The global AI race is no longer confined to the US and China. Emerging hubs like Abu Dhabi, Paris, Singapore, and São Paulo are transforming the landscape with bold strategies, sovereign investments, and rapid innovation, creating a multipolar future for artificial intelligence.
French retail giant Auchan has confirmed a second major data breach in less than a year, exposing the personal information of several hundred thousand loyalty program members. The attack follows a similar incident in November 2024, raising concerns about the company's cybersecurity posture.
A widespread cyberattack has paralyzed Nevada's state government, forcing the closure of DMV offices, disrupting public services, and triggering a joint state and federal investigation. The attack, has taken down websites and phone lines, with no clear timeline for full restoration.
BlackSuit Ransomware Strikes Again! The notorious hackers behind last year's Dallas attack have rebranded as BlackSuit, now demanding $500 million in ransoms! The FBI and CISA confirm the group's new identity, with aggressive tactics and enhanced methods to pressure victims into paying up.
The hackers behind the infamous ransomware attack on Dallas last year have rebranded as a new group named BlackSuit, demanding over $500 million in ransoms. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) updated their advisory, confirming that the group, formerly known as Royal, now operates under the BlackSuit name.
The new advisory provides extensive technical details to help defenders identify the group's activities, which included ransom demands reaching up to $60 million. The transition to BlackSuit branding was noted as early as November, and recent attacks continue under this new name.
“Ransom demands have typically ranged from approximately $1 million to $10 million, with payment demanded in Bitcoin,” the agencies stated. “BlackSuit actors have exhibited a willingness to negotiate payment amounts.” The advisory highlights numerous coding similarities linking the Royal and BlackSuit groups, while also noting BlackSuit's enhanced capabilities.
The hackers predominantly use phishing emails for initial access, followed by disabling antivirus software, exfiltrating large amounts of data, and deploying ransomware. A rise in direct communication from BlackSuit actors to victims has been observed, a tactic aimed at pressuring ransom payments.
New technical data on BlackSuit, derived from FBI threat response incidents as of July 2024, reveals the hackers' use of legitimate tools and accounts to navigate victim systems. They deactivate antivirus software and maintain access using remote monitoring and management software. The advisory also lists IP addresses for organizations to investigate.
BlackSuit has claimed responsibility for several recent attacks on U.S. schools, colleges, prominent companies, and local governments. CISA Director Jen Easterly emphasised the urgency of cybersecurity, stating, “Because of ransomware attacks, people are waking up to the idea of ‘what do I need to do to protect my family and my community?’”
LAS VEGAS — Recent global technology outages caused by a CrowdStrike update should serve as a “dress rehearsal” for potential destructive cyberattacks from China-linked hackers, warns Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency (CISA). Speaking at the BlackHat cybersecurity conference, Easterly highlighted that escalating tensions between China and Taiwan have led Beijing to explore ways to launch destructive attacks against Taiwan and its allies, including the U.S.
“We are building resilience into our networks and our systems so that we can withstand a significant disruption or at least drive down the recovery time to be able to provide services,”
Easterly said, describing the CrowdStrike incident as a useful exercise in preparation for possible Chinese cyberattacks.
U.S. officials continue to hunt for and eliminate compromises caused by Volt Typhoon, a Chinese state-sponsored group aiming to prepare for such attacks. While China has denied involvement, CISA and the FBI have repeatedly warned that Volt Typhoon hackers are “seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.” Evidence of Volt Typhoon hackers has been found in U.S. critical infrastructure in Guam and near other military bases, aiming to slow potential mobilisation of forces.
Easterly stressed the importance of building resilience now to prepare for massive disruptions. The CrowdStrike incident affected thousands of hospitals, airports, and businesses worldwide, requiring extensive IT work to resolve. CISA worked alongside other government agencies and Microsoft to provide mitigation guidance and assess the impact on critical infrastructure. Easterly emphasised the need for coordination, stating, “This is exactly what China wants to do,” and urged the public to be prepared for incidents causing significant technology outages.
SINGAPORE - Keppel Telecommunications & Transportation (KTT) has been fined $120,000 after failing to delete personal data from a server of a business it sold in 2022, which was subsequently hacked. The Personal Data Protection Commission (PDPC) revealed in a decision published online on August 2 that personal data belonging to about 22,659 people was at risk of unauthorised access and leakage.
The affected individuals included current and former employees of KTT and its subsidiaries, KTT’s shareholders when it was listed on the Singapore Exchange, and those with business dealings with the company. Evidence of the data leak surfaced when a ransomware group published nine encrypted files on the Dark Web, claiming they contained personal data of up to 7,184 individuals. "Such failures in data protection are unacceptable and must be addressed with utmost urgency," a PDPC spokesperson commented.
Despite KTT's inability to confirm if all personal data was compromised, the leak included signatures, images of identification cards, and bank account numbers.
Investigations revealed that an unknown entity infiltrated the server on September 5, 2022, through a compromised account of a vendor for Geodis Logistics Singapore (GLS), divested from KTT two months prior. The PDPC found KTT failed to delete the personal data after migrating it to cloud storage in 2020 and before selling the business in 2022. Although KTT took prompt actions to mitigate the incident's impact and cooperated fully with investigations, the PDPC cited systemic shortcomings in KTT’s data protection processes, leading to the fine.
Cyber incidents in the Asia-Pacific have surged 29% in the past year, with Australia facing major breaches at the University of Western Australia and Qantas. Manufacturing is the top target, deepfakes are on the rise, and experts warn the region is in a digital arms race demanding urgent action.
ASIO’s $12.5 billion espionage warning is more than a tally of stolen secrets. It reveals a national digital crisis. With 24 major spy operations disrupted and identity systems exposed, Australia’s critical infrastructure and social services face a growing risk of collapse from unseen cyber threats.
Singapore is responding to a cyberattack by UNC3886, a China-linked espionage group targeting critical infrastructure. Minister K. Shanmugam confirmed the threat is serious and ongoing, as the CSA leads investigations to protect national services from long-term disruption.
Australia has become one of the first countries to mandate AS IEC 62443 standards by law, transforming healthcare cybersecurity into a legal obligation. The move marks a critical shift toward operational resilience and positions patient safety at the center of cyber strategy.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
