AI, Geopolitics, and the Rising Threat of Cyberattacks
The agenda of cybersecurity and geopolitics remains packed: there are news about China’s Salt Typhoon and North Korea’s Lazarus Group, while the U.S. cracks down the disinfo defenses. The UK steps in with new tech trade sanctions, and Germany’s new digital ministry raises questions about political priorities. Apple and Meta are feeling the heat under EU regulation, and AI continues to show both promise and pitfalls.
Cyber Conflict
News about the Chinese Salt Typhoon: the FBI is now asking the public for tips to help identify and locate the hackers, who seem incredibly hard to find (link). They’re offering $10 million reward (link)
Meanwhile, also new things from the Lazarus Group that targeted six South Korean organizations across different IT-industries; it stands out because they combine watering hole strategy (it is an indirect hacking via compromising legitimate websites frequently visited by the target group) with the exploitation of vulnerabilities (link)
A new study about Russian disinformation revealed that Eastern European countries, particularly former Soviet and Balkan states, are the most targeted by Russia’s Pravda disinformation network. The top three states were Moldova, Latvia and Estonia. These regions have strategic importance, especially concerning energy security (link)
U.S. has closed a key office dedicated to countering disinformation efforts by Russia, China, and Iran, raising more concerns about the readiness to respond to coordinated threats (link)
Cyber around the world
In Germany: plans are underway to establish a Ministry of Digital Affairs, which by the way would be headed by Karsten Wildberger, a former manager at MediaMarkt-Saturn (major European electronics retailer) with no prior political experience (link). The question is whether this ministry will bring real change or simply get lost in well-worded strategies (link). We’re really curious to see if it will actually shift responsibilities.
It’s now official: 500 million Euros on Apple and 200 million on Meta for violating the Digital Market Act. Apple failed to inform users about alternative app distribution options outside its App Store, while Meta’s “consent or pay” model was ruled non-equivalent to its free version, undermining genuine user choice (link)
The global rivalry in trade is growing: the UK has just imposed new sanctions on Russia, including a ban on exporting video game controllers due to their potential use in piloting drones in the Ukraine conflict (link)
The United Nations Peacekeeping Ministerial is taking place in Berlin from May 13-14 to discuss the future of UN peace missions (link). At the same time, great competition between the U.S., China and Russia are getting closer - and space has become a critical strategic domain (link)
Military realm: Generative AI is making its way into daily operations of the U.S. Army, improving daily talks and productivity (link). However, Ukraine is facing increased cyberattacks, because of the withdrawal of the USA. Ukraine is now more vulnerable to cyberattacks, and one of the reasons for that is that hard- and software for infrastructure was simply not delivered (link)
IT-Security News
In the first part of the year: the rising number of ransomware-incidents, in total in relation to the year before the number is 126% higher, markets the highest number of such attacks on record (link)
Cyber incident at UK’s retailer Marks & Spencer, so they had to pause online orders at the website and the app, how big this incident is we apparently don’t know, and the warehouse workers were told not to come to work (link)
Another attack on a health facility: the ransomware gang, Interlock, leaked sensitive patient information from dialysis company DaVita in its leak site, as they stole 1.51 terabyte of data (link)
In case you were wondering why you couldn’t book an appointment by Berlin Authorities (or is that normal?): Since Friday the website berlin.de was victim of a cyberattack causing disruptions and limited access, it is believed to be a distributed DDoS attack (link)
A malware attack targeted the World Uyghur Congress, the malware was for surveillance and sent information to an external server (link)
North Korean IT workers are using AI tool for an illegal employment at US and European tech companies, this scheme made hundreds of million of dollars for North Korea (link)
Research
Can Japan meet their grand-strategic goals? A new Adelphi Series is out now (link)
Space is a critical area: this paper examines the strategy from the EU for space and security defense (link)
Nicole Perlroth’s (former lead for cybersecurity and digital espionage reporter for the New York Times) Live Podcast Recording for “To Catch a Thief” has an interesting Panel with Top China and Cyber Experts (link)
In the Verizon Data Breach Report over 22,000 real-world security incidents were analyzed of which around 12,000 were confirmed data breaches that occurred in 139 countries, the highest number of breaches ever analyzed in a report (link)