AI is increasingly being used to produce highly realistic synthetic abuse videos, raising alarm among regulators and industry bodies.
According to new data published by the Internet Watch Foundation (IWF), 1,286 individual AI-generated abuse videos were identified during the first half of 2025, compared to just two in the same period last year.
Instead of remaining crude or glitch-filled, such material now appears so lifelike that under UK law, it must be treated like authentic recordings.
More than 1,000 of the videos fell into Category A, the most serious classification involving depictions of extreme harm. The number of webpages hosting this type of content has also risen sharply.
Derek Ray-Hill, interim chief executive of the IWF, expressed concern that longer-form synthetic abuse films are now inevitable unless binding safeguards around AI development are introduced.
Safeguarding minister Jess Phillips described the figures as ‘utterly horrific’ and confirmed two new laws are being introduced to address both those creating this material and those providing tools or guidance on how to do so.
IWF analysts say video quality has advanced significantly instead of remaining basic or easy to detect. What once involved clumsy manipulation is now alarmingly convincing, complicating efforts to monitor and remove such content.
The IWF encourages the public to report concerning material and share the exact web page where it is located.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Marks & Spencer has revealed that the major cyberattack it suffered in April stemmed from a sophisticated impersonation of a third-party user.
The breach began on 17 April and was detected two days later, sparking weeks of disruption and a crisis response effort described as ‘traumatic’ by Chairman Archie Norman.
The retailer estimates the incident will cost it £300 million in operating profit and says it remains in rebuild mode, although customer services are expected to normalise by month-end.
Norman confirmed M&S is working with UK and US authorities, including the National Crime Agency, the National Cyber Security Centre, and the FBI.
While the ransomware group DragonForce has claimed responsibility, Norman declined to comment on whether any ransom was paid. He said such matters were better left to law enforcement and not in the public interest to discuss further.
The company expects to recover some of its losses through insurance, although the process may take up to 18 months. Other UK retailers, including Co-op and Harrods, were also targeted in similar attacks around the same time, reportedly using impersonation tactics to bypass internal security systems.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The UK government has struck a major partnership with Google Cloud aimed at modernising public services by eliminating agreing IT systems and equipping 100,000 civil servants with digital and AI skills by 2030.
Backed by DSIT, the initiative targets sectors like the NHS and local councils, seeking both operational efficiency and workforce transformation.
Replacing legacy contracts, some of which date back decades, could unlock as much as £45 billion in efficiency savings, say ministers. Google DeepMind will provide technical expertise to help departments adopt emerging AI solutions and accelerate public sector innovation.
Despite these promising aims, privacy campaigners warn that reliance on a US-based tech giant threatens national data sovereignty and may lead to long-term lock-in.
Foxglove’s Martha Dark described the deal as ‘dangerously naive’, with concerns around data access, accountability, public procurement processes and geopolitical risk.
As ministers pursue broader technological transformation, similar partnerships with Microsoft, OpenAI and Meta are underway, reflecting an industry-wide effort to bridge digital skills gaps and bring agile solutions into Whitehall.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Marks & Spencer has called for a legal obligation requiring UK companies to report major cyberattacks to national authorities. Chairman Archie Norman told parliament that two serious cyberattacks on prominent firms in recent months had gone unreported.
He argued that underreporting leaves a significant gap in cybersecurity knowledge. It would not be excessive regulation to require companies to report material incidents to the National Cyber Security Centre.
The retailer was hit in April by what is believed to be a ransomware attack involving DragonForce, with links to the Scattered Spider hacking group.
The breach forced a seven-week suspension of online clothing orders, costing the business around £300 million in lost operating profit.
M&S had fortunately doubled its cyber insurance last year, though it may take 18 months to process the claim.
General counsel Nick Folland added that companies must be prepared to operate manually, using pen and paper, when systems go down.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A turf war has erupted between two significant ransomware gangs, DragonForce and RansomHub, following cyberattacks on UK retailers including Marks and Spencer and Harrods.
Security experts warn that the feud could result in companies being extorted multiple times as criminal groups compete to control the lucrative ransomware-as-a-service (RaaS) market.
DragonForce, a predominantly Russian-speaking group, reportedly triggered the conflict by rebranding as a cartel and expanding its affiliate base.
Tensions escalated after RansomHub’s dark-web site was taken offline in what is believed to be a hostile move by DragonForce, prompting retaliation through digital vandalism.
Cybersecurity analysts say the breakdown in relationships between hacking groups has created instability, increasing the likelihood of future attacks. Experts also point to a growing risk of follow-up extortion attempts by affiliates when criminal partnerships collapse.
The rivalry reflects the ruthless dynamics of the ransomware economy, which is forecast to cost businesses $10 trillion globally by the end of 2025. Victims now face not only technical challenges but also the legal and financial fallout of navigating increasingly unpredictable criminal networks.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
An AI-driven forecasting tool developed by the Met Office and the University of Exeter is poised to reshape how marine operations are planned. The low-cost model, MaLCOM, has successfully predicted ocean currents in the Gulf of Mexico.
Designed initially to forecast regional wave patterns around the UK, the framework’s adaptability is now helping model ocean currents in new environments.
The tool’s ability to run on a laptop makes it highly accessible, offering real-time insights that could aid offshore energy.
Researchers emphasise the importance of the model’s transparency, which allows users to inspect how it processes data and generates forecasts. This design supports trust in its outputs and offers a strong foundation for ongoing development.
The project began five years ago and has grown through collaboration between academia, government and industry.
Its recent recognition with the ASCE Offshore Technology Conference Best Paper Award underscores the value of partnerships in accelerating progress in AI-based weather and climate tools.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A growing number of writers and developers are finding steady work correcting the flawed outputs of AI systems that businesses use.
From bland marketing copy to broken website code, over-reliance on AI tools like ChatGPT is causing costly setbacks that require human intervention.
In Arizona, writer Sarah Skidd was paid $100 an hour to rewrite poor-quality website text initially produced by AI entirely.
Her experience is echoed by other professionals who now spend most of their time reworking AI content rather than writing from scratch.
UK digital agency owner Sophie Warner reports that clients increasingly use AI-generated code, which has sometimes crashed websites and left businesses vulnerable to security risks. The resulting fixes often take longer and cost more than hiring an expert.
Experts warn that businesses adopt AI too hastily, without proper infrastructure or understanding its limitations.
While AI offers benefits, poor implementation can lead to reputational damage, increased costs, and a growing dependence on professionals to clean up the mess.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The UK government’s evolving defence and security policies aim to close legal gaps exposed by modern threats such as cyberattacks and sabotage of undersea cables. As set out in the recent Strategic Defence Review, ministers plan to introduce a new defence readiness bill to protect critical subsea infrastructure better and prepare for hostile acts that fall outside traditional definitions of war.
The government is also considering revising the outdated Submarine Telegraph Act of 1885, whose penalties, last raised in 1982 to £1,000, are now recognised as inadequate. Instead of merely increasing fines, officials from the Ministry of Defence and the Department for Science, Innovation and Technology intend to draft comprehensive legislation that balances civil and military needs, clarifies how to prosecute sabotage, and updates the UK’s approach to national defence in the digital age.
These policy initiatives reflect growing concern about ‘grey zone’ threats—deliberate acts of sabotage or cyber aggression that stop short of open conflict yet pose serious national security risks. Recent suspected sabotage incidents, including damage to subsea cables connecting Sweden, Latvia, Finland, and Estonia, have highlighted how vulnerable undersea infrastructure remains.
Investigations have linked several of these operations to Russian and Chinese interests, emphasising the urgency of modernising UK law. By updating its legislative framework, the UK government aims to ensure it can respond effectively to attacks that blur the line between peace and conflict, safeguarding both national interests and critical international data flows.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Agentic AI, a new generation of AI that goes beyond automation to deliver full task orchestration, could change how government operates. Sharon Moore, CTO Public Sector UK at IBM, argues the UK Government must adopt this technology to drive operational efficiency and better public services.
Departments using AI agents have already recorded significant savings, such as 3,300 hours saved in HR tasks by East and North Hertfordshire NHS Trust and 800 hours monthly by a New Jersey agency. IBM itself has cut development costs by billions, showcasing the potential for large-scale productivity gains.
Agentic systems integrate multiple AI models and tools, solving complex problems with minimal human intervention. Unlike traditional chatbots, these systems handle end-to-end tasks and adapt across use cases, from citizen services to legacy software modernisation.
To implement these systems safely, the UK must address risks like data leaks, hallucinations, and compliance failures. Moore emphasises that future governance must shift from overseeing individual models to managing entire AI systems, built on transparency, security, and performance oversight.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A ransomware attack on Dutch retailer Ahold Delhaize resulted in a significant data breach affecting more than 2.2 million individuals across US businesses.
The breach occurred in November 2024 following network disruptions at supermarket chains, including Giant Food, Food Lion, and Stop & Shop.
The Inc Ransom group claimed responsibility in April 2025, stating it exfiltrated around 6 TB of data. The company confirmed that stolen files included employment records containing sensitive personal and financial information, with some data already posted on the dark web.
Affected individuals are now notified and offered two years of free identity protection services. The compromised data includes names, Social Security numbers, contact details, and medical and employment information.
Supermarkets have become a growing target in recent cyber campaigns. In April, UK retailers such as M&S and Harrods were also attacked, while distributor UNFI faced major disruptions earlier this month.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
