Law enforcement agencies must ensure public understanding of the need for expanded investigative powers to effectively combat the increasing scale and complexity of cybercrime, Europol’s chief Catherine De Bolle stated at the Munich Cyber Security Conference.
De Bolle emphasised that cybercriminal activity is not only growing in volume but also evolving in sophistication, leveraging both traditional telecom infrastructure and advanced digital tools, including dark web marketplaces. In response, she underscored the necessity for law enforcement agencies to strengthen their technical capabilities. However, she noted that implementing large-scale investigative measures must be balanced with maintaining public confidence in state institutions.
Her remarks followed those of Sir Jeremy Fleming, former director of the UK’s cyber intelligence agency GCHQ, who spoke about the importance of maintaining public trust in intelligence operations.
De Bolle further stressed the need for stronger collaboration between government agencies, private sector entities, and international organisations to address cyber threats effectively. As cybercrime and state-sponsored cyber activities increasingly overlap, she advocated for a shift away from fragmented approaches, calling for ‘multilateral responses’ to improve collective cybersecurity readiness.
For more information on these topics, visit diplomacy.edu.
The Philippines has reported attempts by foreign actors to infiltrate government intelligence systems, though no breaches have occurred, according to Cyber Minister Ivan Uy.
Advanced Persistent Threats (APTs), often linked to state-backed groups, have persistently targeted the nation but failed to compromise its cybersecurity defences.
Uy highlighted that some threats, described as ‘sleepers’, had been embedded in systems before being uncovered through government cybersecurity measures. He expressed concerns about such threats operating undetected for extended periods.
Efforts to trace the origins of these attacks are challenging, as hackers often leave misleading evidence. Diplomatic cooperation and intelligence sharing with the military and international allies have become key tools in countering these threats.
Last year, the government successfully thwarted cyberattacks allegedly originating in China, including attempts to breach systems related to maritime security. Uy noted that global cyber conflicts resemble a ‘non-kinetic World War III’, with nations and organisations exploiting digital vulnerabilities for strategic or financial gain.
In addition to cyberattacks, the Philippines is grappling with rising misinformation, deepfakes, and ‘fake news media outlets’ ahead of its mid-term elections in May.
The ministry has deployed tools to counter these risks, emphasising their potential to harm democracies reliant on informed public opinion during elections.
For more information on these topics, visit diplomacy.edu.
A cybersecurity firm co-founded by former Austrian Chancellor Sebastian Kurz and Israeli entrepreneurs has reached a valuation of $1.1 billion after securing $100 million in a new funding round.
The company, known as Dream, focuses on AI-driven cybersecurity solutions for governments and critical infrastructure. Bain Capital Ventures led the Series B investment, with additional backing from Group 11, Tru Arrow, Tau Capital, and Aleph.
Founded in January 2023, Dream has reported over $130 million in annual sales to government and national cybersecurity agencies in 2024.
The company was established by Kurz, former NSO Group CEO Shalev Hulio, and cybersecurity expert Gil Dolev. It operates out of Tel Aviv, Vienna, and Abu Dhabi, positioning itself as a key player in global cybersecurity.
Kurz, who became Austria‘s chancellor in 2017 at the age of 31, resigned in 2021 and was later convicted of perjury in a political case. He received an eight-month suspended sentence, which he is currently appealing. Despite his legal troubles, his latest business venture is rapidly growing in the cybersecurity industry.
For more information on these topics, visit diplomacy.edu.
That project saw the opening of a data centre in 2023, which provides cloud services to businesses and government institutions.
Polish Prime Minister Donald Tusk joined Microsoft President Brad Smith at a press conference to discuss the plans. The investment highlights the growing importance of cybersecurity in the partnership between Microsoft and Poland.
For more information on these topics, visit diplomacy.edu.
A new report from Google states that cybercrime continues to expand, intersecting with state-backed cyber operations. Released ahead of the Munich Security Conference, research from Google’s Threat Intelligence Group and Mandiant outlines findings from their investigations in 2024 and trends observed over the past four years.
According to Google, financially motivated and state-backed cyber activities are becoming more interconnected. Cybercriminal ecosystems facilitate the acquisition of malware, vulnerabilities, and operational support, offering lower-cost alternatives to state-developed capabilities.
The report emphasises that while cybercrime and state-backed cyber operations increasingly overlap, responses to these threats require distinct strategies. Cybercrime often involves networks operating across jurisdictions, necessitating international collaboration to address its impact effectively.
For more information on these topics, visit diplomacy.edu.
The French National Cybersecurity Agency (ANSSI) has released new guidance on securing AI systems, emphasising a risk-based approach to AI deployment. Several international partners, including Canada, Singapore, Germany, Italy, Norway, the United Kingdom, Estonia and others, have co-signed the document.
The publication highlights the growing integration of AI across sectors and the need for organisations to assess and mitigate associated risks, particularly as they adopt large language models (LLMs).
ANSSI outlines key security challenges specific to AI, including vulnerabilities in data integrity, supply chain risks, and the potential for AI systems to be exploited as attack vectors. The report identifies major risks such as:
Compromises in AI hosting and management infrastructure
Supply chain attacks targeting AI components
Interconnections between AI and IT systems increasing attack surfaces
Long-term loss of control over AI-driven processes
Malfunctions affecting AI system reliability
To address these challenges, the document advocates for a structured approach to AI security, recommending that organisations:
Align AI system autonomy with risk assessments and operational criticality
Map AI supply chains and monitor interconnections with IT infrastructure
Implement continuous monitoring and maintenance of AI systems
Anticipate regulatory and technological developments impacting AI security
Strengthen training and awareness on AI-related risks
The publication also advises against using AI for automating critical actions without safeguards, urging organisations to conduct dedicated risk analyses and assess security measures at every stage of the AI system lifecycle.
For more information on these topics, visit diplomacy.edu.
Zach Witkoff, co-founder of the Trump-affiliated crypto project World Liberty Financial, had his X account hacked on Wednesday. The hacker used the account to promote a fake memecoin project involving Barron Trump, claiming that the news would soon be confirmed by the Trump family.
World Liberty Financial quickly confirmed the hack, urging users to ignore the fraudulent Barron Trump project. This incident is part of a wider trend of crypto scams, as Ivanka Trump also warned earlier this year about a fake memecoin using her likeness to defraud investors.
World Liberty Financial, a decentralised finance project, launched its own token, WLFI, in October 2024. Despite these security issues, the project continues to operate with the Trump family’s name associated with its team.
For more information on these topics, visit diplomacy.edu.
Kaspersky Labs has uncovered a dangerous malware hidden in software development kits used to create Android and iOS apps. The malware, known as SparkCat, scans images on infected devices to find crypto wallet recovery phrases, allowing hackers to steal funds without needing passwords. It also targets other sensitive data stored in screenshots, such as passwords and private messages.
The malware uses Google’s ML Kit OCR to extract text from images and has been downloaded around 242,000 times, primarily affecting users in Europe and Asia. It is embedded in dozens of real and fake apps on Google’s Play Store and Apple’s App Store, disguised as analytics modules. Kaspersky’s researchers suspect a supply chain attack or intentional embedding by developers.
While the origin of the malware remains unclear, analysis of its code suggests the developer is fluent in Chinese. Security experts advise users to avoid storing sensitive information in images and to remove any suspicious apps. Google and Apple have yet to respond to the findings.
WhatsApp has identified an advanced hacking campaign targeting nearly 90 users across more than two dozen countries. The attack, linked to Israeli spyware firm Paragon Solutions, exploited a zero-click vulnerability, meaning victims’ devices were compromised without them needing to interact with any malicious files. The messaging platform, owned by Meta, has since taken steps to block the hacking attempts and has issued a cease-and-desist letter to Paragon.
While WhatsApp has not disclosed the identities of those targeted, reports indicate that journalists and members of civil society were among the victims. The company has referred affected users to Citizen Lab, a Canadian watchdog that investigates digital security threats. Law enforcement agencies and industry partners have also been alerted, though specifics remain undisclosed.
Paragon, which was recently acquired by US investment firm AE Industrial Partners, has not commented on the allegations. The company presents itself as a responsible player in the spyware industry, claiming to sell its technology only to governments in stable democracies. However, critics argue that the continued spread of surveillance tools increases the risk of human rights abuses, with spyware repeatedly found on the devices of activists, journalists, and officials worldwide.
Cybersecurity experts warn that the growing use of commercial spyware poses an ongoing threat to digital privacy. Despite claims of ethical safeguards, the latest revelations suggest that even companies with supposedly responsible practices may be engaging in questionable surveillance activities.
Smiths Group, the British engineering firm known for its baggage-screening and explosive detection equipment, is addressing a cybersecurity breach involving unauthorised access to its systems. The company confirmed on Tuesday that it had isolated the affected systems as soon as the incident was detected.
Efforts are underway with cybersecurity experts to recover impacted systems and assess the broader implications of the breach. Smiths Group assured it is adhering to all regulatory requirements and promised to provide updates as necessary.
The incident, disclosed in the morning, sent the company’s shares down by as much as 2.3% in early trading. No further details have been provided about the breach or its potential consequences.
