News About Cyber Warfare

Los Angeles CA (SPX) Oct 27, 2025 – Cybersecurity specialist Anvil Secure and the space logistics firm D-Orbit have jointly unveiled a comprehensive white paper addressing the application of cybersecurity measures throughout the lifecycle of satellite missions. The new publication centers on D-Orbit’s ION Satellite Carrier, describing operational stages and providing strategic direction for manufacturers of small satellites. The guide recommends specific mitigations including encryption of radio communications, thorough validation of hosted payloads, and robust firmware protection from build through orbital deployment. Alberto Volpatto, Technical Director at Anvil Secure, emphasized the importance of integrating cybersecurity into established safety and reliability protocols, stating, “Space programs have always prioritized safety and reliability. This work is about making cybersecurity just as routine so product teams can focus on the controls that matter most.” The paper highlights methods for defending radio links, ensuring safe payload management, and maintaining hardware integrity to prevent tampering. Davide Avanzi, Head of Space Product Security for D-Orbit, commented, “ION is built for flexibility, which is why we’ve invested in processes that protect the platform while enabling hosted payloads and in-orbit experimentation. Our collaboration with Anvil reflects a shared commitment to bringing rigorous cybersecurity thinking into every phase of satellite operations.” Release of the white paper comes ahead of the ESTEC Security for Space Systems (3S) conference in the Netherlands, scheduled for November 4-6, 2025, where D-Orbit will organise the first European in-orbit capture-the-flag event with the mhackeroni team, supported by the ESA Security Cyber Centre of Excellence and the ESA Security Office. Research Report:Knockin’ on Space’s Door

Seoul (AFP) Nov 4, 2025 – South Korea will triple spending on artificial intelligence and make its biggest defence budget increase in six years, President Lee Jae Myung said Tuesday in his annual parliamentary budget speech. Lee said 10.1 trillion won ($7 billion) would go towards “a major transformation aimed at propelling South Korea into the ranks of the world’s top three AI powers” alongside the United States and China. “We will significantly expand investment to usher in the ‘AI era’,” he said, noting the amount was more than three times the current year’s AI-related budget. The proposal was made in a speech outlining his government’s spending plans for 2026. Overall, the budget plan totals 728 trillion won, an 8.1 percent increase from this year. Lee now needs parliament to pass the budget proposal, which is likely given his party’s majority. On the defence budget, the president said his government wants to see an 8.2 percent increase from this year to 66.3 trillion won. If passed, it will mark the highest defence spending increase since 2019. “We will overhaul conventional weapons systems into state-of-the-art systems suited for the AI era and swiftly transform our military into an elite, smart force,” Lee said. – AI infrastructure – Of next year’s AI budget, 2.6 trillion won “will be invested in introducing AI across industry, daily life and the public sector, while 7.5 trillion won will go towards talent development and infrastructure building”, Lee said. South Korea is home to two of the world’s leading memory chip makers, Samsung Electronics and SK hynix. The two tech giants manufacture chips essential for AI products and the power-hungry data centres that the fast-evolving industry relies on. Jensen Huang, the CEO of US chip titan Nvidia, announced last week plans to supply 260,000 of the firm’s most advanced chips to South Korea, with recipients including Samsung, SK Group and Hyundai Motor Group. On Lee’s drive to make South Korea one of the world’s top three AI powers, Huang described the goal as “ambitious” after the supply announcement on Friday. But, he said, “there’s no reason why Korea cannot achieve it — you have the technology, you have the software expertise and you also have a natural ability to build manufacturing plants”. The United States, a key military ally, stations about 28,500 troops in South Korea to help it fend off military threats from the North. Since taking office in June, Lee has vowed to “respect” North Korea’s political system and pursue dialogue without preconditions, in a sharp break with the policies of his hawkish predecessor. Lee noted on Tuesday that South Korea already spends “1.4 times North Korea’s annual GDP” on defence alone and is “ranked fifth in global military strength”. Seoul and Pyongyang technically remain at war as the 1950-53 Korean War ended in armistice, not a peace treaty.

Oslo (AFP) Oct 28, 2025 – The public transport operator in Norway’s capital said Tuesday that some electric buses from China have a serious flaw — software that could allow the manufacturer, or nefarious actors, to take control of the vehicle. Oslo’s transport operator Ruter said they had tested two electric buses this summer — one built by China’s Yutong and the other by Dutch firm VDL. The Chinese model featured a SIM card that allowed the manufacturer to remotely install software updates that made it vulnerable, whereas the Dutch model did not. “We’ve found that everything that is connected poses a risk — and that includes buses,” Ruter director Bernt Reitan Jenssen told public broadcaster NRK. “There is a risk that for example suppliers could take control, but also that other players could break into this value chain and influence the buses.” Ruter said it was now developing a digital firewall to guard against the issue. The national government said it was studying the issue. “We want to thoroughly assess the risks associated with having buses from countries we do not have security cooperation with,” Transport Minister Jon-Ivar Nygard told NRK. Yutong did not immediately react to a request for comment from AFP. Ruter operates roughly 300 Chinese electric buses in Oslo and the surrounding area, but it was unclear if any of them had the security flaw.

Los Angeles CA (SPX) Nov 07, 2025 – Lockheed Martin has introduced the STAR OS platform, a new architecture intended to unify artificial intelligence systems across national security, defense, and private sectors. The STAR OS solution provides a technical backbone for integrating AI systems that have historically operated as standalone tools, closing long-standing interoperability gaps in the field. STAR OS delivers a framework that includes development, deployment, interoperability, and real-time oversight of AI functions. The Service Development Kit (STAR SDK) equips developers to create and deploy AI services efficiently. STAR IO establishes interconnectivity, enabling diverse AI software to share information and collaborate within a consistent digital environment. STAR UI gives operators and engineers a point of access to monitor tasks and system status, supported by analytics and built-in AI assistants. According to Mike Baylor, Lockheed Martin vice president and chief digital AI officer, “With the STAR OS solution, we’re taking a major step forward in our ability to bring together different AI systems and make them work together seamlessly. This will help us provide more effective and efficient solutions to our customers and ultimately help them make more informed decisions and stay ahead of emerging threats.” As part of Lockheed Martin’s ongoing efforts to modernize AI deployment, STAR OS has been positioned for flexible adoption by the U.S. Department of War and government partners, as well as private sector organizations. The platform has already proven its value in preliminary deployments, such as maritime threat detection and missile alert operations, and demonstrated its integrative capabilities at the company’s AI Fight Club hackathon. Early access clients have used STAR OS to combine multiple AI services, supporting operational awareness and rapid response. The product is now available for broader use as a modular solution to facilitate interoperation and oversight of complex AI environments.

Washington (AFP) Nov 6, 2025 – In a parallel reality, Donald Trump reigns as king, fighter pilot, and Superman, and his political opponents are cast as criminals and laughingstocks — an unprecedented weaponization of AI imagery by a sitting American president. Trump has ramped up his use of artificial intelligence-generated content on his Truth Social channel since starting his second White House term, making his administration the first to deploy hyper-realistic fake visuals as a core communications strategy. Trump, no stranger to conspiracy theories and unfounded claims, has used the content in his breathless social media commentary to glorify himself and skewer his critics — particularly during moments of national outrage. Last month, he posted a fake video showing himself wearing a crown and flying a fighter jet labeled “King Trump” that dumps what appears to be excrement on crowds of protesters. The clip — accompanied by singer Kenny Loggins’s “Danger Zone” — was posted the same day as nationwide “No Kings” protests against what critics called his authoritarian behavior. In another post, the White House depicted Trump as Superman amid fevered social media speculation about his health. “THE SYMBOL OF HOPE,” the post said. “SUPERMAN TRUMP.” – ‘Distort reality’ – Trump or the White House have similarly posted AI-made images showing the president dressed as the pope, roaring alongside a lion, and conducting an orchestra at the Kennedy Center, a venerable arts complex in the US capital. The fabricated imagery has deceived social media users, some of whom questioned in comments whether they were authentic. It was unclear whether the imagery was generated by Trump himself or his aides. The White House did not respond to AFP’s request for comment. Wired magazine recently labeled Trump “America’s first generative AI president.” “Trump peddles disinformation on and offline to boost his own image, attack his adversaries and control public discourse,” Nora Benavidez, senior counsel at the advocacy group Free Press, told AFP. “For someone like him, unregulated generative AI is the perfect tool to capture people’s attention and distort reality.” In September, the president triggered outrage after posting an apparent AI-generated video of himself promising every American access to all-healing “MedBed” hospitals. MedBed, a widely debunked conspiracy theory popular among far-right circles, refers to an imaginary medical device equipped with futuristic technology. Adherents say it can cure any ailment, from asthma to cancer. Trump’s phony clip — later deleted without any explanation — was styled as a Fox News segment and featured his daughter-in-law Lara Trump promoting a fictitious White House launch of the “historic new health care system.” – ‘Campaigning through trolling’ – “How do you bring people back to a shared reality when those in power keep stringing them along?” asked Noelle Cook, a researcher and author of “The Conspiracists: Women, Extremism, and the Lure of Belonging.” Trump has reserved the most provocative AI posts for his rivals and critics, using them to rally his conservative base. In July, he posted an AI video of former president Barack Obama being arrested in the Oval Office and appearing behind bars in an orange jumpsuit. Later, he posted an AI clip of House minority leader Hakeem Jeffries — who is Black — wearing a fake mustache and a sombrero. Jeffries slammed the image as racist. “While it would in many ways be desirable for the president of the United States to stay above the fray and away from sharing AI images, Trump has repeatedly demonstrated that he sees his time in office as a non-stop political campaign,” Joshua Tucker, co-director of the New York University Center for Social Media and Politics, told AFP. “I would see his behavior more as campaigning through trolling than actively trying to propagate the false belief that these images depict reality.” Mirroring Trump’s strategy, California Governor Gavin Newsom on Tuesday posted an apparent AI video on X lampooning Republicans after Democrats swept key US elections. The clip depicted wrestlers inside a ring with superimposed faces of Democratic leaders knocking down their Republican opponents, including Trump. The post read: “Now that’s what we call a takedown.”

Beijing (AFP) Nov 13, 2025 – A Chinese court on Thursday rejected an appeal by veteran Chinese state media journalist Dong Yuyu, who had been sentenced to seven years in prison on espionage charges, his family said in a statement. Dong, a senior columnist at the Communist Party newspaper Guangming Daily, was detained in February 2022 along with a Japanese diplomat at a Beijing restaurant. The diplomat was released after a few hours of questioning, but Dong, now 63, was charged with spying in 2023 and sentenced to seven years in prison last November. Beijing’s High Court on Thursday upheld Dong’s sentence following his appeal, his family said in a statement posted on media platform Substack, calling it a “shameless act of persecution”. “Even after hearing Yuyu’s appeal presenting ample evidence and sufficient logic to prove his innocence, the court rejects the reasoning and evidence,” the statement added. Dong’s family said last November that according to the court’s judgement, the Japanese diplomats Dong met with, including then ambassador Hideo Tarumi and current consul general in Shanghai Masaru Okada, were named as agents of an “espionage organisation”. The Committee to Protect Journalists (CPJ) on Thursday called the court’s ruling an “unconscionable decision” and urged Chinese authorities to immediately release Dong. “Today’s ruling shows China is determined to deny Dong Yuyu the justice he deserves,” CPJ’s Asia-Pacific Director Beh Lih Yi said in a statement. Beijing’s foreign ministry said that China is a country “ruled by law” when asked about Dong’s case during a press briefing Thursday. “Those who violate the law and commit crimes will be held accountable according to the law,” spokesman Lin Jian said. Under Chinese law, a person convicted of espionage can be jailed for three to 10 years for less severe cases or receive heavy punishment, including life imprisonment, for serious cases. Dong’s work has been published in the Chinese editions of The New York Times and the Financial Times. He won the prestigious Nieman Fellowship at Harvard University in 2006-2007. Civil liberties and freedom of expression have dramatically receded in China under President Xi Jinping. The Communist Party maintains tight restrictions on domestic media outlets, and Chinese nationals who work with foreign outlets are routinely harassed. isk/reb/hmn THE NEW YORK TIMES COMPANY

Washington (AFP) Nov 14, 2025 – Artificial intelligence company Anthropic has detected and disrupted what it described as the first documented cyber espionage campaign conducted largely autonomously by AI, marking a significant escalation in machine learning-enabled attacks. The operation, attributed to a Chinese state-sponsored group designated as GTG-1002, manipulated Anthropic’s Claude AI system to spy on and steal data from approximately 30 targets with minimal human intervention, according to a company report released Thursday. The campaign, detected in mid-September, targeted major tech companies, financial institutions, and government agencies across multiple countries. Anthropic said the attackers used Claude Code, its computer programming product, to autonomously conduct 80 to 90 percent of the campaign’s activity at speeds impossible for human operators. “This represents a fundamental shift in how advanced threat actors use AI,” the company said. “Rather than merely advising on techniques, the threat actor manipulated Claude to perform actual cyber intrusion operations with minimal human oversight.” California-based Anthropic was launched in 2021 by former OpenAI staff and positions itself as prioritizing safety in AI development. Its flagship product is the Claude chatbot. The disclosure comes amid growing concern about AI’s role in cyber warfare. Claude and rival chatbots, including OpenAI’s ChatGPT and Google’s Gemini, have been used to automate cyber attacks, but Anthropic’s report detailed the first known case of a generative AI model being left to carry out operations independently. “The barriers to performing sophisticated cyberattacks have dropped substantially,” the company warned. The attackers bypassed Claude’s safety mechanisms by convincing the AI they were legitimate cybersecurity professionals conducting authorized testing, according to the company. Humans maintained strategic oversight, but the AI independently executed complex cyberattacks over multiple days without detailed guidance, the report said. The sustained campaign eventually triggered the company’s built-in detection systems. In a notable admission, Anthropic said Claude’s AI spies frequently overstated findings and occasionally fabricated data — claiming to have obtained credentials that did not work or identifying publicly available information as critical discoveries. Such AI hallucinations remain a persistent concern across the technology. Upon detection, Anthropic banned the associated accounts, notified affected entities and authorities, and implemented enhanced detection capabilities. The company defended its decision to continue developing powerful AI systems despite misuse, arguing the same capabilities enable defense against bad actors. “When sophisticated cyberattacks inevitably occur, our goal is for Claude to assist cybersecurity professionals to detect, disrupt, and prepare for future versions of the attack,” it said. Anthropic said it plans to release regular reports on detected attacks and called for increased industry data sharing, improved detection, and stronger safety controls across AI platforms. “We’re sharing this case publicly to contribute to the work of the broader AI safety and security community,” the company said.

Beijing (AFP) Nov 15, 2025 – Chinese tech giant Alibaba denies helping Beijing target the United States, telling AFP on Saturday that a recent media report was “completely false”. The Financial Times reported early Saturday that Alibaba “provides tech support for Chinese military ‘operations’ against (US) targets”, according to a White House memo provided to the newspaper. The memo claimed that Alibaba hands customer data, including “IP addresses, WiFi information and payment records”, to Chinese authorities and the People’s Liberation Army (PLA), the report said. The FT said it could not independently verify the claims, noting that the White House believes the actions threaten US security. An Alibaba Group spokesperson told AFP “the assertions and innuendos in the article are completely false”. The Hangzhou-based firm called the memo a “malicious PR operation (that) clearly came from a rogue voice looking to undermine President Trump’s recent trade deal with China”. The dispute highlights persisting suspicions between Beijing and Washington, which are locked in competition for technological superiority. Since returning to office in January, US President Donald Trump has reignited a fierce trade war with China. After months of tit-for-tat tariffs, he and counterpart Xi Jinping agreed to a one-year truce late last month. A spokesman for China’s embassy in the United States also denied the reported memo’s claims. “The Chinese government… will never require companies or individuals to collect or provide data located in foreign countries in violation of local laws,” said Liu Pengyu in a statement on X. The report adds to growing concern in Washington about China’s potential use of advanced technology to spy. On Thursday, California-based artificial intelligence firm Anthropic said it had detected and disrupted what it described as the first documented cyber-espionage campaign conducted largely autonomously by AI. The activities were attributed to a “Chinese state-sponsored group” designated as GTG-1002, Anthropic said. Asked about the report at a news conference on Friday, Chinese foreign ministry spokesman Lin Jian said he was “not familiar with the specifics”, adding that Beijing had consistently fought hacking activities. pfc/lb/mtp Alibaba

London, UK (SPX) Nov 10, 2025 – D-Orbit, a leader in orbital logistics, together with mhackeroni, a prominent ethical hacking team, concluded CTRLSpace CTF, Europe’s first cybersecurity competition using an operational spacecraft as the testbed. The event, supported by ESA’s Security Cyber Centre of Excellence and Security Office, culminated at ESA ESTEC in the Netherlands, where five teams participated in live scenarios aboard the ION Satellite Carrier. The competition challenged finalists to identify and exploit vulnerabilities in actual spacecraft systems, including interpreting real telemetry data, sending command sequences, and interacting with onboard software to uncover potential security weaknesses. 559 teams took part in the qualifiers, and 660 correct flags were submitted over 25 challenges prepared for the event, with Superflat emerging as the winner. “Cybersecurity has become a fundamental pillar of the new space economy,” said Grazia Bibiano, D-Orbit’s Portugal Country Leader. “At D-Orbit, we integrate it from the very first design stages because security cannot be an add-on, it must be built into the DNA of every system we send into orbit.” “Protecting space infrastructure is one of the most complex engineering challenges of our time,” said Davide Avanzi, D-Orbit Head of Space and Product Security. “By adopting a security-by-design approach, we ensure mission resilience, data integrity, and trust in the space services of the future.” Daniele Lain at mhackeroni added, “The space environment poses unique issues to the development of engaging challenges.” Antonios Atlasis, Head of System Security Section at ESA, commented, “Cybersecurity protection of space missions is not an option. The successful implementation and execution of CtrlSpace CTF not only provided the unique opportunity to students from all over Europe to compete on cybersecurity challenges implemented in real satellites, but it also proved that the implementation of cybersecurity protection measures in satellites is possible, even for the most challenging security scenarios.” The event utilized three active ION satellites for live exploits and telemetry, all executed within secure environments isolated from commercial operations. CTRLSpace CTF united the cybersecurity and space industries to address safeguarding orbital infrastructure as a priority for the emerging space economy.

London, UK (SPX) Nov 10, 2025 – Germany and the United Kingdom have raised alarms regarding the escalating danger posed by Russian and Chinese activity in space, with recent incidents putting focus on the growing threat to Western satellites. Both countries have publicly accused Russia of stalking, jamming, and interfering with their orbital systems, while experts have warned that China’s rapid technological advances could wield an equal, if not greater, challenge to European space security. At a major space industry conference in Berlin in September 2025, German Defense Minister Boris Pistorius made headlines when he declared, “Russia’s actions, especially in space, pose a fundamental threat to us all – a threat we can no longer ignore.” This warning comes against the backdrop of repeated instances where Russian reconnaissance satellites were observed closely shadowing those operated by IntelSat, a prominent provider of satellite services for governments and commercial entities across Europe and the United States. The targeting of communication satellites carries severe risks for military, government, and civilian infrastructure. Satellite imagery, telecommunications networks, and broadband internet access for essential services rely on secure, uninterrupted satellite links. Disruption of navigation and positioning systems can have downstream consequences, from impeding military operations to affecting civil aviation reliability, as highlighted by global defense think tanks such as RAND. This wave of warnings arrives amid Russia’s ongoing full-scale invasion of Ukraine, now into its third year. Ukrainian intelligence has further alleged an intensification of Russian-Chinese collaboration, with Beijing reportedly conducting satellite reconnaissance over Ukrainian territory at Moscow’s request. In the new era of hybrid warfare, space assets have become prime targets, not only for interception of communications but also for disruption and physical sabotage. According to Clayton Swope, director of Aerospace Security at the Center for Strategic and International Studies (CSIS), the basic detection of foreign satellites in orbit is relatively straightforward for modern space forces. Ground-based radar and space surveillance networks can determine positions and orbital paths. Determining intentions and capabilities, however, remains far more elusive. Authorities and analysts infer the objectives of Russian satellites based on their proximity to Western satellites, their orbital behaviors, and patterns established by previous similar assets. “If a Russian satellite lingers near a European communications satellite for an extended period, authorities may deduce espionage is underway,” Swope explains. Analysts suspect that recent close approaches to IntelSat satellites used by Germany were likely efforts to intercept signals or gather technical intelligence. Technical methods of interference have evolved. Jamming can be conducted via ground-based infrastructure that transmits high-intensity electromagnetic noise, overwhelming or scrambling satellite signals. Russia has developed and refined its electronic warfare capabilities notably during the conflict in Ukraine, a context that sharpens the stakes for European security planners. Beyond intelligence collection, there is concern about potential physical threats. In lower-earth orbits, Russian satellites have reportedly tested devices “resembling weaponry and fired projectiles,” according to experts. Such tests signal a move from passive surveillance to the active disabling – or even destruction – of rival space assets. “The Russians have a history of having those types of satellites shadow others in a way that might suggest a sleeper cell, waiting to strike at a moment’s notice,” says Swope. Ambiguity persists: distinguishing between a reconnaissance satellite and a weaponized one is difficult. “Sometimes you really are guessing about the capabilities and the intentions of the operator.” For its part, the Russian space agency has previously downplayed the implications of these weapons tests, characterizing them as standard exercises and denying any intention to escalate space conflict. Germany and the United Kingdom are only the latest Western countries to sound the alarm. The United States and France have published warnings for over a decade about Russian satellites suspected of spying and gathering intelligence on Western assets, including not just military but commercial satellites. In 2015, the US Department of Defense reported a Russian military satellite had parked itself near two IntelSat satellites, prompting diplomatic outreach to Moscow regarding the incident, which was described as “mysterious” at the time. After the joint launch of an intelligence satellite by France and Italy in 2017, Russian satellites rapidly approached to observe, further establishing the pattern. Juliana Suess, a security researcher with the German Institute for International and Security Affairs (SWP), contextualizes the issue: “These behaviors are not entirely new, but also must be seen alongside Russia’s violations of NATO airspace and broader hybrid warfare tactics.” All satellite incidents, she says, should be considered in the context of tensions over Ukraine and broader security dynamics. While Russian proximate threats tend to dominate headlines in Europe due to geography and immediate military implications, experts consistently point to China as a rapidly ascending space power. China’s maneuvers, such as satellites equipped with robotic arms capable of altering the orbits of other satellites, demonstrate advanced capabilities and raise strategic alarm in Western circles. Chinese satellite activity is frequent and sometimes opaque. “We don’t always know what they’re doing, and they’re doing a lot of different things that leave people scratching their heads,” Swope notes. The breadth of Chinese resources exceeds that of Russia, analysts say, especially as Moscow’s budget and technical prowess are increasingly stretched by ongoing military commitments. The alarm raised by Berlin and London underscores steps taken to catch up. Germany has unveiled plans to allocate up to euro 35 billion ($40.2 billion) over the next five years to bolster its satellite operations, develop counter-jamming technology, and invest in both civilian and military space initiatives. The UK, meanwhile, has committed to increasing its defense spending through a strategic review, focusing on threats to “space, cyber, and electromagnetic domains.” Recent British government actions include the testing of new sensors designed to detect laser threats in space, hopeful measures aimed at protecting vital communication links. Yet, policy experts and watchdogs warn that European efforts may not be adequate in the face of accelerating Russian and Chinese moves. Think tanks such as Chatham House argue that even more substantial, near-term investment is urgent, cautioning that the strategic review may not have fully grasped the scope and imminence of the challenge. While the US retains a historic advantage in space infrastructure due to a legacy of robust investment and technological edge, European allies – especially within the context of NATO – face the imperative of greater collaboration. NATO made space an “operational domain” in 2019 and expanded Article 5 protections to space, signaling that a deliberate attack on a member’s satellite could invoke collective defense. The nature of satellite espionage, jamming, and potential weaponization is a moving target – one where technical escalation, state secrecy, and geopolitical competition play out in real time. As European governments seek to safeguard their space assets, the race to keep up with or counter adversarial threats shows no sign of slowing.