Cybersecurity Archives | Page 16 of 25 | Digital Watch Observatory

Cybercriminals exploit Facebook ads for fake AI tools and malware

Cybersecurity researchers from Bitdefender have uncovered a disturbing trend where cybercriminals exploit Facebook’s advertising platform to promote counterfeit versions of popular generative AI tools, including OpenAI’s Sora, DALL-E, ChatGPT 5, and Midjourney. These fraudulent Facebook ads are designed to trick unsuspecting users into downloading malware-infected software, leading to the theft of sensitive personal information.

The hackers hijack legitimate Facebook pages of well-known AI tools like Midjourney to impersonate these services, making false claims about exclusive access to new features. The malicious ads direct users to join related Facebook communities, where they are prompted to download supposed ‘desktop versions’ of the AI tools. However, these downloads contain Windows executables packed with harmful viruses like Rilide, Nova, Vidar, and IceRAT, which can steal stored credentials, cryptocurrency wallet data, and credit card details for illicit use.

The cybercrime scheme goes beyond fake ads and hijacked pages; it involves setting up multiple websites to avoid suspicion and using platforms like GoFile to distribute malware through fake Midjourney landing pages. Bitdefender’s analysis highlighted that hackers particularly targeted European Facebook users, with a prominent fake Midjourney page amassing 1.2 million followers before being shut down on 8 March 2024. The reach of these scams extended across countries like Sweden, Romania, Belgium, Germany, and others, with ads primarily targeting European males aged 25-55.

Bitdefender’s report also exposed the cybercriminals’ comprehensive distribution network for malware, known as Malware-as-a-Service (MaaS), enabling anyone to conduct sophisticated attacks. These include data theft, online account compromise, ransom demands after encrypting data, and fraudulent activities.

The case mirrors previous incidents, such as Google’s lawsuit against scammers in 2023 for using fake ads to spread malware. In that case, scammers posed as official Google channels to entice users into downloading purported AI products, highlighting a broader trend of exploiting trusted platforms for illicit gains.

US-China tensions rise as Biden adds more entities to blacklist

President Biden’s administration has escalated tensions with China by adding more Chinese entities to an export blacklist than any previous US government. This latest move by the Commerce Department brings the total number of entities targeted under Biden to 319, surpassing the count during Trump’s tenure. The decision underscores the increasing use of economic tools to achieve foreign policy objectives, particularly as Biden seeks to limit China’s access to advanced technology, citing national security concerns.

The heightened scrutiny on China comes amidst growing apprehensions in Washington over President Xi Jinping’s assertiveness towards Taiwan, fueling fears of Beijing leveraging American technology to bolster its military capabilities. Both Democrats and Republicans have rallied behind the tough stance on China, reflecting bipartisan consensus on the issue, especially with the upcoming elections looming. Biden has maintained Trump’s tariffs while expanding restrictions on Beijing’s access to cutting-edge innovations, notably in critical sectors like AI.

The entity list serves as a primary mechanism for sanctioning entities on national security grounds and has increasingly become a focal point in US-China relations. Beijing has denounced Washington’s actions as economic coercion and unilateral bullying, vowing to defend the rights and interests of Chinese companies. In a retaliatory move, China imposed sanctions on two US companies, signalling a tit-for-tat escalation in tensions. However, such measures are largely symbolic, with minimal impact on the targeted firms.

Despite the Biden administration’s firm stance, there have been occasional concessions, such as withdrawing a Chinese government laboratory from the entity list to address the fentanyl crisis. Nonetheless, the recent additions to the list signal a continuation of the US strategy to maintain its technological edge, particularly in dual-use technologies. As Washington tightens controls on exports to Chinese firms involved in military modernisation efforts, the stage is set for further friction in the already strained US-China relationship.

Italy’s CDP to invest €1 billion in AI and cybersecurity

Italy’s Cassa Depositi e Prestiti (CDP) has announced a substantial investment of €1 billion over the next five years in AI and cybersecurity through its venture capital arm. The investment aligns with the Italian government’s broader agenda, as the chair of the G7, to prioritise the impact of AI on employment and inequality, unveiled in March with the establishment of an investment fund supported by CDP to foster AI projects.

From 2024 to 2028, the fund aims to inject €8 billion into fostering innovation and competitiveness within Italy’s technology sector. Namely, CDP Venture Capital intends to allocate approximately €580 million towards startups while earmarking €300 million for companies poised for international expansion. Additionally, €120 million will facilitate technological transfer, particularly for university research initiatives.

Agostino Scornajenchi, Chief Executive of CDP Venture Capital, expressed confidence in Italy’s innovation prowess, citing its rich scientific and technical heritage. He emphasised the need for Italy to reclaim a leading role in the global economy by leveraging its strengths in innovation and competitiveness, positioning itself as a key player in the international arena.

Microsoft reveals Chinese groups use AI content to undermine US elections

Microsoft Corp. has identified Chinese groups using social media and AI-generated images to incite controversy and gain insights into American perspectives on divisive issues during the election year. According to a report by Microsoft, these groups have spread conspiratorial content, such as blaming the US government for the 2023 wildfires on the Hawaiian island of Maui. The disinformation campaign involved posts in 31 languages, alleging that the US government intentionally caused the blaze, accompanied by AI-generated images of burning coastal roads.

The investigation into the Maui wildfires is ongoing, with a focus on whether power lines owned by Hawaiian Electric Industries Inc. may have sparked the flames. Microsoft noted that these fabricated images demonstrate how Chinese government-affiliated groups are adopting new tactics to advance geopolitical priorities through disinformation and cyberattacks. However, it remains to be seen whether AI has significantly amplified the effectiveness of these efforts.

Microsoft’s report suggests that the accounts responsible for spreading this disinformation are likely operated by the Chinese government or entities aligned with state interests. Despite these findings, the Chinese Embassy did not respond to requests for comment, which is consistent with the government’s denial of involvement in such activities. Researchers have noted the use of AI to create convincing images and manipulated videos, although Microsoft’s assessment suggests that the impact of such content in influencing audiences remains limited.

Why does it matter?

Since last fall, Microsoft has observed a gradual increase in social media accounts linked to China disseminating inflammatory narratives. These influence campaigns have targeted Taiwan’s election and exacerbated rifts in the Asia-Pacific region. On Taiwan’s election day, a Chinese-associated propaganda group reportedly used an AI-generated audio recording to imply an endorsement from Terry Gou, owner of Foxconn Technology Group and former presidential candidate, for another candidate.

Microsoft’s efforts coincide with US government warnings about Chinese hacking groups targeting critical infrastructure, including communications and transportation systems. Microsoft has also been subject to criticism in a recent US government report regarding its response to suspected Chinese cyberespionage campaigns.

Google sues alleged scammers for distributing fraudulent crypto apps on Play Store

Google has initiated legal action against two alleged crypto scammers for distributing fraudulent cryptocurrency trading apps through its Play Store, deceiving users and extracting money from them. Based in China and Hong Kong, the accused developers uploaded 87 deceptive apps that reportedly conned over 100,000 individuals. According to Google, users suffered losses ranging from $100 to tens of thousands per person due to these schemes, which have been operational since at least 2019.

The lawsuit marks Google’s proactive stance against such scams since Google swiftly removed the fraudulent apps from its Play Store. The company’s general counsel, Halimah DeLaine Prado, emphasised that holding these bad actors accountable is crucial to safeguarding users and maintaining the integrity of the app store. The company claims it incurred over $75,000 in economic damages while investigating this fraud.

The scam reportedly enticed users through romance messages and YouTube videos, urging them to download fake cryptocurrency apps. The scammers allegedly misled users into believing they could profit by becoming affiliates of the platforms. Once users invested money, the apps displayed false investment returns and balances, preventing users from withdrawing funds or imposing additional fees, ultimately leading to more financial losses.

Google’s legal action accuses the developers of violating its terms of service and the Racketeer Influenced and Corrupt Organizations Act. The company seeks to block further fraudulent activities by the defendants and aims to recover unspecified damages. The legal move represents Google’s commitment to combating app-based scams and protecting users from deceptive practices on its platform.

Microsoft faulted for preventable Chinese hack

A report released by the US Cyber Safety Review Board on Tuesday blamed Microsoft for a targeted Chinese hack on top government officials’ emails, deeming it ‘preventable’ due to cybersecurity lapses and lack of transparency. The breach, orchestrated by the Storm-0558 hacking group affiliated with China, originated from the compromise of a Microsoft engineer’s corporate account. Microsoft highlighted ongoing efforts to bolster security infrastructure and processes, pledging to review the report for further recommendations.

The board’s report outlined decisions by Microsoft that diminished enterprise security, risk management, and customer trust, prompting recommendations for comprehensive security reforms across all Microsoft products. Last year, the intrusion affected senior officials at the US State and Commerce departments, including Commerce Secretary Gina Raimondo and US Ambassador to China Nicholas Burns, raising concerns about the theft of sensitive emails from prominent American figures.

Despite acknowledging the inevitability of cyberattacks from well-resourced adversaries, Microsoft emphasised its commitment to enhancing system defences and implementing robust security measures. The company highlighted ongoing efforts to fortify systems against cyber threats and enhance detection capabilities to fend off adversarial attacks. The incident underscores the persistent challenges posed by cyber threats and the imperative for technology companies to prioritise cybersecurity measures to safeguard sensitive data and operations against evolving threats.

Cybersecurity and Cybercrime

DiploFoundation (Diplo) is a non-profit organisation established in 2002 by the governments of Malta and Switzerland. It has offices in Malta, Switzerland, Serbia, and the USA. With the mission to increase the power of small and developing states to influence their own futures and development, Diplo’s main activities are dedicated to developing capacity, organising meetings and events, delivering courses, conducting research, publishing analyses, and experimenting with technological tools.

Over the years, Diplo has successfully trained over 7,500 alumni from 208 countries and territories, including individuals working in governments, the private and civil sectors, media, and academia.

The Geneva Internet Platform (GIP) is an initiative supported by the Swiss Federal Department of Foreign Affairs (FDFA), the Swiss Federal Office of Communications (OFCOM), and the Republic and Canton of Geneva. It is operated by Diplo.

Digital activities

The GIP engages actors, fosters meaningful dialogues on digital governance, and monitors digital policy processes in Geneva and beyond. The GIP also provides a neutral and inclusive space for digital policy debates, recognised as a platform where different views can be voiced and the risks and vulnerabilities of technology addressed.

Concretely, GIP activities are centred on two pillars: 1) the physical platform in Geneva that hosts events and delivers training and 2) the GIP Digital Watch Observatory, which monitors and tracks the latest updates, overviews, instruments, resources, events, and actors across 7 baskets of over 50 internet governance and digital policy topics, trends, and processes.

Apart from the GIP, Diplo also operates a Diplo Academy that delivers a wide range of courses primarily dedicated to diplomats and government officials; long-running courses cover subjects in internet governance, AI, cybersecurity, e-diplomacy, science diplomacy, and tech diplomacy.

Diplo hosts an AI lab that develops in-house AI solutions that can be used in research, courses, training, and other projects. Its notable projects include an AI reporting system, AI assistants, and other internal tools.
Diplo is also advancing on conferencing technologies through the ConfTech project, providing resources guiding event planners through the how-to of hosting hybrid meetings.

Digital policy issues

Artificial intelligence

Diplo’s research on and analysis of AI stretches from the most pertinent policy and governance issues to reflections on AI development in general. For instance, Diplo pooled together resources on national AI strategies and international negotiation processes on AI governance; in the Stronger Digital Voices from Africa report, Diplo also included a specific section analysing how African countries approach frontier technologies like AI. Across the seven baskets of digital issues covered by the Digital Watch Observatory, Diplo experts also highlighted the policy implications AI brings to a given issue, allowing domain experts from different fields to comprehend the impact of AI technologies.

Under the banner of HumAInism, Diplo experts also offer their timely reflections on AI development in the form of blog posts, policy briefs, and reports, exploring the nexus of governance, diplomacy, technology, philosophy, linguistics, and arts.

Specifically, in exploring the interplay of AI and diplomacy, Diplo provided detailed analyses of how AI technologies might affect the field of foreign policy and diplomacy; commissioned by the Finnish Ministry for Foreign Affairs, Diplo wrote a report titled Mapping AI’s challenges and opportunities for the conduct of diplomacy.

Dedicated to upskilling diplomats, students, and other professionals, Diplo Academy launched the AI Campus in 2024, containing a series of modules introducing the technical foundations, applications, governance and regulation mechanisms, and philosophical aspects of AI.

Cybersecurity

The Geneva Dialogue on Responsible Behaviour in Cyberspace (GD) was launched in 2018 by the Swiss Federal Department of Foreign Affairs (FDFA) in cooperation with the GIP, with the support of other stakeholders. The GD maps the roles and responsibilities of non-state actors in contributing to a more secure cyberspace in the context of international peace and security. It is an ongoing process that identifies and brings together existing efforts, good practices, and possible gaps, making recommendations to overcome such gaps. It also serves as a platform in Geneva and beyond for different stakeholders to engage and discuss topics on responsible behaviour in cyberspace.

In 2023, a major achievement of the GD was the publication of the Geneva Manual on Responsible Behaviour in Cyberspace. Launched during a dedicated event hosted in Geneva in December 2023, the Manual offers possible guidance for the international community in advancing the implementation of existing norms and establishing good practices. The inaugural edition of the Manual focuses on two norms related to supply chain security and responsible reporting of ICT vulnerabilities. The Geneva Dialogue and Geneva Manual were included in the written and verbal statements to the UN Open-Ended Working Group (OEWG) on the security of and in the use of information and communications technologies in December 2023. From January 2024, the GD focuses on the existing norms and confidence-building measures (CBMs) related to critical infrastructure protection.

Capacity development

As per Diplo’s stated mission to support small and developing states in participating in digital policy negotiations and discussions, Diplo develops and hosts a wide range of training, courses, and events in both Geneva and across the world. The Geneva office is Diplo’s main outreach post where Diplo engages with diplomatic communities in the International Geneva. Diplo hosts monthly briefings for Geneva-based diplomats who cover science, technology and innovation issues; its in-house experts dissect the most recent digital policy negotiation processes and provide space for diplomats to ask questions and form opinions. Diplo also partakes in multiple events in and around Geneva, supporting other diplomatic or international organisation actors with its network of experts in the fields of cybersecurity, AI, digital infrastructure, data governance, digital economy, etc.

From 2023 to 2024, Diplo, with the support of the United States Mission to International Organizations to Geneva, ran the Policy Meets Tech series to help bridge gaps between technology and policy in digital governance. Dedicated to missions of small and developing countries, the series included events in which experts ‘opened the black box’ of technical subjects like the internet, AI, quantum computing, virtual reality, satellites, and cryptography.

In the lead-up to the UN Summit of the Future and the adoption of the Global Digital Compact, Diplo delivered two rounds of training on digital governance issues for New York-based diplomats and hosted a two-day expert-guided diplomatic dialogue in Geneva to facilitate honest and transparent exchanges of information and opinions among diplomats, providing both background information of the GDC and clarifying technical details.

Apart from more Geneva-based and globally-focused events, Diplo also delivers more country-tailored training on demand; taking requests from governments all over the world, Diplo curates a series of activities and lectures for diplomats or governmental officials according to their needs. For instance, with the support of various partners, Diplo has long been building digital governance capacities in the Caribbean and African regions.
Lastly, Diplo Academy is Diplo’s online learning platform, offering a wide range of courses covering different facets of diplomacy and the most topical digital policy domains. The faculty consists of high-ranking practising and retired diplomats, as well as renowned academics in the fields of digital policy, diplomacy, and international relations. Since 1994, Diplo Academy has run more than 500 courses and trained more than 7500 alumni from 208 countries working in governments, civil society, the private sector, media, and academia.

Digital tools

AI assistants

Believing in walking the talk, Diplo experiments with digital technologies and builds its own AI tools for research and educational purposes. Its AI lab has developed DiploAI, a domain-specific AI system that was fine-tuned for diplomatic and policy-relevant texts; it enables Diplo researchers to build customisable AI assistants for courses, diplomatic training, and research. For example, using the retrieval-augmented generation (RAG) technique, a Diplo researcher is able to customise an AI assistant based on a third-party large language model (LLM) by providing the latter with a curated dataset trained on global digital governance documents and various countries’ official statements. Diplo’s guiding principles in building such assistants are grounded in the pursuit of AI solutions that are open-source, inherently bottom-up, and traceable by showing the basis on which AI assistants generate answers.

Diplo also implements the same principles when incorporating smart searching features into its main website (diplomacy.edu); on the site, a publicly available AI assistant takes users’ queries and guides them to the right Diplo resources.

Conferencing technologies

In experimenting with AI tools to meet the diplomatic needs of reporting from events and meetings, Diplo takes conferencing technologies to another level. During a UN Security Council special session, Diplo deployed its human-AI hybrid system, generating just-in-time reports of country statements and key questions. The hybrid system leverages AI’s real-time transcription and summarisation capability along with human quality control. The system has been tested during larger international conferences and events, such as the 78th UN General Assembly, the Internet Governance Forum (IGF) 2023, the UN Trade and Development (UNCTAD) eWeek 2023, and the World Economic Forum 2024.

Digital footprint

Started as a mapping exercise to understand the significance of major Geneva actors’ digital presence in the world, the Geneva Digital Footprint application shows the visibility of more than 200 Geneva-based actors on Google’s search engine. The application evaluates how visible Geneva-based actors’ website domains are in 50 cities worldwide as users enter 500 plus keywords pertinent to the digital policy discussions, such as trade, healthcare, emerging technologies, humanitarian aid, etc. The application is updated frequently, its rich repertoire of data serving as a basis for the 9th Geneva Engage Awards and other analyses on Geneva’s overall importance in the field of digital.

Colour of flags

Diplo’s AI lab developed a simple game of guessing the pattern of the country flag colour compositions and generating new flags for countries based on such patterns. The game is developed to show the logic behind AI algorithms, which are broadly based on ‘probabilistic calculations’ and ‘pattern recognition’, in the simplest way possible to reduce barriers for non-technical background diplomats and policymakers who must negotiate about the governance of AI technologies. The Colour of Flags is physically playable as a card-based board game and digitally available as well.

Other tools

For more of Diplo’s publicly available tools, please check the AI and Technology page under HumAInism.

Social media channels

Facebook @DiploFoundation

Instagram @diplofoundation

LinkedIn @diplofoundation

X @DiplomacyEdu

YouTube @DiploFoundation

Monthly newsletter @ https://www.diplomacy.edu/subscribe/

Contact @ geneva@diplomacy.edu

Geneva Digital Atlas

Vulnerabilities in digital products and networks leading to cyberthreats raise security concerns from individual users to international security and peace. While States hold primary responsibility, meaningful cooperation with non-state actors, such as the private sector, academia, civil society, and the technical community, is crucial to foster a secure, open, and peaceful cyberspace. However, what are those other actors expected to do? Where and how can they support states in ensuring the security and stability in cyberspace?

Join us on December 7th for the launch of the Geneva Manual – a comprehensive guide on non-state actors’ contributions to the implementation of cyber norms.

The Geneva Manual will undergo continuous development in the years ahead to encompass a wide range of cyber norms, guided by discussions with the multistakeholder community.

Established by the Swiss Federal Department of Foreign Affairs and led by DiploFoundation, with support of the Republic and State of Geneva, C4DT, Swisscom and UBS, the Geneva Dialogue particularly asks how the norms and confidence-building measures (CBMs) might be best operationalised (or implemented) by relevant actors as a means to contribute to international security and peace.

Programme

09:45 – 10:00 (CET)

Welcome coffee

10:00 – 10:05

Introduction: Setting the scene

10:05 – 10:30

Opening remarks

H.E. Mr Benedikt Wechsler, Ambassador and Head of the Digital Division, Swiss Federal Department of Foreign Affairs
Dr Jovan Kurbalija, Executive Director of DiploFoundation and Head of the Geneva Internet Platform (GIP)
Mr Florian Schütz, Federal Cyber Security Delegate and Head of the National Cyber Security Centre (NCSC)
H.E. Mr Burhan Gafoor, Ambassador and Permanent Representative of Singapore to the United Nations in New York, Chair of the UN Open-Ended Working Group

10:30 – 11:45

The Geneva Manual & cyber norms

Presentation of the Geneva Manual

Ms Anastasiya Kazakova, Cyber Diplomacy Knowledge Fellow at Diplo Foundation

Discussion: What do relevant stakeholders have to say about their roles and responsibilities in implementing the norms?

Mr Daniel Klingele, Senior Advisor, International Security Division, FDFA and Swiss representative to the UN OEWG
Ms Katherine Getao, Cyber Hygiene, Cyber Diplomacy, and ICT Strategy and Governance Consultant, former CEO of ICT Authority in Kenya and the Kenyan representative to the UN GGE
Mr Xiang Zheng Teo, Vice President of Advisory, Consulting, Ensign InfoSecurity
Ms Madison Q. Oliver, Advisory Curation Manager, GitHub Security Labs
Mr Juan Pablo Parra, Researcher of the Civic Participation Area, Karisma Foundation
Mr Jan Martin Lemnitzer, Assistant Professor, Department of Digitalization, Copenhagen Business School

Moderated by Mr Vladimir Radunović, Director, E-diplomacy and Cybersecurity Programmes at DiploFoundation.

11:45 – 12:00

Coffee break

12:00 – 13:30

Testing the Manual: Simulation exercise

Imagine: A critical vulnerability in the software code underpinning important ICT systems around the world has been discovered. Dire consequences are looming. We all need to act – and act fast. Time to test the Geneva Manual!

13:30 – 14:30

Lunch

14:30 – 16:00

Panel discussion: Tomorrow’s challenges and opportunities: Can norms and regulations keep pace with emerging technology?

Ms Annie Machon, Formerly MI5, currently a privacy campaigner, author, media commentator, and international public speaker
Mr Moctar Yedaly, Former Minister of Digital Transformation and Innovation, Government of Mauritania
Ms Anita Lamprecht, Active member and ambassador of the non-profit legal think tank Liquid Legal Institute e.V.

Moderated by Mr Jovan Kurbalija, Executive Director of DiploFoundation and Head of the Geneva Internet Platform (GIP).

16:00 – 16:20

Inspirational talk

Dr Cory Doctorow, Special Advisor, Electronic Frontier Foundation

16:20 – 16:30

Closing and next steps

17:00

Reception hosted by DiploFoundation and the Republic and State of Geneva

World Meteorological Organization (WMO) 7bis, avenue de la Paix

GET PROGRAMME

The inaugural edition of the Manual focuses on two norms related to supply chain security and responsible reporting of ICT vulnerabilities.

The event will take place in a hybrid format: in situ in Geneva, and online. To register to participate online, please follow this link.

China’s top prosecutor warns cybercriminals are exploiting blockchain and metaverse projects

China’s Supreme People’s Procuratorate (SPP) is ramping up efforts to combat cybercrime by targeting criminals who use blockchain and metaverse projects for illegal activities. The SPP is alarmed by the recent surge in online fraud, cyber violence, and personal information infringement. Notably, the SPP has observed a significant rise in cybercrimes committed on blockchains and within the metaverse, with criminals increasingly relying on cryptocurrencies for money laundering, making it challenging to trace their illicit wealth.

Ge Xiaoyan, the Deputy Prosecutor-General of the SPP, highlights a 64% year-on-year increase in charges related to cybercrime-related telecom fraud, while charges linked to internet theft have risen nearly 23%, and those related to online counterfeiting and sales of inferior goods have surged by almost 86%. Procuratorates have pressed charges against 280,000 individuals involved in cybercrime cases between January and November, reflecting a 36% year-on-year increase and constituting 19% of all criminal offenses.

The People’s Bank of China (PBoC) acknowledges the importance of regulating cryptocurrency and decentralized finance in its latest financial stability report. The PBoC emphasizes the necessity of international cooperation in regulating the industry.

Despite the ban on most crypto transactions and cryptocurrency mining, mainland China remains a significant hub for crypto-mining activities.

Geneva Dialogue | The launch of the Geneva Manual