Japan has announced plans to prioritise the use of domestic software for cybersecurity purposes, as part of an initiative to reduce the country’s reliance on foreign products in this critical sector.
The government intends to offer subsidies and support technology standards that will encourage the growth of the local cybersecurity industry. However, this move is also a part of the government’s broader efforts to enhance cyber defence and strengthen national security.
As of 2021, Japanese domestic companies were responsible for around 40% of the nation’s cybersecurity countermeasure products. For newer products, this share has significantly decreased, with domestic offerings accounting for less than 10% of the latest cybersecurity technologies.
The move reflects Japan’s increasing focus on cybersecurity as a national priority, particularly in the face of rising global cyber threats. By fostering a stronger domestic cybersecurity ecosystem, Japan aims to enhance its resilience against cyberattacks.
Experts, however, warned that that restricting foreign products could limit access to cutting-edge technologies, making the domestic industry potentially less competitive in terms of features, capabilities, or performance. This could hinder the effectiveness of cybersecurity defenses.
To support this transition, the government plans to offer financial incentives and collaborate with local technology providers to establish standardized solutions that meet both national and international security requirements.
These efforts are part of a broader strategy to ensure that Japan’s critical infrastructure and businesses are better protected in the digital age.
For more information on these topics, visit diplomacy.edu.
The Cybersecurity and Infrastructure Security Agency (CISA) has refused recent reports suggesting a shift in its approach to addressing cyber threats from Russia.
The Guardian published an article citing anonymous sources who claimed CISA analysts had been instructed not to report on Russian cyber threats, and that a Russia-related project was halted.
In response, CISA issued a statement, affirming its continued commitment to defending US critical infrastructure against all cyber threats, including those from Russia, and asserting that any claims of a change in strategy were inaccurate.
However, this story coincided with the news about a temporary order from Defense Secretary Pete Hegseth for US Cyber Command to halt all planning related to Russia, though the order did not apply to the National Security Agency.
Further reports from the Washington Post and New York Times indicated that this directive may be related to diplomatic efforts by President Donald Trump to engage Russia in negotiations about the war in Ukraine.
Russia, however, was absent in a recent speech by a senior State Department official on critical infrastructure cyber threats within the UN Open-Ended Working Group (OEWG).
For more information on these topics, visit diplomacy.edu.
A former top National Security Agency official has warned that widespread federal job cuts could severely undermine US cybersecurity and national security.
Rob Joyce, former NSA director of cybersecurity, told a congressional committee that eliminating probationary employees would weaken the government’s ability to combat cyber threats, particularly those from China.
The remarks were made during a House Select Committee hearing on China‘s cyber operations targeting critical United States infrastructure and telecommunications.
More than 100,000 federal workers have left their jobs through early retirement or layoffs as part of President Donald Trump’s efforts to shrink government agencies, with support from billionaire advisor Elon Musk.
While national security roles were supposed to be exempt, some cybersecurity positions have still been affected.
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has already cut over 130 positions, raising concerns about the government’s ability to protect critical systems.
The White House and NSA declined to comment on the impact of the job reductions.
A DHS spokesperson confirmed that the cuts are expected to save $50 million and that further reductions in ‘wasteful positions’ are being considered.
However, critics argue that the loss of skilled personnel in cybersecurity roles could leave the country more vulnerable to foreign threats.
For more information on these topics, visit diplomacy.edu.
Australia has banned Chinese AI startup DeepSeek from all government devices, citing security risks.
World leaders gathered in Paris for the second day of the Artificial Intelligence (AI) Action Summit, where the focus turned to balancing national interests with global cooperation.
DeepSeek, an up-and-coming AI startup from China, is rapidly pushing forward the release of its latest AI model, R2, following the remarkable success of its predecessor, R1.
Elon Musk’s AI startup, xAI, has unveiled its latest AI model, Grok-3, which the billionaire claims is the most advanced chatbot technology.
The New York Times has officially approved the use of AI tools for its editorial and product teams, allowing AI to assist with tasks such as generating social media copy, writing SEO headlines, and coding.
Microsoft has announced a groundbreaking quantum computing chip, Majorana 1, which it claims could make useful quantum computers a reality within years.
China has warned that the United States‘ efforts to pressure other nations into targeting its semiconductor industry will ultimately backfire.
Infrastructure
A state-of-the-art space lab on the outskirts of Cairo, touted as Africa’s first satellite production facility, has been built with substantial Chinese involvement.
Elon Musk’s Starlink network is facing increasing competition in the satellite internet market, particularly from SpaceSail, a Shanghai-based company backed by the Chinese government, and Amazon’s Project Kuiper.
Cybersecurity
The EU Commission introduced a proposal aimed at strengthening the EU’s response to large-scale cyber attacks.
Hackers have stolen $1.5 billion from Dubai-based cryptocurrency exchange Bybit in what is believed to be the largest digital heist in history.
Following the recent security breach at Bybit, major cryptocurrency firms have joined forces to combat the attack and mitigate its impact.
Digital rights
Elon Musk has reignited his rivalry with OpenAI by leading a consortium in a staggering $97.4 billion bid to acquire the nonprofit that governs the ChatGPT creator.
South Korea’s National Intelligence Service (NIS) has raised concerns about the Chinese AI app DeepSeek, accusing it of excessively collecting personal data and using it for training purposes.
TikTok has introduced a new method for US Android users to download the app directly from its website, bypassing restrictions imposed by app stores.
A US federal judge has denied a request to temporarily block Elon Musk’s Department of Government Efficiency (DOGE) from accessing data from seven federal agencies or making further workforce cuts.
Legal
An online education company has filed a lawsuit against Google, claiming its AI-generated search overviews are damaging digital publishing.
The Trump administration is reevaluating the conditions of CHIPS and Science Act subsidies, which allocate $39 billion to boost domestic semiconductor production.
Elon Musk-owned social media platform X has successfully removed a judge from a German court case concerning demands for real-time election data.
Trump Media & Technology Group and Rumble have filed an emergency motion in a US court against Brazilian Supreme Court Justice Alexandre de Moraes.
Internet economy
Chinese investors are flocking to AI-related stocks, betting that the success of home-grown startup DeepSeek will propel China to the forefront of the AI race amid the escalating Sino-US technology conflict.
In a meeting at the White House on Friday, US President Donald Trump and Nvidia CEO Jensen Huang discussed the emerging challenges posed by China’s AI advancements, particularly the rapid rise of DeepSeek that has disrupted the global tech industry.
Macron announced private sector investments totalling around 109 billion euros ($112.5 billion) in its AI sector at the Paris AI summit, according to President Emmanuel Macron.
Elon Musk, who is leading Donald Trump’s federal cost-cutting initiative, has announced that efforts are underway to shut down the United States Agency for International Development (USAID).
President Donald Trump confirmed on Wednesday that he was in active discussions with China over the future of TikTok, as the US seeks to broker a sale of the popular app.
Elon Musk’s social media company X is currently discussing raising funds from investors at a $44 billion valuation.
Development
Alibaba has announced plans to invest at least 380 billion yuan ($52.44 billion) in cloud computing and AI infrastructure over the next three years.
US drugmaker Amgen has announced a $200 million investment in a new technology centre in southern India, which will focus on using AI and data science to support the development of new medicines.
Sociocultural
A German court has ruled that Elon Musk’s social media platform X must provide researchers with data to track the spread of misinformation ahead of the country’s national election on 23 February.
French prosecutors have launched an investigation into X, formerly known as Twitter, over alleged algorithmic bias.
Meta has launched a new initiative with UNESCO to enhance AI language recognition and translation, focusing on underserved languages.
A Russian court has fined Google 3.8 million roubles (£32,600) for hosting YouTube videos that allegedly instructed Russian soldiers on how to surrender.
Mexico has strongly opposed Google’s decision to rename the Gulf of Mexico as the ‘Gulf of America’ for US Google Maps users.
For more information on cybersecurity, digital policies, AI governance and other related topics, visit diplomacy.edu.
Data Protection Day 2025: A new mandate for data protection
Data Protection Day 2025 brought experts to Brussels and online to discuss the latest privacy challenges. The event featured key speeches, panels, and discussions on data protection enforcement, international cooperation, and the impact of emerging technologies.
In his keynote, Leonardo Cervera Navas warned about algorithms being used to destabilise the EU democracies and the power imbalance caused by tech monopolies. Despite these challenges, he emphasised that European values and regulatory tools like the Digital Clearing House 2.0 could help uphold privacy.
A panel moderated by Kait Bolongaro examined data protection priorities and enforcement challenges. European Data Protection Supervisor Wojciech Wiewiorowski stressed the role of strong data protection authorities (DPAs) in ensuring GDPR compliance. Matthias Kloth highlighted the modernisation of Convention 108+ as a key legal advancement. The discussion also covered international cooperation, with panellists agreeing that while global collaboration is necessary, privacy standards must not be diluted.
Audience questions raised concerns about the complexity and cost of enforcing privacy rights. Wiewiorowski saw no major GDPR overhaul in the near future but suggested procedural adjustments. Jo Pierson proposed that civil society organisations assist individuals facing legal barriers. The discussion also touched on China’s DeepSeek AI, with panellists refraining from labelling it a threat but stressing the need for Europe to control AI training datasets. Wiewiorowski likened the AI race to the Cold War’s ‘Sputnik moment,’ questioning if Europe was falling behind.
A session on future data protection challenges, led by Anna Buchta, highlighted regulatory complexity. Marina Kaljurand noted a significant digital knowledge gap among European lawmakers, complicating policy decisions. She also raised concerns about the UK’s adequacy decision, which expires in June 2025, and worsening US-EU relations under Trump. UK Information Commissioner John Edwards emphasised AI’s disruptive impact on biometrics and tracking, while Alberto Di Felice from DIGITALEUROPE criticised excessive bureaucracy, advocating for streamlined regulatory oversight.
Beatriz de Anchorena, head of Argentina’s data protection authority, championed Convention 108+ as a global privacy standard. Argentina, the first non-European country to receive EU adequacy, has remained a leader in data protection reform.
A discussion on neuroscience and privacy, moderated by Ella Mein, explored ethical concerns surrounding brain data. Professor Marcello Ienca warned of potential ‘neuro-discrimination’ and the dangers of exploiting brain data. ECtHR Jurisconsult Anna Austin highlighted legal challenges, noting the high standards required for data waivers.
The final panel, led by Gabriela Zanfir-Fortuna, addressed the need for stronger enforcement. Johnny Ryan of the Irish Council for Civil Liberties criticised the EU’s slow response to data misuse, while Nora Ni Loideain emphasised the GDPR’s role in giving DPAs greater enforcement power.
The event underscored the need for robust regulation, global cooperation, and better enforcement mechanisms to protect privacy in a rapidly evolving digital landscape.
Legacy media vs social media and alternative media channels
The rapid spread of digital information has transformed communication, offering opportunities and challenges. While social media and alternative platforms have democratised access to information, they have also enabled misinformation, deepfakes, and sensationalism to flourish. The tension between traditional media and these new forms of communication is at the heart of current debates on content policy and media integrity.
The case of Novak Djokovic at the 2025 Australian Open highlights this shift. After a Channel 9 journalist made derogatory remarks about him and his Serbian supporters, Djokovic refused an on-court interview and took to social media to share his perspective. His video went viral, attracting support from figures like Elon Musk, who criticised traditional media as a ‘negativity filter,’ This incident underscored the ability of social media to bypass mainstream media narratives, raising questions about journalistic objectivity, editorial oversight, and the role of direct communication in shaping public discourse.
Elon Musk’s experience with the media further highlights these dynamics. After traditional media misrepresented a gesture he made at a public event, Musk turned to X (formerly Twitter) to counter the narrative. His criticism of ‘legacy media’ as biassed and slow to adapt resonated with many, reinforcing the growing preference for direct, unfiltered communication. However, this shift presents risks, as social media and alternative platforms lack the editorial oversight that traditional outlets provide, allowing misinformation to spread more easily.
The rise of podcasts, independent media, and social networks has disrupted traditional journalism, offering new ways to engage audiences. While these platforms provide greater freedom of expression, they raise concerns about accuracy, misinformation, and accountability. The challenge remains in balancing openness with factual integrity, ensuring that media—whether traditional or alternative—serves the public responsibly in an era where the boundaries between truth and fabrication continue to blur.
The Guardian reports on the shift in the USA digital diplomacy with a major impact on global cyber geopolitics. After rumours of dropping Russia as a cyber threat, the first public signal on this shift was the USA’s statement at the UN working group meeting on cybersecurity when Liesyl Franz, a US representative, did not indicate Russia as a cyber threat alongside China and Iran. It is a significant shift in the USA digital diplomacy and cyber geopolitics.
The US representative also omitted usual USA references to allies and partners in cyber politics. The Guardian reports on various concerns of this shift, including a view of James Lewis, USA cybersecurity veteran: ‘It’s incomprehensible to give a speech about threats in cyberspace and not mention Russia, and it’s delusional to think this will turn Russia and the FSB [the Russian security agency] into our friends.’
This repositioning aligns with ongoing efforts to improve US-Russia relations, contrasting starkly with European allies’ views on the threat posed by Russia. It remains to be seen if this shift relates only to cybersecurity or it the US will revisit other aspects related to AI and digital governance.
For more information on these topics, visit diplomacy.edu.
Twenty-three industry groups across Europe have urged EU officials to approve a draft cybersecurity certification for cloud services.
The certification scheme, which was introduced in 2020 by the European Union Agency for Cybersecurity (ENISA), aims to provide governments and businesses with reliable, secure cloud service providers.
It has been under revision since last year, with changes that favour major tech firms such as Microsoft, Google, and Amazon.
The groups, including the American Chamber of Commerce and various EU trade associations, argue that the updated draft, which will be finalised in March 2024, strikes a balance between robust security standards and an open market.
These revisions removed political provisions, such as requirements for US tech companies to partner with EU firms for data storage, focusing instead on technical security criteria.
Despite this, concerns linger about the European Commission potentially delaying or even scrapping the certification scheme altogether. The groups have strongly urged the EU to push forward with its adoption, believing it will support Europe’s digital economy while promoting secure cloud computing solutions.
For more information on these topics, visit diplomacy.edu.
The Philippine Army has acknowledged a cyberattack after a local hacking group claimed responsibility for breaching its systems and accessing sensitive documents.
Army spokesperson Col. Louie Dema-ala confirmed the event, describing it as an “illegal access attempt” that was quickly contained. While the group behind the attack has been identified, no damage or data theft has been reported at this time.
Earlier this week, the Philippine digital security advocacy group Deep Web Konek reported that the hacker group Exodus Security claimed to have compromised 10,000 records of active and retired service members. The leaked information allegedly includes personal and military data, such as names, ranks, addresses, medical records, financial information, and criminal histories. However, the authenticity and exact scope of the data have yet to be independently verified.
Philippine authorities have also reported recent attempts by foreign actors to access intelligence data. Minister for Information and Communications Ivan Uy stated that foreign state-sponsored hackers had attempted but failed to infiltrate government systems.
In January, authorities arrested a Chinese national and two Filipino citizens accused of surveilling critical infrastructure, including military sites.
For more information on these topics, visit diplomacy.edu.
A new report from CrowdStrike, the US-based cybersecurity company, examines the evolution of cyber threats in 2024, identifying shifts toward malware-free intrusions, artificial intelligence-assisted social engineering, and cloud-related vulnerabilities.
The researchers highlight an increase in cyber activity attributed to state-linked actors, a rise in identity-based attacks, and the growing role of generative AI in cyber operations. According to the report, 79% of cyber intrusions in 2024 did not involve traditional malware, compared to 40% in 2019. Attackers increasingly relied on remote management and monitoring tools to evade security measures. The average breakout time—the time taken for an attacker to move laterally within a compromised network—decreased to 48 minutes, with some intrusions occurring in under one minute.
The report also highlights an increased reliance on exploiting vulnerabilities, particularly for initial access. More than 52% of vulnerabilities observed in 2024 were related to gaining an initial foothold in a system, underscoring the importance of securing entry points. Attackers increasingly leveraged chained vulnerability exploits—where multiple flaws are exploited in succession—to enhance their chances of success.
Cloud security incidents also saw an increase, with valid account abuse accounting for 35% of cloud-related intrusions. Attackers focused on services such as Microsoft 365 and SharePoint, as well as enterprise APIs, to gain unauthorized access and extract data. The report emphasizes that more than half of observed vulnerabilities in 2024 were related to initial access, with an increase in attacks using chained vulnerability exploits.
Generative AI played a growing role in cyber operations, including phishing, deepfake-based social engineering, and automated disinformation campaigns. The report cites activity from groups leveraging AI-powered tactics, such as the use of fake job interviews to infiltrate technology firms.
For more information on these topics, visit diplomacy.edu.
Microsoft has made an undisclosed equity investment in Veeam Software as part of an expanded partnership to develop AI-powered data protection tools.
The deal will strengthen Veeam’s ability to help customers recover data after cyberattacks, ransomware incidents, or accidental loss. The company’s core technology ensures immutable backups, preventing hackers from modifying or deleting critical files.
With Microsoft‘s support, Veeam plans to enhance research and development, integrate AI-driven capabilities into its software, and expand design collaboration.
The move follows Microsoft’s previous investment in cybersecurity firm Rubrik, another company specialising in data backup and recovery.
Veeam, which was acquired by private equity firm Insight Partners for $5 billion in 2020, was valued at $15 billion after a secondary sale last year.
Founded in 2006, Veeam serves over 550,000 customers globally, including major corporations such as Deloitte and Canon. The partnership with Microsoft underscores the growing demand for advanced data security solutions as businesses face increasing cyber threats.
For more information on these topics, visit diplomacy.edu.
Cybersecurity firm Kaspersky has issued a warning about a large-scale malware campaign targeting GitHub users. Hackers have created hundreds of fake repositories to deceive users into downloading malware designed to steal cryptocurrency, login credentials, and browsing data. The campaign, known as ‘GitVenom,’ uses fraudulent projects that appear legitimate, offering tools like a Telegram bot for managing Bitcoin wallets or an Instagram automation tool. However, these projects run malicious software in the background, including remote access trojans (RATs), info-stealers, and clipboard hijackers.
The fake repositories were made to look convincing by including detailed documentation and manipulated version histories, which were designed to mimic active development. Despite appearing professional, these projects fail to deliver their promised functions while quietly extracting sensitive information from users. Kaspersky’s investigation revealed that some of these malicious repositories have been active for at least two years, suggesting the attackers have successfully lured victims over an extended period.
Once users have downloaded the malware, it targets saved login details, cryptocurrency wallet information, and browsing history, sending the stolen data to the attackers via Telegram. Some malware even hijacks clipboard contents, replacing cryptocurrency wallet addresses with those controlled by the hackers, potentially redirecting funds. The campaign has caused considerable impact, with one documented case involving the theft of five Bitcoins, worth around $442,000.
Although the GitVenom campaign has been detected worldwide, it has particularly affected users in Russia, Brazil, and Turkey. Kaspersky warns that, given GitHub’s popularity among developers, hackers are likely to continue using fake software projects as a method of infection.
For more information on these topics, visit diplomacy.edu.