cybersecurity

FIFA World Cup 2026 faces growing AI and cybersecurity threats

The FIFA World Cup 2026 is not only a football tournament. It is one of the largest digital security tests ever associated with a global public event.

With 48 teams, 104 matches and 16 host cities spread across the USA, Canada and Mexico, the ongoing tournament creates a vast network of stadium systems, ticketing platforms, broadcasters, hotels, transport providers, mobile applications, public Wi-Fi networks, payment systems, and connected devices.

The scale of digital interconnection is unprecedented in the history of international sport.

The Canadian Centre for Cyber Security has warned that the event will almost certainly attract cybercriminals, state-sponsored actors and other threat groups because of its visibility, infrastructure complexity, and broad supplier ecosystem.

Similar concerns have been raised by cybersecurity researchers, government agencies and intelligence analysts, all of whom view the tournament as a high-value target.

Canada warns FIFA World Cup 2026 could face cyberattacks, scams and AI-driven disinformation.

What makes the World Cup 2026 particularly significant is the growing role of AI.

AI will support crowd management, threat detection, cybersecurity operations, content moderation, logistics planning, and fan engagement. Ironically, the same technologies will provide attackers with powerful new tools to automate phishing campaigns, generate convincing deepfakes, conduct fraud operations and spread disinformation at an unprecedented scale.

Perhaps paradoxically, the result is a tournament where AI functions simultaneously as a defensive capability and an offensive weapon.

The largest entertainment attack surface in history

Cybersecurity experts have described the FIFA World Cup 2026 as the ‘largest global entertainment attack surface in history’. The description reflects not only the size of the tournament but also the complexity of its digital ecosystem.

Every match involves interactions between permanent stadium infrastructure, temporary commercial suppliers, cloud service providers, telecommunications operators, transportation networks, emergency services, broadcasters, and millions of fans. Unlike previous tournaments, many of these systems are deeply integrated through digital platforms and real-time data exchanges.

Researchers have noted that the attack surface extends far beyond FIFA’s own networks. Airlines, hotels, payment processors, media organisations, local authorities, ride-sharing platforms and tourism providers all become part of the broader security environment. A successful attack on any of these entities could create disruption that affects the tournament itself.

The Center for Strategic and International Studies (CSIS) has divided the World Cup attack surface into three layers. The first includes direct tournament infrastructure such as stadiums, ticketing systems, and broadcasting operations.

The second includes supporting infrastructure such as telecommunications networks, transportation systems and cloud providers. The third consists of millions of individual devices belonging to players, officials, journalists, sponsors and supporters.

Consequently, a cyber incident does not need to compromise FIFA directly to have significant consequences. A ransomware attack affecting a hotel chain, a denial-of-service attack against a transportation provider, or a breach of a ticketing partner could undermine public confidence and create operational disruption in multiple host cities.

AI-driven cybercrime and financial fraud

The most immediate threat facing supporters is financially motivated cybercrime. Major sporting events have historically attracted fraud schemes, but AI significantly increases their sophistication and reach.

Criminal groups are expected to exploit public interest through phishing campaigns, social engineering operations, fake ticket sales, fraudulent travel packages, malicious mobile applications and counterfeit livestreaming services.

The Canadian Centre for Cyber Security highlighted research indicating that more than 4,300 suspicious World Cup-related domains had already been identified by August 2025.

Generative AI allows attackers to produce convincing communications in multiple languages within seconds. Emails can imitate official FIFA announcements, airline notifications, hotel confirmations or ticketing updates with remarkable accuracy. AI-generated text can eliminate many of the grammatical errors that have traditionally exposed phishing attempts.

The personalisation capabilities of AI further increase effectiveness. Information gathered from social media profiles can be used to create tailored messages targeting specific individuals.

A supporter who has publicly discussed attending a World Cup match may receive a realistic-looking email containing details of a stadium, flight, or accommodation booking.

Cybersecurity researchers also warn about AI-powered chatbots designed to engage victims in extended conversations, gradually building trust before directing them towards malicious websites or fraudulent payment portals.

Such attacks represent an evolution beyond traditional phishing because they can adapt dynamically to the victim’s responses.

Deepfakes, disinformation and information warfare

One of the most significant AI-related concerns surrounding the World Cup is the potential use of deepfake technology and synthetic media.

Deepfakes can generate highly realistic audio, video, and images depicting events that never occurred. During a tournament watched by billions of people, such content could spread rapidly before verification mechanisms have time to respond.

Ball, Football, Soccer, Soccer Ball, Sport, Adult, Male, Man, Person, Computer, Electronics, Laptop, Pc, Cup, Screen, Computer Hardware, Hardware, Accessories, Formal Wear, Tie, Monitor, Phone, Electrical Device, Microphone, Mobile Phone, Book, Publication, Blackboard, People, Face, Head, Gianni Infantino, Lionel Messi

A fabricated video appearing to show a national team manager criticising players, a fake government announcement warning of security threats, or an AI-generated recording supposedly involving FIFA officials could create confusion and damage reputations.

Even brief circulation of false information may influence public perception, financial markets, or security decisions.

Threat actors are very likely to employ AI-generated articles, images and videos during the World Cup tournament. Furthermore, state-sponsored influence operations remain possible, particularly if geopolitical tensions involving participating nations intensify.

The risk is not limited to political manipulation. Criminal groups may use deepfakes to support fraud operations, impersonate public figures or create fake emergency announcements designed to generate panic.

The speed of modern social media platforms means that misleading content can reach millions of users before fact-checking efforts can become effective.

The World Cup, therefore, represents a major test for digital information resilience. Governments, media organisations and technology platforms will need rapid verification capabilities to distinguish authentic content from increasingly sophisticated synthetic media.

Critical infrastructure and operational technology risks

The World Cup’s dependence on critical infrastructure creates another layer of cybersecurity concern.

Electricity grids, water systems, telecommunications networks, transportation infrastructure and emergency communications all support tournament operations. Any disruption affecting these systems could have consequences extending far beyond football matches.

Security researchers have warned that operational technology environments often remain less protected than traditional information technology networks. Many infrastructure systems were designed decades ago, long before cybersecurity became a primary concern.

As digital connectivity expands, vulnerabilities within such systems become increasingly attractive targets.

A cyber-attack on public transportation networks could delay tens of thousands of supporters travelling to World Cup matches. Disruptions affecting telecommunications systems could interfere with emergency coordination, media coverage and public communications.

Attacks targeting stadium access systems could create safety concerns if spectators are unable to enter or exit venues efficiently.

The multinational structure of the tournament further increases its complexity. The US, Canada and Mexico operate under different legal frameworks, cybersecurity standards and regulatory environments.

Effective protection, therefore, requires unprecedented levels of coordination between public authorities and private sector partners in the three countries.

Protecting fan data and digital identities

The FIFA World Cup generates enormous volumes of personal data. Ticket purchases, accommodation bookings, transportation arrangements, mobile applications, loyalty programmes and payment systems all collect information about supporters.

Such datasets are highly attractive to cybercriminals. Personal information can be used for identity theft, financial fraud, account takeovers or targeted phishing campaigns. The concentration of large numbers of international visitors further increases the value of collected data.

Digital ticketing systems present both opportunities and risks. While electronic tickets reduce certain forms of fraud and improve operational efficiency, they also create new attack vectors. Compromised accounts, stolen credentials and fake ticket marketplaces can all exploit digital ticketing ecosystems.

The use of biometric technologies introduces additional challenges. Facial recognition systems may be employed for security screening, venue access or identity verification. Although such technologies can improve efficiency and security, they also raise questions about privacy, consent, data retention, and oversight.

Person, Electronics, Mobile Phone, Phone, Adult, Male, Man, Computer Hardware, Hardware, Monitor, Screen, Guard, Face, Head, Mattia De Sciglio

Maintaining public trust requires transparency regarding how personal information is collected, stored, and protected. Strong cybersecurity measures must be accompanied by clear governance frameworks and accountability mechanisms.

Online abuse and AI moderation

Cybersecurity during the World Cup extends beyond technical attacks. Online abuse, harassment and hate speech represent significant digital risks affecting players, officials and supporters.

Experience from previous tournaments illustrates the scale of the problem. FIFA reported that one in five players participating in the 2023 Women’s World Cup experienced online abuse. Through the Social Media Protection Service, nearly 117,000 comments were hidden or blocked during the competition. Almost half of the abusive messages were classified as sexist, sexual, or homophobic.

The scale of online interaction surrounding the men’s World Cup is expected to be substantially larger. Social media platforms, therefore, face significant pressure to prevent abuse while preserving legitimate expression.

Ofcom has already warned platforms about their responsibilities under the UK Online Safety Act. The regulator expects companies to maintain effective reporting systems, sufficient moderation resources and rapid responses to illegal content.

Tech companies face scrutiny during the FIFA World Cup as Ofcom monitors compliance.

AI will play a central role in content moderation efforts.

Machine learning systems can analyse vast quantities of user-generated content and identify harmful material much faster than human moderators alone. However, AI moderation remains imperfect. Algorithms may struggle with sarcasm, cultural context, local languages or rapidly evolving forms of abuse.

Balancing safety and freedom of expression will remain one of the most challenging governance issues during the World Cup.

AI as a cybersecurity enabler

Despite the risks, AI has become an essential component of modern cybersecurity strategies.

Security operations centres generate enormous volumes of alerts, logs and threat intelligence data. Human analysts alone cannot process this information effectively. AI enables organisations to identify patterns, prioritise risks, and respond more rapidly to emerging threats.

Machine learning systems can detect unusual network behaviour that may indicate malicious activity. AI tools can analyse phishing campaigns, identify fraudulent domains and uncover relationships between seemingly unrelated attacks.

cybersecyrity AI

Automated systems can isolate compromised devices and block suspicious traffic before significant damage occurs.

AI is also becoming increasingly important for threat intelligence. Security teams use machine learning models to analyse information from global threat feeds, identify emerging attack techniques and predict potential risks. During an event as large as the FIFA World Cup, such capabilities may provide critical advantages.

Beyond cybersecurity, AI supports broader security operations. Computer vision systems can monitor crowd movement, identify congestion points, and assist with emergency planning. Predictive analytics can help authorities allocate resources more effectively and improve incident response capabilities.

Nevertheless, AI should be viewed as a force multiplier rather than a replacement for human expertise. Automated systems can produce false positives, miss novel attack methods or be manipulated through adversarial techniques. Human oversight remains essential, particularly when decisions affect public safety and civil liberties.

International cooperation and long-term implications

The cybersecurity challenge facing the World Cup cannot be addressed by FIFA alone. Effective protection requires collaboration among governments, intelligence agencies, law enforcement organisations, cloud providers, telecommunications companies, stadium operators, and cybersecurity firms.

Information sharing will be particularly important. Threat intelligence must move rapidly across organisations and national borders. Attack indicators identified in one host city may become relevant to another within minutes.

Adult, Male, Man, Person, Astronomy, Outer Space, Body Part, Hand, Globe, Planet, Handcuffs

The World Cup also serves as a preview of the future challenges facing large-scale public events. As AI becomes increasingly integrated into infrastructure, transportation, communications and security operations, future tournaments will become even more dependent on digital technologies.

The lessons learned from 2026 are therefore likely to influence cybersecurity planning for future Olympic Games, continental championships, political summits and other international gatherings.

Conclusion

The FIFA World Cup 2026 demonstrates how deeply sport has become intertwined with the digital world. Football remains the centrepiece of the tournament, but its success depends equally on cybersecurity, AI governance and operational resilience.

AI will help protect infrastructure, support threat detection, improve crowd management, and strengthen cyber defence capabilities. At the same time, it will enable more sophisticated phishing campaigns, more convincing deepfakes, more effective disinformation operations and increasingly personalised fraud schemes.

The central challenge is not whether AI should be used. The challenge is how it can be deployed responsibly, securely and transparently within one of the most complex public events ever organised.

Success will depend on balancing innovation with security, automation with human oversight and efficiency with public trust.

The real test for FIFA, host governments and technology providers will be resilience. Cyber incidents are almost inevitable given the scale and visibility of the tournament. What will matter most is the ability to detect threats quickly, limit disruption, recover effectively and maintain public confidence.

Ultimately, the FIFA World Cup 2026 may be remembered as the first truly AI-era World Cup, where cybersecurity, misinformation and digital resilience have become as important as events on the pitch.

As citizens, supporters and digital users, we each have a role to play in protecting the integrity of the information and technologies that increasingly shape our lives.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Ottawa strengthens role in quantum computing and cybersecurity research

Researchers and technology experts in Ottawa are contributing to advances in quantum computing, a technology that could transform fields such as drug discovery, clean energy and space exploration by solving highly complex problems beyond the reach of many conventional computers.

Researchers said quantum computing could accelerate scientific discovery and enable breakthroughs that may eventually translate into practical applications across a range of industries. However, the technology also presents significant cybersecurity challenges, as sufficiently advanced quantum computers could eventually undermine widely used encryption methods that protect digital communications and online services.

The University of Ottawa is conducting research into quantum communications and cryptography aimed at developing security technologies capable of withstanding future quantum-enabled threats. Researchers are working to better understand the fundamentals of quantum mechanics and future security systems.

Industry representatives said Ottawa’s concentration of cryptographic expertise has helped establish this city in Canada as an important centre for quantum cybersecurity research and innovation.

Why does it matter?

Quantum computing has the potential to become one of the most transformative technologies of the coming decades. Its ability to process certain types of complex calculations far more efficiently than conventional computers could accelerate advances in areas such as materials science, pharmaceuticals, energy systems and scientific research.

At the same time, quantum technologies present a major cybersecurity challenge. Many of today’s encryption systems were designed for classical computers and could become vulnerable to future quantum attacks. As a result, governments, universities and technology companies are investing in quantum-safe cryptography and secure communications. Ottawa’s growing role in quantum research reflects a broader international effort to prepare for both the opportunities and security implications of the quantum era.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

INTERPOL report warns of rising cybercrime across Asia-Pacific

INTERPOL has published its 2025/2026 Asia and South Pacific Cyberthreat Assessment Report, covering the period from January 2024 to March 2025. The report documents a rise in cybercrime across the region, attributing the trend to expanding digital infrastructure, the adoption of new technologies and increasingly organised criminal networks.

More than half of the countries surveyed reported that cybercrime accounts for over 30% of all crimes recorded nationally. Phishing and related online scam techniques were identified as the most common and financially damaging forms of cybercrime, with 33 % of surveyed countries recorded over 10,000 such cases.

Neal Jetton, INTERPOL’s Cybercrime Director, said the findings demonstrate how cybercriminals are increasingly exploiting AI, ransomware-as-a-service models and sophisticated social engineering techniques. He noted that operational cooperation, information sharing, and cyber resilience are factors relevant to protecting communities and infrastructure as digital adoption in the region increases.

Growth in internet connectivity, mobile banking, cloud computing, and digital financial services has accompanied this cybercriminal activity, according to the report.

Survey respondents also highlighted challenges for law enforcement, including gaps in specialised forensic tools, cybercrime training and technical capacity. The report also notes differences in cybersecurity capacity across countries.

Some countries have established cybersecurity frameworks and institutional capabilities, while others, including developing countries and small island states, reported resource and capacity constraints.

The report identifies jurisdictions with fragmented enforcement structures, limited technical capabilities, and weaker legislation as more exposed to exploitation by cybercriminal actors.

The report was prepared through the Asia and South Pacific Joint Operations against Cybercrime (ASPJOC) project, funded by the United Kingdom’s Foreign, Commonwealth & Development Office (FCDO). It draws on information submitted by 18 INTERPOL member countries in the Asia and South Pacific region, along with contributions from private sector partners, operational case studies, and analysis of emerging cyber threat trends.

It is one of several regional cyber threat assessments produced by INTERPOL, alongside similar reports covering regions such as Africa. The full report is available from INTERPOL.

Why does this matter?

The report highlights how cybercrime is becoming a major security, economic and governance challenge across Asia and the South Pacific. As countries expand digital infrastructure, online banking, cloud services and digital government initiatives, cybercriminals are finding new opportunities to exploit vulnerabilities and target individuals, businesses and critical sectors.

The findings also illustrate the growing role of AI in cyberspace. While organisations increasingly use AI to strengthen cybersecurity, threat actors are adopting the same technologies to enhance phishing campaigns, generate deepfakes and automate attacks. This accelerating technological competition underscores the importance of international cooperation, cyber capacity-building and information sharing to strengthen resilience across the region.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

ChatGPT set to join Pentagon’s GenAI.mil platform

Mohammed Husain, OpenAI’s Strategic Delivery Lead for Cyber, said at the Defense One Tech Summit in Virginia that the company expects to launch ChatGPT on GenAI.mil, the US Department of Defense’s enterprise-wide generative AI platform, in early July. The deployment would extend ChatGPT access to more than 3 million defence, civilian, and military personnel.

According to Husain, the version of ChatGPT deployed on GenAI.mil will be certified to handle Controlled Unclassified Information (CUI) and operate at Impact Level 5 (IL5), a Defense Department cloud security classification for systems processing sensitive unclassified information. Husain said OpenAI continues to coordinate with the Pentagon’s Chief Digital and Artificial Intelligence Office (CDAO) on the rollout.

The Department of Defense launched GenAI.mil in December 2025, initially centred on Gemini for Government, before announcing plans to integrate models from OpenAI and xAI. Outside GenAI.mil, federal agencies have had access to ChatGPT since at least January 2025 through ChatGPT Gov.

In August 2025, OpenAI and the General Services Administration reached a OneGov agreement that reduced the price of ChatGPT access for federal agencies. Most recently, OpenAI’s GPT-5.4 model became available to federal government users on Amazon Bedrock and AWS GovCloud earlier this month.

Husain said that as the Department of Defense adopts more capable models, token consumption, the units used by AI systems to process and generate information, is likely to increase, particularly for higher-value tasks.

He pointed to Amazon’s early June announcement that OpenAI’s GPT-5.5, GPT-5.4, and Codex models are now available on Amazon Bedrock as an example of broader access to more capable, token-intensive models.

Husain said token efficiency, measured by the cost of completing tasks rather than raw processing speed, is expected to become an increasingly important consideration in government AI deployments as model capabilities advance.

Why does this matter?

The planned rollout highlights how frontier AI models are moving from experimental deployments into core government and defence infrastructure. Rather than relying on a single provider, the Pentagon is building an ecosystem that includes models from OpenAI, Google and xAI, reflecting a broader strategy of integrating commercial AI capabilities into operational environments.

The development also illustrates the growing institutionalisation of relationships between leading AI companies and national security organisations. As advanced AI systems become embedded in government workflows, questions around security, procurement, oversight, interoperability, and strategic dependence on private-sector AI providers are likely to become increasingly important.

The deployment of ChatGPT on GenAI.mil, therefore, represents not only a technology upgrade but also a step in the evolving governance of AI within national security institutions.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

European consortium launches SHIELD-6G project to develop cybersecurity capabilities for future 6G networks

A consortium of 19 organisations from across Europe has launched SHIELD-6G (Scalable, Hybrid, and Intelligent End-to-End Defense for 6G Networks), a research and innovation project aimed at developing cybersecurity technologies for future 6G communications networks.

The project is coordinated by University College Dublin and brings together universities, research institutes, telecommunications operators, technology companies, and small and medium-sized enterprises from 10 European countries, including Ireland, Spain, Finland, France, the Netherlands, Italy, Greece, Latvia, Estonia, and Türkiye.

According to the consortium, SHIELD-6G will focus on developing a cyber threat intelligence platform designed for future 6G environments. The platform is intended to support the detection, analysis, and response to cyber threats, including previously unknown vulnerabilities and attacks.

The project will explore several technology areas, including AI-based threat detection and response, federated learning for privacy-preserving data processing, digital twin technologies for security testing, and explainable AI approaches intended to improve transparency in cybersecurity operations.

Researchers will evaluate the technologies through use cases in healthcare, smart manufacturing, and maritime communications. These sectors are expected to rely increasingly on advanced connectivity and automated digital systems, creating new cybersecurity requirements.

The initiative is funded through the European Union’s Horizon Europe programme under the Smart Networks and Services Joint Undertaking (SNS JU), which supports research and innovation activities related to future communication networks and services.

According to the project description, SHIELD-6G is expected to contribute to the development of automated network security capabilities, real-time threat detection and mitigation mechanisms, and approaches to compliance and auditing. The consortium also plans to contribute to ongoing discussions on 6G standardisation.

Commenting on the launch, Madhusanka Liyanage of University College Dublin said future communication networks will require security and resilience measures capable of supporting increasingly critical digital services. He said the project aims to develop cybersecurity capabilities that can help protect those services while supporting the broader development of future connectivity infrastructure.

SHIELD-6G is one of several projects funded under the SNS JU programme that aim to advance research on 6G technologies and related cybersecurity challenges as Europe prepares for the next generation of digital communications networks.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Canada enacts cybersecurity legislation to protect critical infrastructure

Canada has strengthened its national cybersecurity framework after Bill C-8, the Act Respecting Cyber Security (ARCS), received Royal Assent.

The legislation is designed to strengthen the security of critical infrastructure and telecommunications networks that support essential services across Canada.

The new law amends the Telecommunications Act by making security an explicit policy objective and granting the government additional powers to require action against threats targeting telecommunications systems.

The legislation also establishes the Critical Cyber Systems Protection Act, creating a regulatory framework for designated operators in the finance, telecommunications, energy and transportation sectors.

Under the new framework, organisations responsible for critical systems will be required to implement enhanced cybersecurity measures, report significant cyber incidents and comply with new security obligations. The government of Canada argues that the measures are necessary as cyber threats continue to increase in both frequency and sophistication.

While amendments to the Telecommunications Act take effect immediately, implementation of the Critical Cyber Systems Protection Act will occur gradually through a phased approach. Canadian officials said the legislation will help strengthen national resilience, protect sensitive information and support the uninterrupted operation of essential services.

Why does it matter?

The legislation reflects a growing international shift towards mandatory cybersecurity requirements for operators of critical infrastructure. Governments increasingly view cyber resilience as a matter of national security, particularly as cybercriminal groups and state-linked actors target sectors whose disruption could have significant economic and societal consequences.

The new framework also signals a move from voluntary cybersecurity practices towards enforceable obligations. By requiring organisations to strengthen security measures, report incidents and comply with regulatory requirements, Canada is seeking to improve visibility into cyber threats and reduce risks to essential services and national infrastructure.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

IMF chief calls for stronger cooperation on AI-related cybersecurity risks

International Monetary Fund (IMF) Managing Director Kristalina Georgieva has called for greater international cooperation to address cybersecurity risks associated with advanced AI systems, warning that rapidly evolving AI capabilities could pose challenges for the global financial system if misused.

Speaking to journalists in Brussels, Georgieva said new AI models are increasing the ability to identify cybersecurity vulnerabilities at a scale previously unavailable. She noted that these capabilities can support efforts to strengthen cyber defences by helping organisations detect and address weaknesses more quickly.

At the same time, Georgieva said the same capabilities could be misused by malicious actors. Referring to recent developments in advanced AI systems, she said that frontier models can be used positively to identify cybersecurity vulnerabilities but that, ‘in the wrong hands,’ those capabilities could be directed against financial infrastructure.

Her comments come amid growing discussion among policymakers, regulators, and financial institutions about the implications of increasingly capable AI systems for cybersecurity and financial stability. Earlier this year, Georgieva warned that the international monetary system was not adequately prepared to address rapidly evolving AI-related cyber risks and called for greater attention to safeguards needed to protect financial stability.

According to Georgieva, stronger cooperation will be necessary across countries and sectors to address these risks. She highlighted the importance of collaboration between advanced and developing economies, as well as between public institutions and private-sector actors responsible for critical digital infrastructure.

She also pointed to the interconnected nature of the global financial system, arguing that vulnerabilities in one jurisdiction can have wider implications. Because financial systems are closely linked across borders, weaknesses in cybersecurity protections may create risks beyond the countries where they originate.

In addition to cooperation, Georgieva stressed the importance of investing in cyber resilience. She said governments should consider cybersecurity requirements when planning public spending and ensure that sufficient resources are available to strengthen defences against evolving threats.

Her remarks align with broader concerns raised by financial authorities regarding the growing role of AI in cybersecurity. While advanced models may help identify vulnerabilities and improve defensive capabilities, they may also lower barriers for conducting sophisticated cyber operations. Financial institutions and regulators have increasingly examined how to strengthen preparedness and resilience in response to these developments.

Georgieva also referred to broader risks associated with rapid AI adoption, including the potential for market volatility driven to changing expectations for AI technologies. She described such risks as low-probability but potentially high-impact events.

The IMF has previously highlighted the economic implications of AI, including its potential effects on labour markets and productivity. Georgieva has argued that governments should prepare for significant technological change while ensuring that the benefits of AI are broadly shared.

Why does it matter?

The comments in Brussels place cybersecurity and financial resilience at the centre of ongoing discussions about AI governance. As governments, regulators, and financial institutions continue to assess the implications of increasingly capable AI systems, questions around international cooperation, preparedness, and cyber resilience are expected to remain a key focus of policy discussions.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU tests cyber crisis response for rail and maritime networks

The European Commission has carried out Cyber Europe 2026, a large-scale cybersecurity exercise testing how Europe would respond to attacks on rail and maritime transport networks.

Organised by the EU Agency for Cybersecurity, the exercise took place on 10 and 11 June and involved around 5,000 experts from across the EU, industry and partner countries. Participants included cybersecurity specialists from the public and private sectors, policymakers, the EU institutions and representatives from the UK, Norway, Switzerland and Ukraine.

The scenario simulated cyberattacks on Europe’s rail and maritime networks, causing severe operational disruption and escalating into a wider cybersecurity crisis. The exercise was designed to test coordination between authorities, industry and institutions during a major cross-border incident affecting critical transport infrastructure.

Cyber Europe 2026 was also the first EU-wide test of the 2025 EU Cyber Blueprint, which clarifies roles and responsibilities during a cyber crisis. The exercise also tested the Cybersecurity Reserve, created under the Cyber Solidarity Act to provide support during significant cybersecurity incidents.

The Commission said lessons from the exercise will help consolidate the Cyber Blueprint and embed cyber crisis management more firmly into the EU’s wider emergency preparedness and response frameworks.

Why does it matter?

Transport networks are critical infrastructure, and cyber incidents affecting ports, railways or logistics systems can disrupt trade, supply chains, military mobility and emergency response across borders. Cyber Europe 2026 is important because it tests not only technical response, but also EU-level coordination, crisis decision-making and support mechanisms under newer cyber resilience tools such as the Cyber Blueprint and Cybersecurity Reserve.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Anthropic launches Claude Fable 5 with advanced safety safeguards

Anthropic has launched Claude Fable 5, a new general-purpose AI model, alongside Claude Mythos 5, a more capable version reserved for selected cyber defence and infrastructure partners.

The company described Fable 5 as its most capable generally available model to date, with strong performance across software engineering, knowledge work, vision and scientific research. Anthropic said the model’s advanced capabilities pose misuse risks, particularly in cybersecurity and research biology.

To reduce those risks, Fable 5 includes additional safety classifiers designed to detect potential misuse, including attempts to bypass safeguards. When certain high-risk requests are detected, users may receive a response from Anthropic’s next-most-capable model, Claude Opus 4.8, rather than Fable 5.

Anthropic said the safeguards have been tuned conservatively and may sometimes block benign requests. According to the company, the fallback mechanism is triggered in less than 5% of sessions on average.

Claude Mythos 5 uses the same underlying model as Fable 5, but with some safeguards lifted in specific areas. Anthropic said it will initially deploy Mythos 5 through Project Glasswing, in collaboration with the US government, for a limited group of cyber defenders and critical software infrastructure providers.

The launch highlights a growing model governance approach in which access to frontier AI capabilities is tiered according to use case and risk. Anthropic said it plans to expand trusted access to Mythos 5 while continuing to refine safeguards for broader public use.

Why does it matter?

The release shows how frontier AI providers are increasingly linking capability deployment to access controls, model routing and domain-specific safeguards. As advanced systems become more useful for software engineering, cybersecurity and scientific research, companies face pressure to provide broad access while limiting misuse in dual-use areas. Anthropic’s split between Fable 5 and Mythos 5 reflects a wider governance question: who should receive access to the most capable AI systems, under what conditions, and with what oversight.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Study warns of self-replicating AI malware using real-time reasoning

Cybersecurity researchers have demonstrated an AI-powered computer worm capable of identifying vulnerabilities, generating attack strategies and spreading autonomously across networks. The study suggests that advances in AI agents could enable a new class of adaptive cyber threats capable of operating with minimal or no direct human intervention.

The research, conducted by teams from the University of Toronto, Vector Institute, University of Cambridge, and ServiceNow, describes malware that uses large language models to tailor its behaviour to each target. Unlike traditional worms, the system can adapt its attack methods in real time instead of relying solely on pre-programmed exploits.

Testing in a controlled virtual environment showed the system could successfully compromise multiple machines and replicate across a simulated network over several days. The worm also operated without relying on cloud infrastructure, running AI models locally on infected systems and using those resources to support its operations.

Researchers warned that such capabilities could signal a shift towards what they describe as ‘autonomous generative adversaries’ and stressed the need for stronger detection systems, evaluation frameworks and governance mechanisms. While details were limited to reduce misuse risks, the authors said the findings reflect how rapidly AI-enabled cyber capabilities are evolving.

Why does it matter? 

The research signals a shift in cyber risk from static, signature-based malware to autonomous systems capable of reasoning, adapting, and scaling attacks without human input.

As AI models become more capable and widely deployed, the line between tool and autonomous threat blurs, increasing pressure on cybersecurity systems, patching cycles, and regulation to keep up with real-time, evolving attacks.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Diplo chatbot can make mistakes. Consider checking important information.