently imports 61 percent of its fuel from the Middle East, with shipments transiting maritime routes that are vulnerable to regional tensions. Many global shipping routes also pass through the Taiwan Strait, where conflict would significantly affect supply chains.

Home Affairs Minister Tony Burke said the review aims to increase understanding of the risks facing Australia’s essential services and inform efforts to enhance resilience.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

M&S profits plunge after costly cyberattack

Marks & Spencer says a major cyberattack around Easter forced it to shut its website to orders for about six weeks, disrupting logistics, emptying shelves and sending customers to rivals. The breach also exposed personal data, including names, email and postal addresses, and dates of birth.

The incident was traced to ‘human error’, according to chief executive Stuart Machin. M&S estimated the attack cost around £324 million in lost sales, partly offset by a £100 million insurance payout, and expects a total profit impact of about £136 million for the year.

Home delivery restarted in June, while click and collect returned in August, but fashion, home and beauty recovered more slowly than food as the retailer rebuilt systems and worked through backlogs. M&S says online trading has steadily improved and it expects operations to be fully restored by year-end.

The company has pledged tighter security controls and processes following the attack, which highlighted the vulnerability of retail supply chains to cyber incidents. The attack comes amid a surge in cyber incidents targeting UK retailers, including recent campaigns where hackers posed as IT staff to breach corporate networks.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

UN treaty sparks debate over digital cybersecurity

A new UN cybercrime treaty opened for signature on 25 October, raising concerns about digital cybersecurity and privacy protections. The treaty allows broad cross-border cooperation on serious crimes, potentially requiring states to assist investigations that conflict with domestic laws.

Negotiations revealed disagreements over the treaty’s scope and human rights standards, primarily because it grants broad surveillance powers without clearly specifying safeguards for privacy and digital rights. Critics warn that these powers could be misused, putting digital cybersecurity and the rights of citizens at risk.

Governments supporting the treaty are advised to adopt safeguards, including limiting intrusive monitoring, conditioning cooperation on dual criminality, and reporting requests for assistance transparently. Even with these measures, experts caution that the treaty could pose challenges to global digital cybersecurity protection.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Cyber and energy leaders meet to harden EU power grid resilience

Europe’s 8th Cybersecurity Forum in Brussels brought together more than 200 officials and operators from energy, cybersecurity and technology to discuss how to protect the bloc’s increasingly digital, decentralised grids. ENISA said strengthening energy infrastructure security is urgent as geopolitics and digitalisation raise risk.

Discussions focused on turning new EU frameworks into real-world protection: the Cyber Resilience Act placing board-level responsibility for security, the NIS2 Directive updating obligations across critical sectors, and the Network Code on Cybersecurity setting common rules for cross-border electricity flows. Speakers pressed for faster implementation, better public-private cooperation and stronger supply-chain security.

Case studies highlighted live threats. Ukraine’s National Cybersecurity Coordination Center warned of the growing threat of hybrid warfare, citing repeated Russian cyberattacks on its power grid dating back to 2015. ENCS demonstrated how insecure consumer-energy devices like EV chargers, PV inverters, and home batteries can be easily exploited when security-by-design measures are absent.

Organisers closed with a call to standardise best practice, improve information sharing and coordinate operators, regulators and suppliers. As DG Energy’s Michaela Kollau noted, the resilience of Europe’s grids depends on a shared commitment to implementing current legislation and sector cybersecurity measures.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

AI-driven cybercrime rises across Asia

Cybersecurity experts met in Dubai for the World Economic Forum’s Annual Global Future Councils and Cybersecurity meetings. More than 500 participants, including 150 top cybersecurity leaders, discussed how emerging technologies such as AI are reshaping digital security.

UAE officials highlighted the importance of resilience, trust and secure infrastructure as fundamental to future prosperity. Sessions examined how geopolitical shifts and technological advances are changing the cyber landscape and stressed the need for coordinated global action.

AI-driven cybercrime is rising sharply in Japan, with criminals exploiting advanced technology to scale attacks and target data. Recent incidents include a cyber attack on Asahi Breweries, which temporarily halted production at its domestic factories.

Authorities are calling for stronger cross-border collaboration and improved cybersecurity measures, while Japan’s new Prime Minister, Sanae Takaichi, pledged to enhance cooperation on AI and cybersecurity with regional partners.

Significant global developments include the signing of the first UN cybercrime treaty by 65 nations in Viet Nam, establishing a framework for international cooperation, rapid-response networks and stronger legal protections.

High-profile cyber incidents in the UK, including attacks on Jaguar Land Rover and a nursery chain, have highlighted the growing economic and social costs of cybercrime. These events are prompting calls for businesses to prioritise cyber resilience.

Experts warn that technology is evolving faster than cyber defences, leaving small businesses and less developed regions highly vulnerable. Integrating AI, automation and proactive security strategies is seen as essential to protect organizations and ensure global digital stability.

Cyber resilience is increasingly recognised not just as an IT issue but as a strategic imperative for economic and national security.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Poland indicts former deputy justice minister in Pegasus spyware case

Poland’s former deputy justice minister, Michał Woś, has been indicted for allegedly authorising the transfer of $6.9 million from a fund intended for crime victims to a government office that later used the money to purchase commercial spyware.

Prosecutors claim the transfer took place in 2017. If convicted, Woś could face up to 10 years in prison.

The indictment is part of a broader investigation into the use of Pegasus, spyware developed by Israel’s NSO Group, in Poland between 2017 and 2022. The software was reportedly deployed against opposition politicians during that period.

In April 2024, Prime Minister Donald Tusk announced that nearly 600 individuals in Poland had been targeted with Pegasus under the previous Law and Justice (PiS) government, of which Woś is a member.

Responding on social media, Woś defended the purchase, writing that Pegasus was used to fight crime, and “that Prime Minister Tusk and Justice Minister Waldemar Żurek oppose such equipment is not surprising—just as criminals dislike the police, those involved in wrongdoing dislike crime detection tools.”

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Lawmakers urge EU to curb Huawei’s role in solar inverters over security risks

Lawmakers and security officials are increasingly worried that Huawei’s dominant role in solar inverters could create a new supply-chain vulnerability for Europe’s power grids. Two MEPs have written to the European Commission urging immediate steps to limit ‘high-risk’ vendors in energy systems.

Inverters are a technology that transforms solar energy into the electrical current fed into the power network; many are internet-connected so vendors can perform remote maintenance. Cyber experts warn that remote access to large numbers of inverters could be abused to shut devices down or change settings en masse, creating surges, drops or wider instability across the grid.

Chinese firms, led by Huawei and Sungrow, supply a large share of Europe’s installed inverter capacity. SolarPower Europe estimates Chinese companies account for roughly 65 per cent of the market. Some member states are already acting: Lithuania has restricted remote access to sizeable Chinese installations, while agencies in the Czech Republic and Germany have flagged specific Huawei components for further scrutiny.

The European Commission is preparing an ICT supply-chain toolbox to de-risk critical sectors, with solar inverters listed among priority areas. Suspicion of Chinese technology has surged in recent years. Beijing, under President Xi Jinping, requires domestic firms to comply with government requests for data sharing and to report software vulnerabilities, raising Western fears of potential surveillance.

Would you like to learn more aboutAI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Scouts can now earn AI and cybersecurity badges

In the United States, Scouting America, formerly known as the Boy Scouts, has introduced two new merit badges in AI and cybersecurity. The badges give scouts the opportunity to explore modern technology and understand its applications, while the organisation continues to adapt its programs to a digital era. Scouting America has around a million members and offers hundreds of merit badges across a wide range of skills.

The AI badge challenges scouts to examine AI’s effects on daily life, study deepfakes, and complete projects that demonstrate AI concepts. The cybersecurity badge teaches practical tools to stay safe online, emphasises ethical behaviour, and introduces scouts to a career field with thousands of unfilled positions.

Earlier this year, Scouting America launched Scoutly, an AI-powered chatbot designed to answer questions about the organisation and its merit badges. The initiative is part of Scouting America’s broader effort to modernise its programs and prepare young people for opportunities in an increasingly digital world.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!