The UN’s International Telecommunication Union (ITU) condemned Russia for allegedly interfering with the satellite systems of several European countries, including Ukraine, France, Sweden, the Netherlands, and Luxembourg. These incidents, reported over recent months, have disrupted GPS signals and jeopardised air traffic control.
ITU’s review indicated that the interference originated from earth stations near Moscow, Kaliningrad, and Pavlovka. The organisation called the interference ‘extremely worrisome and unacceptable’ and urged Russia to cease these actions immediately and investigate the incidents. It also proposed a meeting between the affected countries and Russia to resolve the issue.
Swedish authorities blamed Russia for harmful interference shortly after Sweden joined NATO, while France reported significant disruptions to its Eutelsat satellites. Additionally, Lithuania and Estonia raised alarms about navigation signal interference impacting flights. Earlier in the year, a jet carrying UK Defence Secretary Grant Shapps experienced GPS jamming over Kaliningrad.
Russia denied any wrongdoing and complained about alleged interference by NATO countries, which ITU did not address. Russia’s presidential press secretary, Dmitry Peskov, expressed unawareness of the UN agency attributing interference to Russia and questioned the UN’s authority to discuss the matter.
IBM Consulting and Microsoft have expanded their long-standing partnership to help clients modernise their cybersecurity operations and manage hybrid cloud identities. As businesses increasingly adopt hybrid cloud and AI technologies, protecting valuable data has become critical.
IBM Consulting integrates its cybersecurity services with Microsoft’s security technology portfolio to modernise end-to-end security operations. The collaboration aims to provide tools and expertise to protect data through cloud solutions, ultimately driving business growth. Mark Hughes, Global Managing Partner of Cybersecurity Services at IBM Consulting, emphasises that ‘security must be a foundational part of every organisation’s core operations.’
IBM’s Threat Detection and Response (TDR) Cloud Native service combines Microsoft Sentinel, Microsoft Defender XDR, and Microsoft Defender for Cloud with AI-powered security technologies to accelerate threat detection and response. IBM’s global team of security analysts provides 24/7 monitoring and investigation of security alerts across clients’ hybrid cloud environments, maximising the value of Microsoft’s end-to-end security solutions.
After recent Indonesia’s most severe cyberattack, Samuel Abrijani Pangerapan, the director-general for applications and information at the Ministry of Communications and Information Technology, resigned, citing moral responsibility. The attack, which struck more than 280 government agencies, resulted in significant data loss and disrupted essential services ranging from airport operations to scholarship management. The hacker group responsible initially demanded a ransom of $8 million, which the government refused to pay. The hackers later apologised and provided a decryption key to unlock the stolen data.
Despite the decryption key’s release, the recovery process has been challenging. The Ministry of Communications and Information Technology reported that only 2% of the data had been saved by early efforts, with the rest presumed lost. President Joko Widodo responded by ordering an immediate cybersecurity audit and the implementation of robust backup strategies across all national data centres. The goal is to prevent similar incidents in the future, emphasising the need for comprehensive security measures.
Public dissatisfaction has grown in response to the government’s handling of the cyberattack. The attack impacted administrative services and caused significant disruptions at airports in Indonesia, where immigration systems were forced to operate manually due to the cyberattack’s effects on automated processes. The scale of the breach underscored existing vulnerabilities across government data management systems managed by PT Telkom Indonesia, whose subsidiary operated the compromised data centre.
The US auto industry faces challenges in the second quarter as Ford and General Motors report slower sales growth following the cyberattack that disrupted a critical software system used by dealerships nationwide. The outage at CDK in late June impacted over 15,000 retail locations during a crucial selling period, adding to the hurdles already faced by automakers due to supply chain disruptions. Despite hopes for a post-pandemic surge in vehicle demand as more people returned to work, high borrowing costs and economic uncertainties flattened these expectations.
Ford’s quarterly sales saw a modest 1% increase to 536,050 vehicles, a significant slowdown compared to the 10% growth in the previous year. Similarly, Toyota Motor’s local unit and Honda also experienced decelerated sales growth in the second quarter. Analysts anticipate automakers to recover lost sales. CDK reported progress in restoring the dealer management system, with most dealer connections already operational.
Ford attributed its growth in the quarter to the success of hybrid and electric models, with sales of gas-powered vehicles declining by 5%. In comparison, EV and hybrid vehicle sales rose by approximately 61% and 55%, respectively. In June, US new vehicle sales reached around 1.32 million units, translating to a seasonally adjusted annual rate of 15.29 million units per data from Wards Intelligence released on Tuesday.
The recent decision by the US Supreme Court to overturn the long-standing ‘Chevron deference’ doctrine will have significant implications for the Biden administration’s cybersecurity agenda, particularly regarding the protection of critical infrastructure. The ruling shifts the power to interpret and enforce laws related to cybersecurity from executive agencies to Congress and the courts, marking a departure from the previous approach that relied on agency-led initiatives to enhance cybersecurity practices.
One key takeaway from this development is how it has revealed the inadequacies in the cybersecurity practices of critical infrastructure organisations. Despite the rise in cyber threats targeting these entities, many have failed to implement baseline security measures like multifactor authentication, making them vulnerable to attacks. The absence of stringent regulations mandating such practices has exacerbated these organisations’ cybersecurity challenges.
The Biden administration’s strategy of leveraging existing agency rules to bolster cybersecurity measures is now facing a regulatory overhaul. The government must implement a more comprehensive legislative approach to address cybersecurity gaps.
Looking ahead, the repeal of the Chevron deference doctrine is set to usher in a new era of cybersecurity regulation, with a stronger emphasis on congressional involvement in shaping cybersecurity policies. The increased engagement of legislative affairs staffers, lobbyists, and advocates in the regulatory process shows a shift towards a more collaborative and evidence-based approach to cybersecurity governance.
Why does it matter?
As the landscape of cybersecurity regulation evolves in response to this landmark decision, critical infrastructure sectors are expected to face renewed scrutiny regarding their cybersecurity preparedness. The need for robust cybersecurity frameworks and proactive measures to safeguard vital infrastructure assets has never been more pressing. Therefore, the implementation of comprehensive and effective cybersecurity regulations is becoming imperative.
The Fédération Internationale de l’Automobile (FIA), the governing body of auto racing since the 1950s, revealed that attackers managed to access personal data by compromising several FIA email accounts through a phishing attack. Established in 1904 as the Association Internationale des Automobile Clubs Reconnus (AIACR), the FIA is a non-profit international association that oversees various auto racing championships, including Formula 1 and the World Rally Championship (WRC). With 242 member organisations spanning 147 countries across five continents, the FIA also governs the FIA Foundation, which supports and finances road safety research.
To prevent similar incidents in the future, the FIA implemented enhanced security measures and expressed regret for any concerns raised among the affected individuals. Emphasising its commitment to data protection and information security, the FIA continuously evaluates and strengthens its systems to combat evolving cyber threats. However, details such as the breach detection timeline, the extent of personal information accessed, and the nature of the exposed or stolen sensitive data remain undisclosed by the organisation.
Australia is set to transfer its top-secret intelligence data to the cloud under a $2 billion agreement with Amazon Web Services to enhance defence interoperability with the United States. Defence Minister Richard Marles emphasised that the move to distributed, purpose-built facilities would bolster the resilience of data crucial for the defence force, ensuring continued operation even if individual servers fail.
The Director General of the Australian Signals Directorate, Rachel Noble, highlighted that the shift will also incorporate increased use of AI to analyse data. Noble stressed the importance of using AI ethically and with careful governance to understand its impact on data and its applications within the intelligence community.
Marles noted the significance of maintaining a common computing environment with US defence forces, especially as modern warfare increasingly relies on top-secret data, such as that used by F-35A joint strike fighter aircraft. He explained that data from sensors feeding into these platforms is vital for targeting, defence, and protection of other assets.
Prime Minister of Australia, Anthony Albanese, announced that the partnership with Amazon Web Services would enhance national security capabilities and create 2,000 local jobs. Director-General of National Intelligence Andrew Shearer reiterated that interoperability with security partners like the United States remains a top priority.
The US has revoked eight licenses this year, which previously allowed certain companies to export goods to Huawei in an attempt to exert pressure on the Chinese telecom giant. Earlier in May, the Commerce Department announced that it had revoked some licenses but did not specify the details.
The development occurred as Republican hardliners in Congress pushed to intensify measures against Huawei, which surprised the industry last August with a new phone featuring an advanced chip from Chinese manufacturer SMIC despite US export restrictions. The phone boosted Huawei’s smartphone sales by 64% in the first six weeks of 2024. Additionally, Huawei’s smart car components business has driven its fastest revenue growth in four years during 2023.
These details highlight the Biden administration’s efforts to hinder Huawei’s recovery despite previous measures aimed at weakening the company on national security grounds. Meanwhile, Huawei continues to deny being a security threat.
Why does this matter?
Such license revoking measures can be located as a part of the larger tech war intensification between the US and China, especially concerning chip market dominance. With the race between the two superpowers set to continue, it’ll cost the global economy enormously with a loss of trade revenue.
The US Supreme Court decided not to review a case involving a Texas teenager who sued Snapchat, alleging the platform did not adequately protect him from sexual abuse by a teacher. The minor, known as Doe, accused Snap Inc. of negligence for failing to safeguard young users from sexual predators, particularly a teacher who exploited him via the app. Bonnie Guess-Mazock, the teacher involved, was convicted of sexually assaulting the teenager.
Lower courts dismissed the lawsuit, citing Section 230 of the Communications Decency Act, which shields internet companies from liability for content posted by users. With the Supreme Court declining to hear the case, Snapchat retains its protection under this law. Justices Clarence Thomas and Neil Gorsuch expressed concerns about the broad immunity granted to social media platforms under Section 230.
Why does this matter?
The case has sparked wider debate about the responsibilities of tech companies in preventing such abuses and whether laws like Section 230 should be revised to hold them more accountable for content on their platforms. Both US political parties have called for reforms to ensure internet companies can be held liable when their platforms are used for harmful activities.
According to research conducted by Proofpoint, the volume of mobile political spam ahead of the 2024 election has tripled compared to the 2022 midterms. The study indicates a growing trend among US voters to seek information through digital platforms, which can increase their vulnerability to cybercriminal activities.
With 60% of American adults favouring digital media for news consumption and 86% using smartphones, tablets, or computers, there is a notable reliance on digital channels. Nearly all US voters (97%) have access to mobile messaging services. Despite the widespread trust in mobile messaging, Proofpoint warns that the surge in smishing, impersonation, and unwanted spam messages is nowadays eroding this confidence.
While many voters are cautious about fake news on social media, fewer recognise the significant risks associated with mobile messaging and email impersonation tactics. Notably, incidents of election-related smishing attacks have risen by over 7% in the past nine months compared to the previous period.
The increase in mobile political messaging, commonly used by campaigns and interest groups, has coincided with a rise in malicious activities. For instance, following former President Donald J. Trump’s guilty verdict in his ‘hush money’ trial, there was a notable 240% increase in unwanted political messaging within 48 hours, with reported volumes reaching tens of millions.
Why does it matter?
Proofpoint emphasised the importance of voters proactively defending themselves against impersonation attacks during this election season. They advise voters to be cautious with unsolicited messages, particularly those urging immediate action. The company also called on mobile operators to prioritise the protection of their users. Maintaining a healthy level of scepticism is crucial for all parties involved.
To mitigate the risks associated with malicious mobile messaging, voters are advised to refrain from opening attachments or clicking on links in such messages. Instead, it is recommended that you enter known URLs into web browsers directly. Thoroughly scrutinising all election-related digital communications is essential to verify their authenticity.
