Earlier this week, the US Treasury Department revealed that it had been hacked by Chinese hackers, who had accessed several employee workstations and unclassified documents.

A letter by the treasury stated that the hackers compromised third-party cybersecurity service provider BeyondTrust in order to steal unclassified documents in what it called a “major incident.”

It detailed that the hackers gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users.

With the stolen key, the threat actor was able to override the service’s security and remotely access user workstations.

“Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor,” the letter read.

The Treasury Department said it was alerted to the breach by BeyondTrust on December 8, and it was working with the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to assess the impact of the hack.

The letter added that there was no evidence that the hacker was still in its systems.

The Washington Post has since spoken to anonymous US officials who said the attackers compromised the Office of Foreign Assets Control and the Office of Financial Research and also targeted the office of US Treasury Secretary Janet Yellen.

According to the report, US officials said that the Chinese government’s motivation would likely be to find out what Chinese entities the US government is considering designating for financial sanctions.

In response to the report, spokesperson for the Chinese Embassy in Washington, Liu Pengyu, said that the “irrational” US claim was “without any factual basis” and represented “smear attacks” against Beijing.

The spokesperson added that China “combats all forms of cyber-attacks”.

The US Treasury has not responded to a request for comment on the report.

The post US Treasury accuses Chinese hackers of stealing documents appeared first on TechInformed.

The documents reveal that Rostislav Panev, a 51-year-old man with dual Russian-Israeli citizenship, is facing extradition to the US to face charges alongside two others accused of working for the cybercriminal group

Panev allegedly served as a malware developer for the ransomware group from its inception in 2019 until February 2024, receiving approximately $230,000 in cryptocurrency transfers from the group between June 2022 and February 2024.

During his time at the group, Panev and his co-conspirators helped grow LockBit into what the US Justice Department refers to as “the most active and destructive ransomware group in the world.”

LockBit is responsible for more than 2,500 attacks across at least 120 countries, including 1,800 in the US.  Victims have included businesses of all sizes, hospitals, schools, nonprofit organisations, critical infrastructure, government agencies, and law enforcement entities.

In total, the group received at least $500 million in ransom payments and caused billions of dollars in losses.

According to the Justice Department, at the time of his arrest, Panev had admin credentials for LockBit’s Dark Web online repository with the gang’s ransomware source code, alongside source code for an affiliate tool called “StealBit” used to exfiltrate stolen data.

Panev’s laptop also had access credentials for the LockBit control panel used by affiliates.

In interviews with Israeli authorities following his arrest in August, Panev admitted to performing coding development and consulting work for the LockBit group and receiving regular payments in cryptocurrency for his work.

“The Justice Department’s work going after the world’s most dangerous ransomware schemes includes not only dismantling networks, but also finding and bringing to justice the individuals responsible for building and running them,” said the Justice Department’s attorney general Merrick B. Garland.

“Three of the individuals who we allege are responsible for LockBit’s cyberattacks against thousands of victims are now in custody, and we will continue to work alongside our partners to hold accountable all those who lead and enable ransomware attacks,” he added.

In February this year, the UK, US, and EU law enforcement announced the takedown of the group with a notice on the gang’s extortion site that read: “The site is now under the control of law enforcement.”

In what was called ‘Operation Cronos’, the agencies displayed multiple screenshots of LockBit’s backend and announced its affiliates in Poland and Ukraine.

Then, in May, the National Crime Agency led a campaign to identify the ‘leader of LockBit’, unmasked as Dmitry Khoroshev.

More recently, unknown individuals claiming to represent the ransomware gang have broken cover to announce the impending release of a new malware, LockBit 4.0.

Reported screengrabs from the Dark Web show the supposed cyber-criminal inviting interested parties to “sign up and start your pentester billionaire journey in 5 minutes with us.”

It showed a countdown timer with a launch date of 3 February 2025.

Read more about who LockBit were during their time as a cyber gang here.

The post LockBit ransomware developer arrested appeared first on TechInformed.

We must add that it is not the bargain variety you might find on the discount store’s own shelves, or the branded variety that cyber security vendors dispense at trade shows — although he does admit to liking these — but an external Security Operations Centre that can monitor and respond to security incidents around the clock.

“I’m finally getting my SOC! It was approved last week, so I’m happy to be getting a team for 24/7 coverage from a firm already very knowledgeable about our environment,” he says.

McCourt adds that having “eyes on the glass” 24/7 all year round will ensure that alerts are promptly addressed overnight and that triage is handled.

“It’s about having that staff augmentation and those extra capabilities and 24/7 coverage that I’m excited about. Especially leading up to Christmas when staff are off for a period. I want to take time off, too.”

For McCourt, the SOC means he might also have time to reflect on what has been an eventful year for his organisation.

Parent company Pepco acquired rival retailer Poundshop last year and inherited an e-commerce platform, creating new security challenges.

Last month, the retailer also introduced an online web and mobile loyalty programme, Poundland Perks, which has given the team additional GDPR, data protection, and data security issues to manage.

“These developments mean that we have taken a new step in terms of what we’ve had to manage and maintain, and it’s really putting the focus on the digital side of our business,” he says.

“It’s made us look at where we have visibility from in terms of a basic GDPR perspective and whether we have the processes and procedures in place to accommodate these protections.

“It’s also introduced a lot of new challenges not only from a capability perspective but from a capacity perspective,” he adds.

Structure

Given the organisation’s size, McCourt says he manages a relatively small security team. The London-based Pepco Group encompasses 850 Poundland stores in the UK, along with Dealz stores in Ireland and Poland.

The Pepco brand also has 4,500 value stores in 20+ European countries. Another part of the business is China-based PGS, which helps with supply chain management and product acquisition.

“My role is specifically at Poundland and Dealz, and I have counterparts that work independently at Pepco and PGS. We all help support our parent company,” McCourt explains.

“Compared to other categories of business, we have a relatively small IT team for what we manage and maintain. So really, it’s a prioritisation of products and projects as well as ensuring that we dedicate time to increase the resiliency of our internal processes,” he says.

“It all boils down to that security triad of ‘confidentiality, integrity and availability’ into the digital estate,” he adds.

Hungarian phishing attack

According to McCourt, cyber awareness training has always been central to Poundland’s security posture — even before Pepco disclosed that a phishing attack earlier this year caused one of its European branches to lose €15.5 million (roughly $16.8 million).

Initial reports suggested it was a BEC (Business Email Compromise) attack. In contrast, others claim it was a sophisticated phishing attack, in which scammers impersonated trusted entities to trick people into revealing sensitive information.

Because the incident is still being investigated by the Hungarian police, Interpol, and other law enforcement agencies, McCourt says he can’t provide details.

“I can’t comment on what happened, but I can say what it wasn’t; it wasn’t a BEC attack. But ultimately, there were elements of phishing and communication through nonstandard company protocols, which resulted in quite a loss overall,” he says.

In terms of lessons learned, McCourt says the group has added more processes and procedures around how transactions occur.

The key message he wants to convey to staff is that if something doesn’t feel right, they should try and verify it “because, in this case, as well as the issues caused by the attackers, there was also some breakdown in the process,” he adds.

Verification may even involve picking up one of those old-fashioned devices called ‘telephones’ and checking with a line manager or CFO before making large or unusual transactions.

Poundland has been working with KnowBe4, a security awareness training platform that increases awareness through regular security exercises, for about a year.

Initially, McCourt used the platform for small-scale phishing exercises, but it recently expanded to 1,600 users.

The intention now, he adds, is to roll these regular training exercises out at a group level and add the training to its physical retail store environment, bringing the total number of Pepco users to 10,000.

A coffee with…Erich Kron, security awareness advocate, KnowBe4

According to Javvad Malik, Knowbe4’s lead security awareness advocate, most exercises can be reduced to empowering staff to say no to something and ensuring they verify requests.

“That is probably your biggest defence. And if the phone isn’t the norm, it should be the norm.

“Or, some other process needs to be put in place because while it’s true that AI and deepfakes are on the rise, ultimately, they still target human emotion and trigger someone into doing something within a short time while trying to establish some authority.”

Thinking fast, thinking slow

Malik says that nearly every work-based social engineering attack has three core components. The first is the attacker asserting an authoritative identity. “They will either try to claim to be your boss, a partner, or someone important.”

Then, he says, there is ‘the ask’: “This is often strange or not business as usual, like ‘we’ve just swapped banks’ or something that is not a regular occurrence.”

The third aspect is time pressure: “The tone usually is ‘I’m the CEO, and we need to make this payment to a new partner, and we need this to happen within the next two hours, or we’re going to lose the deal.”

Malik says the only way to avoid falling for such scams — whether it’s an apparent physical likeness of a CEO on a video conference call or an urgent email sent from an official-looking address — is “to slow down, take a deep breath, and reevaluate.”

The security expert cites a book by Nobel Prize-winning psychologist Daniel Kahneman, Thinking Fast and Slow, categorising thinking and decision-making into two systems.

“System 1 is your reactive brain, which is saying, ‘I’m pressured, I’m angry, I’m depressed, so I must react quickly,’ and that’s where most mistakes happen,” Malik explains.

System 2 results from slower, more rational thinking, which tends to occur when one takes a step back or consults with someone else.

“So, when you get an email or a video call asking for something unusual. Take a moment, or better still, pass it on to someone else to have another pair of eyes on it. Or validate it, and your perspective becomes much more rational,” says Malik.

“For instance, if you get a letter through the door from HMRC informing you that you owe tax and need to pay immediately, your heart rate will immediately start to increase.

“But if your neighbour comes around and takes a look, they will be much calmer and can say, ‘Oh, look, this is a scam because of this, this, and this.’ It’s easier if you have someone else to bounce off.”

According to McCourt, Poundland is sending out phishing simulations once every few weeks.

“Sometimes the response is ‘You almost caught me with that one!’ but that’s not what this exercise is about. It’s about understanding the red flags and knowing what to do with them,” he says.

“The chances are the scam is going to more than one staff member, so if they know how to use that phishing alert button or to report it to IT Security, then that puts us in a good position to get those alarm bells going,” he adds.

When asked if Poundland has become a target since a store within its group fell prey to an attack, McCourt said: “We’ve had a couple of similar attacks that we could identify rather quickly, which all had the same M.O.

“We identified them very quickly and nipped them in the bud.”

Regarding other preventive measures Poundland takes, McCourt adds that the company continues to use technologies that identify malicious emails using Microsoft and other third-party tools.

Both Poundland and KnowBe4 (which itself was almost infiltrated by a fake employee/North Korean hacker earlier this year) have been publicly open about the security incidents they have experienced.

Do they think there needs to be more openness and information exchange about such attacks between companies rather than a secretive approach that might stem from concerns over reputational damage or loss of consumer or client trust?

McCourt says it would make his Christmas if firms shared a little more. “I think it’s important, especially for those CIOs and CFOs who do horizon scanning. It’s those individuals who start asking questions that I get involved with and start to answer.

“If there were more details in those reports that said, ‘These were the failings, and this is where people need to enhance their security footprint’, I’d be up for that.

“We all want to learn from each other. I don’t care if I’m talking to B&M or my other competitors because it’s all about keeping people safe. As soon as we lose trust in people, the threat field becomes more valuable for other criminals to get involved.”

The post Getting SOCs for Christmas: Poundland’s cybersecurity journey and lessons learned appeared first on TechInformed.

Romania’s scrapped presidential election was targeted by Russian cyberattacks, misinformation, and propaganda, the country’s parliamentary committee has concluded.

Two weeks ago, the presidential election was annulled after far-right, NATO-sceptic Calin Georgescu secured victory in the first round.

The court reached its decision following the revelation of five declassified documents by the EU and NATO’s top security council, which suggested that election interference may have occurred.

At the time, the court suspected Georgescu benefited from a mass influence operation created to influence the result of the vote, believed to be Russia. Russia has denied these claims.

The FBI, the Officer of the Director of National Intelligence, and the Cybersecurity and Infrastructure Security Agency have long since warned that Russia was “the most active threat” for misinformation.

Ahead of this year’s US election, they released this joint statement: “We anticipate Russian actors will release additional manufactured content with these themes through election day and in the days and weeks after polls close.”

Now, the Foreign Intelligence Service (SIE) has shown more findings allegedly confirming interference to the Romanian parliamentary committee in charge of overseeing it.

“There were cyberattacks meant to influence the fairness of the election, particularly from Russia, to influence the public agenda by using artificial intelligence and aggressive online promotion,” commission chief Mihai Weber said.

Intelligence agencies reported that around 85,000 attempted hacks were made to access electoral data and change content, including on election day.

“There were [also] misinformation and propaganda campaigns to support Eurosceptic candidates, who were favoured compared with other competitors,” Weber added.

Separately, the EU has also launched an investigation into TikTok for allegedly failing to curb Romanian election interference.

Romanian intelligence reports indicate that Georgescu’s surge in popularity was driven by a “highly organised” and “guerrilla” social media campaign on the platform, which utilised identical messaging and influencers.

The declassified documents that led to the annulment of the election revealed that paid content promoting Georgescu was shared on TikTok without proper labelling as election-related, breaching both TikTok’s own guidelines and Romania’s electoral laws.

One declassified file highlighted that $381,000 was paid towards TikTok influencers in a single month to promote him on the platform.

At the time, Georgescu denied any knowledge of the influencers or financial backers involved in the campaign.

TikTok said in a statement that it has “protected the integrity” of its platform in over 150 elections around the world and is continuing to address these “industry-wide” challenges.

If the EU finds that TikTok breached its digital rulebook, it could face fines worth up to 6% of its total global revenue and be forced to make changes to fix the problem.

To read more on technology and 2024’s eventful election year, click here.

The post Romania’s election was target of cyberattacks and misinformation, parliament finds appeared first on TechInformed.

The appeal, filed on Monday, December 16, aims to prevent a federal court ruling earlier this year that requires TikTok parent ByteDance to sell its US arm or face a national ban.

While the Supreme Court has not yet disagreed or agreed to the requested injunction against the law, it will now listen to arguments on the matter on January 10.

“We believe the Court will find the TikTok ban unconstitutional so the over 170 million Americans on our platform can continue to exercise their free speech rights,” a TikTok spokesperson said to the BBC.

On the same day as the appeal was made, President-elect Donald Trump met TikTok’s CEO, Shou Zi Chew, according to reports from CBS News.

Trump publicly opposed the ban and said in a press conference on Monday that he would “take a look at TikTok”.

“I have a warm spot in my heart for TikTok because I won youth by 34 points,” he said. “There are those that say TikTok has something to do with that. TikTok had an impact.”

His term would begin a day after the potential ban, on 20 January 2025.

The bill introducing the law said the ban would “protect the national security of the United States from the threat posed by foreign adversary-controlled applications”.

It follows alleged links between TikTok owner ByteDance and the Chinese state, though the social media firm has denied this.

The firm unsuccessfully requested that the law be delayed through a request to the Court of Appeals for the District of Columbia last week. This week, the firm is asking the Supreme Court to temporarily block the ban.

“The act will shutter one of America’s most popular speech platforms the day before a presidential inauguration,” TikTok said in a court filing.

“This, in turn, will silence the speech of applicants and the many Americans who use the platform to communicate about politics, commerce, arts, and other matters of public concern.”

The post US Supreme Court to hear TikTok’s appeal, Trump meets TikTok CEO appeared first on TechInformed.

Over the past few months, we’ve gathered insightful clips from various tech voices, answering one poignant question: “What are your 2025 tech trend predictions?”

We cover the direction of AI applications, green tech and sustainability developments, payment solutions, HealthTech advancements, the pervasive threats of cybersecurity, and more.

Watch here to find out which predictions from last year came true; TI:TALKS — 2024 Tech Predictions

The post TI:TALKS — 2025 Tech Predictions appeared first on TechInformed.

The regulator said it will leverage powers granted to it under the UK’s Online Safety Act to introduce rules to combat criminal harms, including terrorism, fraud, hate speech, child sexual abuse, and the encouragement of suicide.

The new safety requirements will apply to various types of online services, including social media platforms, search engines, messaging apps, gaming and dating platforms, as well as pornography and file-sharing sites.

Companies have until March 17, 2025, to implement the safety measures.

Changes firms must make include designating a senior leader within their top governance team who will be responsible for ensuring compliance with the rules around illegal content, as well as the reporting and handling of complaints.

It also requires tech firms to ensure their moderation teams are appropriately resourced and trained. This means setting performance targets in order to remove illegal material swiftly, making reporting and complaints functions easier for users to find and use, and optimising algorithms to ensure illegal content is harder to distribute.

Child safety online

The new codes also aim to enforce measures to protect children from sexual abuse and exploitation online.

This will mean platforms should ensure children’s accounts and locations are not visible to users other than their friends, as default.

Children must also receive information from the platforms to educate them on the risk of sharing personal information, and children’s accounts should not be suggested as connections.

The online watchdog quotes children from the age of 14-17 who are said to have received messages asking for bikini photos in exchange for money, or other unwanted invitations.

“I don’t want my siblings to go through what I did on social media. I feel happy about these measures because I know that my sisters and siblings would feel safe,” said one girl, aged 14.

Another 14 year old added: “[This will be] effective because no more strangers can be added, there are no more creeps sending things, and it will decrease grooming.”

According to an Ofcom study, many young people felt interactions with strangers, including adults or users perceived to be adults, are currently an inevitable part of being online—they described becoming ‘desensitised’ to receiving sexualised messages.

Fraud and terrorism

Ofcom also aims to tackle fraud by ensuring sites and apps establish a dedicated reporting channel for organisations with fraud expertise.

The regulator said that this would allow them to flag known scams to platforms in real time so that action can be taken.

It also requires sites to remove users and accounts that spread terrorist content.

“For too long, sites and apps have been unregulated, unaccountable and unwilling to prioritise people’s safety over profits,” said Melanie Dawes, Ofcom’s chief executive.

“The safety spotlight is now firmly on tech firms and it’s time for them to act. We’ll be watching the industry closely to ensure firms match up to the strict safety standards set for them under our first codes and guidance, with further requirements to follow swiftly in the first half of next year,” she added.

The UK Parliament set Ofcom a deadline of 18 months after the Online Safety Act was passed, on October 26th, 2023, to finalise its illegal harms and children’s safety codes of practice and guidance.

The post UK’s internet watchdog unveils online criminal crackdown appeared first on TechInformed.

The cyberattack has disrupted operations, including online ordering in the United States. The company added that it has initiated an investigation and is working with external cybersecurity experts to mitigate the impact.

Krispy Kreme said the expected costs related to the incident, including the loss of revenue from digital sales, are “reasonably likely to have a material impact” on its operating results.

According to Reuters, shares of the company were down about 2% in premarket trading.

James Scobey, CISO at Keeper Security, said the incident highlighted the high cost of cybersecurity breaches — not only in financial terms but also in operational disruption and the erosion of customer trust.

“The reported downtime of online ordering demonstrates how even temporary interruptions can have a significant impact on revenue and brand reputation,” he said.

To mitigate ever-present cyber risks, he added that organisations needed to adopt a proactive approach to cybersecurity.

Read more: Ransomware Gangs of 2024: The Rise of the Affiliates

“Privileged Access Management (PAM) protects systems by limiting access to sensitive assets to only essential personnel and continuously monitoring privileged accounts for unusual activity.

“Strong password management — including the enforcement of strong, unique passwords and multi-factor authentication — is a critical first line defence in preventing unauthorised access.”

He continued that the cost of implementing these proactive measures was a fraction of the expense required to recover from a breach.

“Regular security audits, employee training and vulnerability assessments help identify and address potential vulnerabilities. Cybersecurity isn’t just a technical requirement — it’s essential for organisations to ensure operational resilience and maintain customer confidence.”

While cyber experts have praised the company for responding quickly — the incident occurred in late November — Boris Cipot, a senior security engineer at Black Duck Software, added that it also highlighted how industry sectors not associated with technology should focus on improving their overall security posture.

“Every business is a software business and, therefore, a possible target for cyber attacks. Targets like Krispy Kreme are usually lucrative for cyberattacks. Improvements in the security posture should include threat detection systems that can locate a threat before it impacts operations.”

The post Hackers take a bite out of Krispy Kreme in latest cyberattack appeared first on TechInformed.

The key finding, highlighted in Orange Cyberdefense’s 2025 Security Navigator report, revealed that Europe has become a prime target for hacktivists, while the US has been impacted more by cyber extortion, with a 25% year-on-year increase in cases.

Hacktivists are individuals or groups who use hacking techniques to promote a political or social agenda. They typically target organisations, governments, or individuals to expose perceived injustices, disrupt operations, or draw attention to their causes.

Speaking at a media gathering in London last week Charl van der Walt, Security Navigator’s head of research observed a new intersection between cyber activism and state-sponsored operations.

“We are seeing a hybridisation of hostile nation-states and criminals challenging our need to want to put things in boxes. They move quite fluidly between political activism and crime and legitimate work – but technological mastery is the common thread,” he said.

Read more: The rise of the hackvist supergroup

Their weapon of choice, he added, was almost entirely around distributed denial-of-service (DDoS) attacks which overload servers with traffic, disrupting access to websites or services to cause maximum chaos.

Security Navigator singled out a pro-Russian hacktivist group as one of the main perpetrators- claiming over 6,600 attacks since March 2022, almost exclusively in Europe.

The targets, the report adds are typically  “symbolic and important European entities” – which could be election-related systems, financial institutions or critical infrastructure, and their activities tend to be triggered by geopolitical events such as the recent farmer’s strike in Belgium.

“These groups aim to draw attention to the political and economic issues they consider important, creating fear, uncertainty and doubt,” the report added.

The US

The report noted that the pro-Russian hacktivist groups were not targeting US territories with van der Walt suggesting the atomisation of criminal cyber gang Lockbit by the US authorities and others meant that “perhaps they don’t want to poke that bear”.

North America did not remain unscathed , however, and was the most impacted region globally in terms of cyber extortion, with a 25% YOY increase in cases, the report noted.

The US also experienced the highest cases of OT (Operational Technology) attacks (on water systems, grain siloes etc) accounting for almost half of all incidents. “This trend reinforces the region’s position as a top target for financially motivated threat actors,” the report stated.

Interactive mapping

Orange has also released a new interactive mapping of criminal ecosystem, Cybercrime Now, which the French company is making publicly available for the first time.

Aimed at researchers, journalists and analysts, Orange claims that the visualisation tool offers users the change to explore the networks that underpin major forms of cybercrime.

The post Orange Cyberdefense warns of prolific pro-Russian hacktivist group and releases cybergang mapping tool appeared first on TechInformed.

At a glance…

• • ✦ Meta and OpenAI expanded their AI offerings to the world
• ✦ The threat of AI shook governments around the world into action
• ✦ Sustainability: Poo-powered planes to the rescue!

April: Earthquakes and Space Grapes

Amazon cuts hundreds of roles at AWS

Amazon Web Services announced plans to axe hundreds of jobs across sales, marketing and global services. The plans were revealed in an email sent to staff, as executives said the cloud company was to shift its focus to self-serve digital training and training programs run by external partners.

AWS senior vice president Matt Garman said, “The changes we are making are preparing the organisation for the future, aligning with our strategy and priorities, and reducing duplication and inefficiency.”

Amazon also announced it would be ditching AI-powered checkouts in the US.

Meta released its AI service, Llama, to the public

Meta released Llama 3, an advanced AI model that claimed to be more powerful than OpenAI’s ChatGPT and Google’s Gemini. It featured significant upgrades, including reasoning abilities, multilingual support, and multimodal potential, driven by its 8B and 70B parameter models—seven times larger than its predecessor, Llama 2.

Integrated with Meta AI, it became accessible on Instagram, Facebook, and WhatsApp in the US. In the same month, OpenAI released its voice engine to select partners.

UK Space Agency awards grant to grow food in space

The UK Space Agency granted agritech firm Vertical Future (VF) £1.5 million to advance its mission of taking vertical farms into outer space.

VF, a UK-based specialist in vertical farming technology, initiated the second phase of its Autonomous Agriculture for Space Exploration project. It is adapting its Earth-based controlled-environment agriculture (CEA) systems for Low Earth Orbit (LEO), which is expected to launch in 2026.

VF’s project, part of the UK Space Agency’s £20 million International Bilateral Fund, aimed to expand its CEA systems to the Moon and Mars in the 2030s.

Chip plant evacuations follow strong Taiwan earthquake

Taiwan Semiconductor Manufacturing Co (TSMC), a key supplier for Apple and Nvidia, evacuated several fabrication plants following a powerful 7.2-magnitude earthquake in Taiwan. The quake, the strongest in 25 years, struck the eastern province of Hualien, claiming seven lives, injuring 700, and leaving 77 trapped in tunnels.

Taiwan, responsible for producing 60% of the world’s semiconductors, faced significant global supply chain risks when its fabs were affected, as seen during the COVID-19 pandemic.

In the same month, just across the East China Sea, South Korea pledged to invest $7 billion in AI to retain its edge in chip manufacturing.

May: AI Deepfakes and Cyber-Attacks

An ad agency boss was the target of a deepfake scam

Mark Read, CEO of advertising giant WPP, was targeted in a sophisticated deepfake scam. Scammers used a fake WhatsApp account with Read’s publicly available image to initiate a Microsoft Teams meeting with a senior WPP executive.

During the call, they employed a voice clone and YouTube footage of Read, impersonating him in real-time to request sensitive information and financial actions.

The attempt failed due to the vigilance of WPP staff. In an email, Read warned employees about evolving cyber threats and urged them to be cautious of suspicious requests involving money, passports, or “secret” transactions.

Expedia unveiled a travel buddy AI app for US customers

Expedia has unveiled Romie, an AI-powered travel assistant, along with additional features at its Explore event in Las Vegas.

Romie’s capabilities include learning travellers’ preferences for activities, food, and accommodations, integrating into group trip planning chats, summarising discussions, and making suggestions. The app also extracts travel details from emails and recommends nearby restaurants or activities during trips.

Expedia also extended AI-powered tools to partners, including personalised itineraries, price comparison tools, and guest review summaries for app users in the US.

UK Ministry of Defence hit by major cyber-attack

The UK Ministry of Defence’s payroll system, managed by SSCL, was hacked, exposing sensitive data of 270,000 armed forces personnel, including names, bank details, and addresses. While Whitehall sources suggested Chinese involvement, the government did not officially name a perpetrator, and China denied any role.

Defence Secretary Grant Shapps announced an eight-point response plan, including system security measures, investigations, data monitoring, and a helpline for affected individuals. No operational data was compromised, but the breach raised concerns about supply chain vulnerabilities.

Global AI regulation efforts prompted US-China talks

The US and China convened in Geneva to discuss artificial intelligence’s risks and governance challenges, focusing on security and ethical concerns. US Secretary of State Antony Blinken and China’s Foreign Minister Wang Yi addressed misunderstandings and explored global AI norms despite competitive tensions.

Experts emphasised the importance of cooperation, highlighting the need for privacy, fairness, and adherence to regulations for AI to succeed globally. However, trust issues and safeguarding strategic sectors like healthcare and energy remained critical barriers.

Did the FBI misidentify the leader of Lockbit?

The FBI and the UK’s National Crime Agency identified Dmitry Khoroshev as the leader of the ransomware gang LockBit following a cyberattack on the group earlier in the year. Khoroshev was sanctioned and banned from travelling to the US, UK, and Australia. He denied the allegations, claiming to have no connection to the gang.

LockBit dismissed the claims, offering a reward to confirm Khoroshev’s well-being. While experts were uncertain if the FBI correctly unmasked the leader, they believed Khoroshev was connected to the group.

June: Self-Driving Taxis in San Fran, plus the NHS Got Hacked

Ransomware gang leak 400GB of NHS data from London hospital hack

Hackers from the Russian gang Qilin leaked nearly 400GB of sensitive patient data stolen during a ransomware attack on Synnovis, an NHS blood testing partner. The attack disrupted pathology services across London hospitals, delaying over 3,000 appointments and operations.

Despite demands for $50 million, Synnovis and NHS officials refused to pay. The leaked data reportedly included patient names, dates of birth, and blood test results.

Elon Musk’s SpaceX was hired to decommission the International Space Station

NASA awarded SpaceX a contract worth $843 million (£668 million) to safely decommission the International Space Station (ISS) early next decade. SpaceX will develop a de-orbit vehicle to guide the 430-tonne station into Earth’s atmosphere, ensuring a controlled descent to Point Nemo, a remote Pacific location.

Operational since 2000, the ISS remains structurally sound, but NASA aims to prevent uncontrolled re-entry. After the ISS’s retirement, the agency will focus on commercial space stations and the Lunar Gateway project, a moon-orbiting platform.

Nvidia was named the world’s most valuable listed company (again)

Nvidia leapfrogged Apple and Microsoft to become the world’s most valuable listed company, driven by the AI boom. The American chipmaker’s share price hit an all-time high, with the company valued at $3.34tn (£2.63tn) at the time — almost double the value at the start of 2024.

Apple partnered with ChatGPT for AI integration in iPhones

Apple unveiled “Apple Intelligence” at its Worldwide Developers Conference, integrating ChatGPT into Siri to enhance AI-driven features across iOS, iPad, and Mac devices. CEO Tim Cook emphasised privacy, with local AI processing and minimal data collection.

Siri gained improved context-aware capabilities, while new tools like “Rewrite” and “Proofread” refined text and tone. The event also highlighted the global rollout of the Vision Pro headset.

Waymo made its self-driving taxis available to everyone in San Francisco

Waymo, Alphabet’s autonomous driving company, made its self-driving taxi service available to everyone in San Francisco. After receiving approval from the California Public Utilities Commission, Waymo operated its commercial driverless service 24/7, despite earlier complaints about traffic disruptions.

Previously limited to a waitlist, the service became accessible via the Waymo app. Nearly 300,000 people signed up for rides as the company sought to build public trust in autonomous vehicles. Waymo operated around 300 self-driving taxis in San Francisco, with additional fleets in Phoenix and Los Angeles.

Continue reading — Q3 Wrapped Up: The Top Tech Stories of July to September

The post Q2 Wrapped Up: the top tech stories of April to June 2024 appeared first on TechInformed.