The EU Council, along with its member states, has adopted a declaration for the first time on this specific topic establishing a unified understanding of how international law applies to cyberspace. This declaration underscores that cyberspace is not a lawless realm and reaffirms that international law, including the UN Charter, international human rights law, and international humanitarian law, is fully applicable to activities conducted in cyberspace.
The declaration highlights the escalating threat of malicious cyber activities, such as ransomware, which have grown in scale, sophistication, and impact, posing significant risks to European societies and economies. Recognising these challenges, the EU emphasizes that adherence to the UN framework of responsible state behavior in cyberspace is essential for preserving international peace, security, and stability.
In the declaration, the EU and its member states have commented on principle of non-intervention, state sovereignty, due diligence, attribution, and countermeasures. In particular, the document highlights that “States exercise territorial jurisdiction over Information and Communications Technology (ICT) infrastructure located in their territory, and persons engaged in cyber activities, within their territory”.
The official press release notes that the declaration’s foundation was laid in April 2024, when the European External Action Service (EEAS) presented a non-paper on the topic. After careful deliberation and collaboration between the Horizontal Working Party on Cyber Issues (HWPCI) and the Working Party on Public International Law (COJUR), the text was finalized and approved by the Permanent Representatives Committee (COREPER) on 13 November 2024.
Russian security experts have uncovered a new deepfake scam exploiting the image of Donald Trump, targeting English-speaking audiences. FACCT, a Moscow-based cybercrime prevention firm, reported that scammers are using a bot to create deepfake videos of prominent figures like Trump, Elon Musk, and Tucker Carlson. These videos are being shared on platforms such as TikTok and YouTube to promote fraudulent crypto exchanges.
The bot allows users to generate customised videos with text up to 400 characters long, which fraudsters use to advertise fake trading platforms. FACCT identified three primary scams: fake exchanges where victims’ tokens are stolen, malware links that compromise crypto wallets, and bogus tokens that can’t be sold.
This warning follows a rise in crypto-related scams in Russia, including digital ruble frauds. Authorities are urging vigilance as the Russian Central Bank prepares to launch its central bank digital currency nationwide next year.
The Irish media regulator, Coimisiún na Meán, has mandated that online platforms TikTok, X, and Meta must take decisive steps to prevent the spread of terrorist content on their services, giving them three months to report on their progress.
This action follows notifications from EU authorities under the Terrorist Content Online Regulation. If the platforms fail to comply, the regulator can impose fines of up to four percent of their global revenue.
This decision aligns with Ireland’s broader enforcement of digital laws, including the Digital Services Act (DSA) and a new online safety code. The DSA has already prompted investigations, such as the European Commission’s probe into X last December, and Ireland’s new safety code will impose binding content moderation rules for video-sharing platforms with European headquarters in Ireland. These initiatives aim to curb the spread of harmful and illegal content on major social media platforms.
Kuwait KEMS-Zajil Telecom and Emirates MBCOM Technologies have partnered to strengthen digital infrastructure and cybersecurity across the Middle East, aiming to help businesses remain secure and agile in a connected, fast-evolving world. This partnership formalised through a Memorandum of Understanding (MoU) on 16 October 2024, focuses on providing enterprise solutions in critical areas like network optimisation, cloud services, and cybersecurity.
By merging their expertise, the companies intend to deliver advanced solutions that optimise network performance and bolster defences against cyber threats, essential capabilities for supporting business growth and resilience. Moreover, both companies see this partnership as a strategic move to drive digital transformation in the region, effectively meeting the rising demand for secure, efficient, and scalable digital services.
Furthermore, KEMS-Zajil Telecom emphasised that collaborating with MBCOM Technologies allows them to expand their digital services portfolio with cutting-edge solutions that enhance growth and security. Similarly, MBCOM Technologies highlighted how this partnership positions both companies to bring innovative technology to regional businesses. Ultimately, with its dual focus on advanced infrastructure and robust security, this collaboration reflects a shared vision to empower Middle Eastern enterprises through comprehensive digital solutions that drive long-term growth and resilience.
The Philippines Department of Transportation and UltraPass ID have partnered to pilot a biometric passenger processing system at selected airports following a memorandum of understanding (MOU) signing. The pilot test is scheduled to begin in early 2025 at Iloilo International Airport, with additional testing planned for Tacloban, Laoag, and Bicol International Airport later in the year.
The system, which embeds biometric data in passports, is designed to streamline airport operations by swiftly enabling passengers to pass through check-in, security, and boarding gates, enhancing both convenience and security. The implementation will occur in two phases – Phase 1 will involve Filipino passengers using the national ID, while Phase 2 will cater to foreign passengers with e-passports travelling domestically. Additionally, the system will integrate with the Philippine national ID system, which aims to reduce processing times and provide a touchless, more efficient airport experience.
Furthermore, this initiative is part of the US Smart Cities Trade Mission, which features 12 US companies from various sectors such as cybersecurity, AI, and tourism. These companies are already contributing to the growth of key Philippine industries, including the digital economy, semiconductors, and tourism.
Through this partnership, the Philippines aims to improve its airport operations and strengthen trade and investment opportunities. In doing so, the involvement of US companies sets high standards for labour practices, environmental responsibility, and corporate social engagement.
VVDN Technologies has partnered with SecureThings.ai to enhance cybersecurity across various industry sectors, primarily focusing on the connected vehicle ecosystem. Through this collaboration, SecureThings.ai’s advanced cybersecurity solutions will be integrated into VVDN’s automotive products and services, including vehicle connectivity, in-vehicle infotainment systems, instrument clusters, advanced driver assistance systems (ADAS), and software-defined vehicle (SDV) solutions.
As a result, this partnership ensures that VVDN meets global cybersecurity standards, such as ISO 21434, while providing robust security for connected vehicles and IoT ecosystems. Specifically, key initiatives include intrusion detection and protection systems, real-time threat intelligence services, the establishment of a security research lab, and the provision of a red team as a service for independent cybersecurity assessments.
These efforts will help VVDN fortify connected devices, comply with evolving regulations like R 155/156 and AIS 189/190 in India, and offer comprehensive protection against cyber threats. Moreover, this partnership strengthens both companies’ positions in the cybersecurity market, with VVDN emphasising its commitment to delivering secure, reliable solutions globally.
Furthermore, SecureThings.ai’s expertise in cutting-edge security research and technologies will empower OEMs and tier-1 suppliers to combat emerging threats and adhere to stringent regulatory standards. The collaboration also leverages VVDN’s product engineering capabilities, thus driving innovation and setting new standards for cybersecurity in the automotive and IoT industries.
The incoming European Commissioner for Tech Sovereignty, Security, and Democracy, Henna Virkkunen, expressed dissatisfaction with the limited action taken by EU member states to exclude high-risk telecom suppliers, such as China’s Huawei and ZTE, from critical infrastructure. During her confirmation hearing in the European Parliament, Virkkunen noted that although the European Commission adopted 5G security measures in 2020, fewer than half of the EU member states have implemented restrictions on these suppliers. She indicated that this issue will be addressed in the planned revision of the Cyber Security Act next year and stressed the need for more serious action from national governments.
Virkkunen also pointed out that while the EU had adopted the 5G Cybersecurity Toolbox to protect telecom networks, only 11 of the 27 member states have fully implemented measures, including bans and restrictions on high-risk vendors. In addition to her efforts to strengthen cybersecurity, Virkkunen plans to propose a Digital Networks Act in 2025 to overhaul telecom regulations and boost investment and connectivity. On the topic of US Big Tech compliance with EU rules, she reaffirmed the importance of cooperation but emphasised that all companies must adhere to EU regulations, including those set out in the Digital Services Act.
Germany is strengthening its cyber defences as elections approach, with Interior Minister Nancy Faeser highlighting the need for robust protections against cyber-attacks and disinformation. Faeser warned of potential threats from Russia and other foreign actors, stressing that democracy must also be safeguarded in the digital realm.
The annual report from the Federal Office for Information Security pointed to Germany’s vulnerability to hybrid threats, which include hacking, manipulation, and disinformation. Faeser confirmed plans to bolster cybersecurity, aiming to counteract any attempts at digital interference that could destabilise the election process.
Germany’s snap elections are set for early next year, following the collapse of Chancellor Olaf Scholz’s coalition government amid economic concerns and rising populism. While recent elections saw no major cybersecurity incidents, authorities continue to monitor for risks.
With the political landscape in flux, security agencies remain vigilant. Enhanced measures are in place to detect and address cyber threats as the nation prepares for a potentially turbulent electoral period.
The US Transportation Security Administration (TSA) has proposed a new cybersecurity rule designed to strengthen the resilience of surface transportation infrastructure. Specifically, the rule mandates high-risk operators, including those in the pipeline, railroad, and bus sectors, to implement comprehensive Cyber Risk Management (CRM) programs to manage and mitigate cybersecurity risks.
In addition to this, operators will be required to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA) and physical security concerns to TSA. Furthermore, the rule stipulates that operators must develop and maintain detailed cybersecurity plans, including a Cybersecurity Assessment Plan (CAP) for annual evaluations and a Cybersecurity Operational Implementation Plan (COIP) to guide improvements.
These plans must incorporate governance structures, designate cybersecurity coordinators, and undergo regular audits to assess their effectiveness. Moreover, the rule promotes a defence-in-depth approach to cybersecurity by including system monitoring, patch management, and incident response planning, all of which aim to reduce the impact of cyberattacks.
Additionally, TSA seeks public feedback on the rule’s potential compliance burdens, economic impacts, and ways to streamline the process, particularly for smaller entities. TSA’s initiative reflects a broader commitment to enhancing the cybersecurity posture of surface transportation systems while ensuring regulatory consistency across federal, state, and local levels.
Why does it matter?
The agency is seeking input on reducing redundancies and improving alignment with existing regulations, particularly in cybersecurity training and personnel vetting for high-risk industries. By gathering feedback, TSA aims to refine the rule and ensure it effectively addresses the evolving cyber threats facing the nation’s critical transportation infrastructure.
NTT DATA and Google Cloud have partnered to accelerate the adoption of cloud-based data analytics and generative AI solutions across the Asia Pacific region. By combining NTT DATA’s industry expertise and client base with Google Cloud’s cutting-edge technologies, the partnership aims to drive innovation, improve operational efficiency, and enhance agility for enterprises.
Specifically, the collaboration focuses on co-developing industry-specific solutions for sectors such as healthcare, financial services, manufacturing, retail, and the public sector. A new NTT DATA Google Cloud Business Unit will also be created to focus on joint solutions in data analytics, GenAI, applications, infrastructure, cybersecurity, and SAP on the Google Cloud Platform (GCP).
The expansion also involves enhancing internal expertise, as NTT DATA plans to certify at least 1,000 more engineers in the APAC region and provide advanced training to its teams to ensure successful solution delivery. With global public cloud spending projected to grow significantly, the partnership aims to capture the increasing demand for cloud services and AI-driven solutions.
The goal is to grow NTT DATA’s cloud business in APAC by more than 10 times over the next three years. By combining NTT DATA’s digital transformation portfolio with Google Cloud’s advanced technologies, the collaboration is set to drive modernisation in AI, cloud infrastructure, and cybersecurity, offering businesses secure and efficient solutions to accelerate their digital transformation.
