US

US agencies warn of cyber intrusions into critical infrastructure systems

A joint cybersecurity advisory issued by the Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, National Security Agency, and several sector-specific partners warns US organisations of an ongoing campaign by actors targeting industrial control systems across US critical infrastructure.

The activity focuses on internet-exposed operational technology (OT), particularly programmable logic controllers (PLCs), which are widely used to automate industrial processes in sectors such as energy, water and wastewater systems, and government services.

According to the advisory, the attackers are exploiting PLCs by leveraging their direct exposure to the internet. The attackers gain initial access by scanning for internet-facing PLCs and connecting through commonly used industrial communication ports. Once access is established, the actors interact with device project files and manipulate data displayed on human-machine interfaces (HMI) and supervisory control and data acquisition (SCADA) systems. This enables them to disrupt industrial processes in real time. In several confirmed cases, such intrusions have resulted in operational disruption and financial loss, underscoring the tangible, physical-world impact of these cyber operations.

The advisory provides a detailed set of indicators of compromise (IOCs), including specific IP addresses associated with malicious activity, along with mappings to the MITRE ATT&CK framework to help defenders contextualise tactics and techniques.

Organisations are strongly encouraged to review both current and historical network logs for signs of compromise, particularly for unusual traffic on ports commonly used by OT protocols.

The campaign appears to be part of a broader escalation in Iranian-linked cyber activity, likely tied to geopolitical tensions involving the USA and its allies. The advisory links the activity to previously identified advanced persistent threat (APT) groups associated with Iran’s Islamic Revolutionary Guard Corps (IRGC).

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Student AI rights framework unveiled

A newly released ‘Student AI Bill of Rights’ in the US outlines a proposed framework to protect learners as AI tools become increasingly widespread in education. The initiative aims to establish clear standards for fairness, transparency and accountability.

The document highlights the need for students to be informed when AI systems are used in teaching, assessment or administration. It also stresses that students should retain control over their personal data and academic work.

Another central principle is accountability, with students given the right to question and appeal decisions made or influenced by AI systems. The framework also calls for safeguards to prevent bias and ensure equal access to educational opportunities.

While not legally binding, the proposal is designed to guide higher education institutions in developing responsible AI policies. It reflects growing efforts to define ethical standards for AI use in education in the US.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Power hardware shortages are delaying AI data centre expansion, despite record investment

US AI data-centre expansion is increasingly being constrained not by chips, servers or funding, but by the electrical hardware needed to connect new facilities to reliable power, Bloomberg reports. While the US–China trade war has pushed many server makers to move production out of China, the deeper dependency remains in power-delivery equipment.

China is still the world’s largest producer of electrical gear used to build and upgrade power infrastructure, both inside data centres and across the wider grid. Shortages of key components, especially transformers, switchgear and batteries, sourced from China and elsewhere, are now slowing project timelines.

The scale of planned build-outs is colliding with these supply limits. Bloomberg cites forecasts that Alphabet, Amazon, Meta and Microsoft will spend more than $650bn in 2026 to expand AI capacity, yet close to half of the planned US data-centre builds this year are expected to be delayed or cancelled.

The problem extends beyond the data-centre fence line. Companies must also fund and coordinate grid upgrades to supply enough electricity, competing for the same scarce equipment as utilities coping with rising demand from electric vehicles and electrified heating.

Sightline Climate data cited by Bloomberg suggests about 12GW of US data-centre capacity is expected to come online in 2026, but only around a third of that capacity is currently under active construction due to multiple constraints. Electrical infrastructure may represent less than 10% of total data-centre cost, but it is schedule-critical, because delays in any link of the power chain can halt an entire project.

Lead times for high-power transformers, in particular, have deteriorated sharply, typically 24 to 30 months before 2020, but now stretching to as long as five years, clashing with AI deployment cycles that can be under 18 months.

To cope, developers are turning to global suppliers, with Canada, Mexico and South Korea becoming major sources of high-power transformers. Even so, US imports of Chinese high-power transformers have surged from fewer than 1,500 units in 2022 to more than 8,000 units through October 2025, according to Wood Mackenzie data cited by Bloomberg. China also supplies over 40% of US battery imports and remains near 30% in some transformer and switchgear categories, underscoring continued reliance despite tariffs and security concerns.

Why does it matter?

Bloomberg’s central warning is that without easing bottlenecks in transformers, switchgear and batteries, and expanding US manufacturing capacity, trillions of dollars of AI investment may not translate into delivered AI capacity, because power infrastructure, not compute, is becoming the limiting factor.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

US Supreme Court narrows ISP copyright liability, sharpening focus on intent with potential implications for generative AI

A unanimous 9–0 US Supreme Court ruling this week has narrowed the circumstances under which an internet service provider (ISP) can be held liable for users’ copyright infringement by focusing on a deceptively simple question: intent. Writing for the Court, Justice Clarence Thomas said an ISP is liable only if its service was designed for unlawful activity or if it actively induced infringement; merely providing a service to the public while knowing some users will infringe is not enough.

Applying that standard, the Court found Cox Communications did neither, shielding it from a potential $1bn exposure following a long-running dispute that included a jury verdict later vacated.

The decision is now being read for its possible implications beyond ISPs, particularly in the escalating copyright battle between publishers/authors and generative AI firms. The key distinction raised is that broadband networks function as neutral conduits, whereas large language models are built specifically to produce fluent, human-like writing, including prose, poetry and dialogue, that can resemble the work of human authors.

In the article’s framing, that resemblance is not incidental but central to the product’s purpose: if a subscriber uses broadband to pirate a novel, the ISP did not build its network to enable that outcome, but an AI model prompted to write in a specific author’s style is designed to fulfil that request.

That contrast could open a new line of argument in AI litigation. While major US cases, such as suits brought by the Authors Guild and individual authors against OpenAI, Meta and others, have largely centred on whether training on copyrighted books is itself infringing, the Cox ruling highlights a second front: whether the systems’ purpose and optimisation for author-like output could be characterised as being ‘tailored for’ infringement or as purposeful inducement under an intent-based standard.

Publishers, who are simultaneously watching the lawsuits and negotiating licensing deals with AI companies, have so far been more cautious than the music industry was in its costly fight against Cox, an effort that ultimately produced a Supreme Court ruling that narrowed, rather than expanded, leverage.

Why does it matter?

The broader takeaway is that copyright enforcement may increasingly turn not only on what was copied, but what the copying was for, an approach that could prove consequential for AI companies whose commercial proposition is generating human-quality creative work.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Oracle expands AI options for US government agencies

The US government is set to gain expanded AI capabilities through new infrastructure and model deployment options in Oracle Cloud.

These developments aim to improve agencies’ ability to manage critical tasks, from situational awareness to cybersecurity, while maintaining strict security and compliance standards.

High-performance GPUs and AI models will support faster, more reliable inference and training, helping agencies respond more effectively to public needs.

The focus is on enabling secure deployment in environments with sensitive data and complex regulatory requirements, ensuring AI use aligns with public interest and safety.

Such an expansion builds on existing government AI frameworks, offering capabilities for retrieval-augmented generation, secure inference, and operational analytics.

By integrating AI in a controlled, compliant environment, US agencies can improve efficiency, decision-making, and public service delivery without compromising security.

Ultimately, these advancements by Oracle aim to ensure that government AI adoption benefits citizens directly, supporting transparency, accountability, and effective public administration in high-stakes contexts.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

New Mexico wins major case against Meta

A jury has found Meta Platforms liable for misleading consumers and endangering children in a landmark case brought by the New Mexico Department of Justice. The verdict marks the first successful trial by a US state against a major tech firm over child safety concerns.

Jurors awarded civil penalties totalling 375 million dollars after finding violations of consumer protection law. The case focused on claims that platform design choices exposed young users to harmful and exploitative content.

Evidence presented in court included internal company documents and testimony suggesting awareness of risks to children. Allegations centred on failures to prevent exploitation, as well as features linked to addictive behaviour and exposure to harmful material.

Further proceedings in the US are scheduled, with authorities seeking additional penalties and mandated changes to platform safety measures. Proposed actions include stronger age verification and improved protections for minors online.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

CFTC launches AI and crypto innovation task force

The Commodity Futures Trading Commission (CFTC), an independent agency of the United States federal government, announced the creation of an Innovation Task Force to support the development of new technologies in US derivatives markets. Chairman Michael S. Selig leads the initiative and focuses on establishing clear regulatory approaches.

The task force will work with the Innovation Advisory Committee to develop frameworks covering crypto assets, blockchain technologies, AI and autonomous systems, and prediction markets. Authorities said the aim is to provide clarity for innovators building new financial products.

According to Selig, clearer rules are intended to support responsible innovation and ensure market participants remain competitive. The task force is also expected to help implement the Commission’s broader innovation agenda.

Coordination with other federal bodies is planned, including collaboration with the US Securities and Exchange Commission and its Crypto Task Force. Michael J. Passalacqua, senior advisor to the Chairman, has been appointed to lead the initiative.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot 

Europe boosts AI, talent and investment to compete with US and China

Efforts to strengthen technological competitiveness in Europe focus on advancing AI capabilities, developing new forms of talent and improving access to investment.

Discussions at the CTx Tech Experience in Seville highlighted a growing consensus that innovation must scale more effectively if the region is to compete globally.

Participants emphasised that Europe continues to face structural challenges, including fragmented markets, regulatory complexity and limited capital for high-growth companies.

These constraints have made it more difficult for startups to expand, prompting calls for stronger coordination between public institutions and private investors.

AI is increasingly viewed as the foundation of the transformation. Industry leaders pointed to the emergence of new business opportunities driven by AI, alongside the need to translate innovation into scalable commercial outcomes.

At the same time, labour market dynamics are shifting towards hybrid skillsets that combine technical expertise with business understanding and critical thinking.

In such a context, strengthening Europe’s innovation capacity is seen as essential to competing with global powers such as the US and China.

As technological competition intensifies, the ability to align talent, capital and policy frameworks will play a decisive role in shaping the region’s position within the global digital economy.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

US senator proposes AI rules for children

A US senator has introduced a draft framework to establish nationwide AI rules, with a focus on child safety and copyright protection. The proposal seeks to create a unified federal approach to replace state laws that differ.

The plan would require developers to implement safeguards for minors, including age verification, data protection and mechanisms to report harm. Companies could also face legal action over failures linked to AI system design.

Copyright measures include new standards for identifying AI-generated content and preventing tampering. Authorities would also develop cybersecurity guidelines to support the transparency and authenticity of content.

Debate over this in the US continues over the balance between regulation and innovation, with some stakeholders warning of legal and economic risks. Discussions between lawmakers and the administration are expected to shape a final framework.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU calls on US tech firms to respect rules on handling staff data

Concerns over data protection have intensified as the European Commission calls on major technology companies to apply the EU standards when handling sensitive staff information linked to digital regulation.

Pressure follows requests from the US House Judiciary Committee seeking access to communications between US firms and the EU officials involved in enforcing laws such as the Digital Services Act and Digital Markets Act.

The EU officials emphasise that formal exchanges with companies take place through official channels, including documented correspondence, rather than informal messaging platforms. Internal communication practices may involve encrypted tools, reflecting growing concerns about data security and external scrutiny.

Debate surrounding the issue reflects wider tensions between the EU and the US over digital governance, privacy protections and regulatory authority. Questions over jurisdiction and access to sensitive communications are likely to remain central as transatlantic tech policy evolves.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Diplo chatbot can make mistakes. Consider checking important information.