Embedded Files
12th May – 18th May 2025
Sanctions
OFSI blog on Svarog enforcement action
The Office of Financial Sanctions Implementation (‘OFSI’) has published a blog on the £5,000 penalty imposed on Svarog Shipping & Trading Company Limited for failing to respond to a statutory Request for Information (‘RFI’) in a timely manner, without providing a reasonable excuse. This is the first penalty issued by OFSI for an information offence.
The blog highlights the importance of responding to RFIs promptly, as they are crucial for OFSI’s ability to assess compliance and enforce financial sanctions. It outlines key compliance lessons for firms, including:
- Recognising the seriousness of failing to respond to RFIs, as delays hinder investigations and waste resources.
- Engaging proactively with OFSI if uncertain about how to respond or if a deadline may be missed.
- Establishing effective communication and monitoring systems to ensure timely responses.
- Considering other compliance and reporting obligations beyond RFIs, such as frozen asset reporting and licence requirements.
The blog emphasises that compliance with OFSI’s information powers under the Russia Regulations is essential for effective financial sanctions enforcement.
OFSI amends licence
OFSI has amended the licence respecting the Amsterdam Trade Bank N.V, a majority owned subsidiary of Alfa-Bank JSC which is a person designated under Regulation 5 of the Russia Regulations. The amended licence relates, specifically, to the winding down, basic needs, and insolvency related payments of the bank. As well as some wording, the period of operation of the licence has been extended to 12th May 2030. OFSI’s list of general licences is here.
UK Strengthens Sanctions Enforcement with Comprehensive Review
The UK government has conducted a cross-departmental review to enhance the implementation and enforcement of its sanctions framework. The review, led by the Foreign, Commonwealth & Development Office, focuses on improving compliance measures, strengthening deterrence, and refining enforcement tools. It builds on previous updates to the Sanctions and Anti-Money Laundering Act 2018, ensuring a more agile approach to evolving geopolitical challenges. Recent actions highlight the government's commitment to enforcement, including financial penalties imposed by the Office of Financial Sanctions Implementation and convictions secured by the National Crime Agency for breaches of Russia-related sanctions.
Key recommendations include streamlining guidance for businesses, creating a consolidated sanctions list, and introducing new enforcement strategies such as fast-track penalties and enhanced intelligence-sharing. The government also plans to refine ownership and control rules to ease compliance burdens while maintaining sanctions integrity. By bolstering coordination across departments and international partners, the UK aims to increase deterrence and reduce sanctions evasion, reinforcing its commitment to national security and foreign policy objectives.
AIIA reflects on Russia
Now a direction to some reading from the website of the Australian Institute of International Affairs, the independent organisation focused on international relations, providing analysis and discussions on global affairs. The article examines Russia’s political and economic trajectory under Vladimir Putin, focusing on how the war in Ukraine has reshaped its internal power structures. It highlights the consolidation of wealth among Putin’s close allies, the rise of entrepreneurs profiting from sanction evasion, and Russia’s reliance on oil exports through a shadow fleet of tankers.
The article also explores the Kremlin’s strategies for circumventing Western sanctions, including jurisdictional arbitrage and covert technology acquisitions. It underscores growing concerns about environmental risks from Russia’s aging oil fleet and geopolitical tensions linked to sabotage efforts on global infrastructure. The discussion concludes with insights into how escalating sanctions could destabilise Putin’s economic grip, forcing Russia to seek market stability amid global uncertainty.
OFAC issues Nuclear-related sanctions
The US Department of State has announced new sanctions targeting individuals and entities involved in Iranian nuclear-related research with potential military applications. These sanctions focus on key figures within Iran’s Organisation of Defensive Innovation and Research (‘SPND’), a group known for its work on explosives and nuclear-related projects. Among those sanctioned is Sayyed Mohammad Reza Seddighi Saber, the head of SPND’s Shahid Karimi Group, which has been linked to research and testing applicable to nuclear explosive devices. Another individual, Ahmad Haghighat Talab, is a senior SPND official and nuclear scientist, previously involved in Iran’s pre-2004 weapons programme, the ‘Amad Project’. Talab continues to coordinate nuclear research efforts which have dual-use purposes, meaning they could be applied to both civilian and military objectives.
Additionally, Mohammed Reza Mehdipur, a longtime SPND-affiliated official, has been sanctioned for his involvement in explosion and shock research. He currently leads SPND’s Shahid Chamran Group, which has conducted nuclear-related research. His work has supported SPND’s broader nuclear and explosives research and development efforts, including those with potential military applications. The sanctions also extend to Fuya Pars Prospective Technologists, also known as Ideal Vacuum, an SPND-affiliated company which has attempted to procure and fabricate equipment which could be used in nuclear weapons research and development.
These sanctions are imposed under Executive Order 13382, which targets proliferators of weapons of mass destruction and their means of delivery. The US government aims to curb Iran’s ability to advance its nuclear capabilities, particularly those which could contribute to military applications. By designating these individuals and entities, the US seeks to disrupt Iran’s nuclear research network and limit its access to critical resources. The Specially Designated Nationals List has been updated.
OFAC targets those linked to Iranian oil, military, and terrorist activity
Additionally, and still in relation to Iran and Iran-related activity, OFAC has sanctioned nearly two dozen companies involved in Iran’s illicit oil trade. The Iranian government allocates billions in oil revenue to fund military operations, including missile development and support for terrorist groups.
The sanctions target Sepehr Energy Jahan Nama Pars Company, which uses front companies to obscure the origins of Iranian oil. These entities operate in multiple jurisdictions, particularly China, where oil shipments are disguised through ship-to-ship transfers, false documentation, and blending.
Several China-based firms, including Hong Kong and Singapore entities, facilitate this trade by inspecting, purchasing, and storing Iranian oil while obfuscating its origins. OFAC has designated these organisations, warning that US persons and financial institutions must comply or risk secondary sanctions.
US Tightens Sanctions on Iran’s Ballistic Missile Programme, Targeting Domestic and Foreign Supply Chains
Again in relation to Iran, OFAC has imposed sanctions on six individuals and 12 entities involved in Iran’s efforts to domestically manufacture critical materials for its ballistic missile programme. These sanctions target groups supporting the Islamic Revolutionary Guard Corps (‘IRGC’), particularly its aerospace and research divisions, which are instrumental in developing missile technologies. OFAC’s action is part of broader US policy under National Security Presidential Memorandum-2, aimed at preventing Iran from acquiring intercontinental ballistic missile capabilities.
A key focus of the sanctions is Iran’s domestic production of carbon fibre, a crucial material for missile development. The Iran-based Advanced Fiber Development Company has been working closely with IRGC sub-organisations to indigenise carbon fibre manufacturing. Several Iranian nationals and entities, including Sharif Hamrah Science and Technology Researchers and Pishtazan Kavosh Gostar Boshra LLC, have been identified as key players in acquiring these materials and equipment. OFAC has also sanctioned foreign suppliers, including companies based in China and Hong Kong, which have facilitated Iran’s missile-related procurement by exporting carbon fibre and other sensitive materials.
Beyond Iran’s borders, OFAC has designated multiple Chinese firms and individuals for their role in supplying missile-applicable components to Iran. These entities include Shanghai Tanchain New Material Technology Co. Ltd., Qingdao Premier Technology Co. Ltd., and Reso Trading Shanghai Co. Ltd., among others. The sanctions extend to executives of these firms, emphasising the US government’s commitment to disrupting Iran’s missile supply chain globally.
US Treasury Targets Hizballah’s Financial Network
And finally on sanctions, the US Department of the Treasury has imposed sanctions on key financial facilitators supporting Hizballah, aiming to disrupt the group's funding channels. The Office of Foreign Assets Control (‘OFAC’) designated two senior Hizballah officials and two financial operatives based in Lebanon and Iran, citing their roles in coordinating financial transfers from overseas donors. These funds constitute a significant portion of Hizballah’s budget, enabling its global operations. The sanctions follow previous actions targeting illicit finance networks linked to Hizballah, including oil sales and commercial enterprises.
The move is part of Washington’s broader strategy to exert economic pressure on Iran and its proxies, reinforcing counterterrorism efforts. The sanctions block the designated individuals’ assets within US jurisdiction and prohibit financial transactions involving them. Violators, including foreign entities engaging with the sanctioned individuals, risk secondary sanctions. The Treasury Department emphasised its commitment to dismantling Hizballah’s financial infrastructure, ensuring compliance with Executive Order 13224, which governs counterterrorism sanctions.
Money Laundering
FATF’s Travel Rule takes effect in South Africa
South Africa has implemented the Financial Action Task Force (‘FATF’) Travel Rule for digital assets, requiring Virtual Asset Service Providers (‘VASPs’) to collect and store detailed transaction information. This includes the originator and beneficiary’s full name, ID or passport number, date of birth, and residential address, along with transaction details such as amount, date, and unique transaction ID.
The key points are:
- The rule applies to all transaction sizes, with simplified requirements for transactions below R5,000 ($270).
- VASPs must monitor and report suspicious transactions and retain collected data for at least five years.
- Non-compliance can result in fines or license revocation.
- Major exchanges like Binance, Luno, and VALR have already adjusted their policies to comply.
- Some industry players express concerns over the low reporting threshold, citing increased compliance costs and potential delays in transaction processing.
The Travel Rule took effect on 30th April this year.
Bahrain’s delegation to the 40th MENAFATF plenary meeting
Shaikha May bint Mohammed Al Khalifa, Chief Executive of the Financial Intelligence National Centre and Chairperson of the Anti-Money Laundering and Counter-Terrorism Financing Policy Committee, led Bahrain’s delegation to the 40th Middle East and North Africa Financial Action Task Force plenary meeting in Amman, Jordan.
The meeting focused on enhancing anti-money laundering and counter-terrorism financing systems, including discussions on follow-up reports, committee updates, and international standards. A workshop was also held to address major changes to global standards and preparations for the next mutual evaluation round, reinforcing Bahrain’s commitment to financial integrity.
AMLA head addresses conference
Bruna Szego, the Chair of the European Anti-Money Laundering Authority (‘AMLA’), delivered a keynote speech at the European Anti-Financial Crime Summit in Dublin on 7th May 2025. She emphasised AMLA’s role in enhancing cooperation and unified action against money laundering and terrorist financing, highlighting their impact on economic and democratic stability.
Szego outlined AMLA’s three immediate priorities: establishing operational foundations, strengthening supervisory and Financial Intelligence Unit coordination, and fostering cross-sector collaboration. She stressed the importance of breaking down silos between supervision and intelligence, making the AML/CFT system more responsive and effective. Additionally, she urged stakeholders to raise awareness among non-financial sectors, particularly newly obliged entities.
Acknowledging challenges such as diverging national practices and technological change, Szego reaffirmed AMLA’s commitment to acting decisively. She concluded by emphasising the critical role of public-private cooperation in tackling financial crime.
Mozambique Meets FATF Requirements for Removal from Grey List
Mozambique has said that it has now fulfilled all the necessary indicators for removal from the Financial Action Task Force (‘FATF’) "grey list,” which it was placed on in October 2022 due to deficiencies in combating money laundering and terrorist financing. The final requirement involved submitting a list of Non-Profit Organisations handling large sums of money, particularly in Cabo Delgado, where terrorist groups have been active. Authorities now await formal protocol procedures, with an official announcement expected at the FATF meeting in September. The government asserts that its compliance efforts have restored the country's financial reputation, ensuring foreign investors no longer view Mozambique as a high-risk jurisdiction.
Bribery and Anti-Corruption
IMF reflects on Angola’s anti-corruption progress
The IMF has examined Angola’s governance and anti-corruption reforms. It highlights progress made since 2018, particularly during President Lourenço’s first administration (2017–22), which saw new legislation, improved fiscal transparency, and increased oversight of state-owned enterprises. However, reform momentum has slowed, with gaps in governance indicators widening.
The paper assesses Angola’s governance relative to peers, quantifies the economic impact of closing governance gaps, and outlines reform priorities. Key challenges include fiscal transparency, public investment management, and anti-money laundering measures. The report suggests that strengthening institutional autonomy, transparency, and digital automation could enhance governance and economic growth.
EU gives continuing support to Kosovo
The European Union has given its ongoing support for Kosovo in its fight against corruption. Ambassador Nataliya Apostolova emphasised that corruption undermines governance, economic development, and public trust in institutions. The EU has urged Kosovo to take strong action through agreements like the Stabilisation and Association Agreement and the European Reform Agenda.
Recent progress includes the adoption of several anti-corruption laws, such as those protecting whistleblowers and enabling asset confiscation. However, effective implementation remains crucial, requiring active investigations, removal of corrupt officials, and judicial accountability.
Beyond legal measures, the EU stresses the need for broader governance reforms, including merit-based appointments and transparency in public administration. The EU remains committed to supporting Kosovo in aligning its legal framework with EU standards, but Kosovo must demonstrate sustained political will to combat corruption.
Fraud
Europol dismantle investment scam
An international law enforcement operation has dismantled a multimillion-euro investment scam, which defrauded over 100 victims of more than €3m through a fake online trading platform. The investigation, led by German authorities with support from Europol and Eurojust, resulted in coordinated actions in Albania, Cyprus, and Israel, leading to the arrest of a suspect in Cyprus.
The criminal network lured victims with promises of high returns, manipulating them with fake charts showing fabricated profits. Fraudsters posing as brokers used psychological tactics to pressure victims into transferring large sums, which were never invested but directly pocketed by the group.
Authorities conducted two major action days, first in September 2022, leading to arrests in Belgium and Latvia, and then on 13 May 2025, with eight searches across Albania, Cyprus, and Israel. Investigators seized electronic devices, documents, and cash, while Europol facilitated real-time coordination through a virtual command post.
The operation involved agencies from Germany, Cyprus, Albania, the UK, and Israel, with Eurojust ensuring judicial cooperation. The investigation remains ongoing, with further actions expected.
FCA Confiscates Over £300,000 from Convicted Fraudsters in Investment Scam
The Financial Conduct Authority (‘FCA’) has secured confiscation orders totalling £305,284 against Raheel Mirza, Cameron Vickers, and Opeyemi Solaja for their roles in an investment fraud scheme. These individuals cold-called victims between 2016 and 2020, persuading them to invest in a shell company under the guise of trading in binary options. Instead, they used the funds to finance their personal lifestyles. In 2023, they were convicted and sentenced to a combined 24 and a half years in prison. The FCA has confirmed that the confiscated funds will be returned to the defrauded investors as soon as possible, with failure to pay potentially leading to further imprisonment.
Steve Smart, Executive Director of Enforcement and Market Oversight at the FCA, emphasised the agency’s commitment to tackling financial crime and ensuring that fraudsters do not profit from their illicit activities. The FCA had previously prosecuted these individuals for defrauding 120 victims, and the latest confiscation orders reinforce its efforts to recover stolen funds. The proceedings for another defendant, Reuben Akpojaro, have been postponed to a later date. The FCA continues to pursue financial crime enforcement, aiming to protect investors and uphold market integrity.
Market Abuse
Brothers guilty of insider dealing
Matthew and Nikolas West have pleaded guilty to six counts of insider dealing at Southwark Crown Court. Between November 2016 and January 2020, Matthew West used confidential information obtained from brokers to trade shares in four companies—Proactis Holdings plc, Palace Capital plc, Concha plc, and Bushveld Minerals Limited. He also shared inside information with his brother, Nikolas West, who traded shares in Asimilar Group plc.
The brothers made £42,948 in profits from these illegal trades. They will be sentenced on 3 July 2025, and the Financial Conduct Authority (‘FCA’) will seek confiscation orders for the proceeds of crime. The FCA emphasised its commitment to tackling financial crime and maintaining market integrity.
Other Financial Crime News
UK government publishes Economic Crime Levy Report 2023-2024
HM Treasury has published its Economic Crime Levy Report 2023-24. It provides a breakdown of how funds raised through the Economic Crime Levy (‘ECL’) were collected and spent in the 2023-24 financial year, supporting initiatives to combat money laundering and economic crime.
The key points are:
- Purpose of the Levy: The ECL was established under the Finance Act 2022 to provide sustainable funding for anti-money laundering (‘AML’) efforts. Entities subject to the Money Laundering Regulations (‘MLRs’) contribute based on their UK revenue.
- Funds Raised: The levy generated £90.7 million in 2023-24, falling short of the original £100m target. Adjustments were made to increase contributions from "very large" entities from £250,000 to £500,000 starting in 2024-25.
- Funding Allocations: The funds were distributed across six core deliverables, including:
o Investment in technology (£42.7m) – Enhancing Suspicious Activity Reports (‘SARs’) processing and asset recovery systems.
o Hiring financial crime specialists (£12.7m) – Bringing in 200+ new investigators, analysts, and intelligence officers.
o Expanding specialist intelligence teams (£25.5m) – Strengthening efforts against high-end money laundering and corruption through the Combatting Kleptocracy Cell.
o Supporting SARs analysis (£6m) – Funding 78 officers in the UK Financial Intelligence Unit (‘UKFIU’) and 22 regional investigators.
o Enhancing corporate oversight (£2.1m) – Creating new AML intelligence teams within Companies House and the Insolvency Service.
o AML supervisory reform (£0.3m) – Establishing a dedicated team to reshape the UK’s AML regulatory framework.
In terms of next steps, the ECL will be increased from 2025-26 to ensure stable funding and the annual reports will track progress, with a full review of the levy’s operation planned for 2027.
Fintel Alliance expands intelligence partnerships
AUSTRAC's Fintel Alliance, a public-private partnership focused on combatting financial crime, is expanding after demonstrating significant success in intelligence collaboration. The alliance, established in 2017, enables data-sharing among banks, law enforcement, and other industry players to detect criminal patterns.
Recent efforts include analysing cash deposit data under $10,000 from major banks, leading to the identification of major criminal networks. The alliance has also tackled issues like money laundering, fraud, and scams targeting Aboriginal communities.
The expansion involves growing AUSTRAC’s collaborative data analytics hub, adding staff, and strengthening industry partnerships. A senior ANZ Bank manager will join the effort to enhance public-private cooperation. This initiative aims to bolster real-time crime detection and intelligence-driven regulation.
Law Society publishes its response to private prosecution proposal
The Law Society of England and Wales has published its response to the Ministry’s of Justice’s proposals for reforming private prosecution powers in England and Wales. The Ministry of Justice (‘MoJ’) is proposing new standards for private prosecutors to align them with Crown Prosecution Service standards, aiming to prevent miscarriages of justice like the Post Office Horizon scandal. The Law Society supports these measures, advocating for a mandatory code of practice, separation of investigative and prosecutorial functions, adherence to public interest tests, accreditation systems, regular inspections, and a public register of private prosecutors. These reforms would enhance accountability and transparency, ensuring prosecutions serve the public interest rather than private organisations. Solicitors involved in private prosecutions will likely need to comply with any new regulatory standards. The consultation closed on 8th May 2025, and the MoJ will review responses before publishing detailed proposals.
Asset recovery in Mozambique
Mozambique has implemented a crime asset recovery programme to repurpose confiscated assets from criminal activities for public services. The initiative, supported by the United Nations Office on Drugs and Crime (‘UNODC’), ensures that seized assets—such as vehicles, real estate, and equipment—are used by government agencies rather than being wasted or mismanaged.
Since its launch in 2020, Mozambique’s Asset Management Office has allocated 700 recovered vehicles to law enforcement and public institutions, saving the government over USD $6m annually. Confiscated properties are repurposed for state use, rented out, or auctioned, generating USD $280,000 in 2024 alone. Transparency is a key focus, with a public portal allowing citizens to track how assets are utilised.
The programme aims to be self-sustaining, funding its operations entirely through recovered assets. By 2026, Mozambique hopes to generate USD $31m in revenue and savings, further strengthening its ability to combat crime.
US Justice Department Unveils Streamlined White-Collar Enforcement Plan to Incentivise Corporate Self-Reporting
Matthew R. Galeotti, Head of the Criminal Division at the US Department of Justice, delivered remarks at SIFMA’s Anti-Money Laundering and Financial Crimes Conference. He emphasised the Department’s commitment to tackling transnational criminal organisations, financial facilitators of cartels, and sanctions evasion. Galeotti announced a new white-collar enforcement plan, focusing on streamlining corporate investigations and incentivising self-reporting to reduce lengthy enforcement actions. The revised Corporate Enforcement and Voluntary Self-Disclosure Policy aims to provide clearer benefits for companies which cooperate and remediate misconduct. Additionally, the Department is revising its monitor selection policy to ensure oversight is proportionate and effective. The speech underscores a shift toward targeting individual wrongdoers while reducing burdens on law-abiding businesses.
INTERPOL’s Silver Notices
A regional workshop in Nairobi, Kenya, brought together financial crime experts from 12 African nations to explore how to leverage the Silver Notice alongside other tools like the I-GRIP stop-payment mechanism. The initiative aims to enhance cross-border intelligence sharing and support asset seizure efforts under national legal frameworks.
Officials emphasised that targeting illicit wealth is key to dismantling criminal networks. The workshop also covered emerging financial crime trends, including the use of cryptocurrencies and blockchain for laundering illicit funds.
INTERPOL’s Silver Notice, launched in January 2025, is designed to help law enforcement track and disrupt criminal finances by identifying assets linked to organised crime. It enables participating countries to request information on properties, vehicles, financial accounts, and businesses tied to individuals suspected of offenses like fraud, drug trafficking, and corruption.
Europol Cracks Down on Criminal Banking Network, Seizing Over €4.5 Million in Assets
Europol has dismantled a major criminal banking network operating across Europe, arresting 17 individuals suspected of providing illicit financial services. The operation, conducted on 14 January 2025 in Austria, Belgium, and Spain, follows previous investigations into migrant smuggling. The network facilitated money laundering through parallel banking services, illegal hawala transactions, cash collection, and cryptocurrency exchanges. Authorities seized assets worth over €4.5 million, including cash, bank deposits, real estate, vehicles, and firearms. The arrested individuals, primarily of Chinese and Syrian nationality, allegedly catered to criminal organisations involved in migrant smuggling and drug trafficking, moving an estimated €21 million through their illicit financial operations.
Europol played a crucial role in the investigation, tracing financial transactions linked to migrant smugglers and deploying experts to support law enforcement efforts on the ground. The crackdown highlights the growing interconnection between organised crime and financial fraud, reinforcing Europol’s commitment to disrupting illicit financial networks. The operation is part of the European Multidisciplinary Platform Against Criminal Threats (‘EMPACT’), which targets serious international crime affecting the EU. By dismantling this network, authorities aim to curb the financial infrastructure supporting criminal enterprises and enhance security across Europe.
Cybercrime
Blog on lessons from recent cyber attach on UK high street brands
The recent cyber-attack on Marks & Spencer has disrupted business operations, forcing the retailer to suspend online orders, causing shortages, increasing staff workload, and wiping £750 million off its share value. Even weeks later, uncertainty remains about when normal operations will resume.
An article by Dr Patricia Esteve-Gonzalez from Oxford University's Global Cyber Security Capacity Centre (‘GCSCC’), Department of Computer Science, and Luna Rohland from the World Economic Forum Centre for Cybersecurity highlights the importance of cyber resilience. Cyber resilience goes beyond traditional cybersecurity by assuming that significant incidents will occur and preparing organisations to absorb, recover, and learn from them. There are key strategies for cyber resilience, including:
- Leadership: Setting cybersecurity goals and decision-making.
- Governance, Risk & Compliance: Managing risk and regulatory requirements.
- People & Culture: Building a skilled workforce.
- Business Processes: Ensuring continuity during cyber incidents.
- Technical Systems: Maintaining IT and cybersecurity tools.
- Crisis Management: Responding effectively to cyber threats.
- Ecosystem Management: Addressing supply chain and regulatory risks.
The article emphasises that cyber resilience is an organisational imperative, not an ideal, and businesses must assume they will be targeted. The Cyber Resilience Compass, developed through expert insights, provides practical strategies to help organisations strengthen their defences.
Cyber Resilience in the Energy Sector
The World Economic Forum has highlighted how though the energy sector is undergoing rapid transformation as technological advancements, market forces, and increasing global demand drive companies to diversify, cyber threats targeting energy infrastructure are escalating, making cyber resilience an essential aspect of continued growth. The sector must integrate resilience into its systems through greater collaboration across supply chains and ecosystems.
Global energy demand has risen by 2.2% in the past year, with electricity consumption growing at an even faster rate. Renewable energy sources account for the largest share of this expansion, while developments in nuclear energy—such as small modular reactors and fusion technology—are gaining traction. Meanwhile, artificial intelligence is influencing energy usage by increasing demand while simultaneously enabling optimisation and forecasting. Hybrid energy facilities, which combine different energy sources like wind power with battery storage, are helping manage variable outputs and maximise efficiency.
Cyberattacks against energy infrastructure are becoming more frequent and sophisticated, with incidents like the Colonial Pipeline attack and disruptions in Portugal and Spain highlighting vulnerabilities. The sector must anticipate that it will be targeted and take proactive measures to enhance resilience. At the same time, securing energy systems is becoming more technically challenging, as automation and optimisation strategies introduce complex interactions between different technologies. Operators often struggle to integrate and protect legacy systems which were not originally designed for digital connectivity.
Regulators are responding by emphasising visibility into critical infrastructure, as improved monitoring enables operators to detect cyber incidents quickly and respond effectively. Frameworks like the EU’s Network and Information Security Directive 2 are pushing companies to enhance their cybersecurity measures. Collaboration within the energy sector is key to strengthening resilience, particularly through information sharing, joint exercises, and securing supply chains. Initiatives like the World Economic Forum’s Systems of Cyber Resilience: Electricity bring together industry leaders to exchange best practices, governance strategies, and operational security measures.
Ultimately, the combination of rising energy demand and evolving digital innovation will continue to shape cybersecurity risks for the sector. The increasing stakes call for greater coordination and adaptation across the industry, ensuring energy providers are prepared to handle emerging threats while maintaining operational security.
UNIDIR introduces new cyber-attack assessment framework
The United Nations Institute for Disarmament Research (‘UNIDIR’) has introduced a new cyber-attack assessment framework called the UNIDIR Intrusion Path. This framework is designed to complement existing models such as the MITRE ATT&CK framework and the Cyber Kill Chain, providing a structured yet simplified approach to analysing cyber threats. The goal is to help UN member states and non-technical stakeholders better understand cyber threats, making cyber diplomacy more inclusive and informed.
The UNIDIR Intrusion Path categorises cyber threats into three distinct layers: outside the perimeter, on the perimeter, and inside the perimeter. The outside the perimeter layer includes external systems beyond an organisation's control, such as public websites, social media, and cybercriminal forums. The on the perimeter layer represents the boundary between internal systems and external threats, incorporating security mechanisms like firewalls and intrusion detection tools. The inside the perimeter layer covers internal networks containing sensitive data and operational systems, which attackers may attempt to access or disrupt.
This framework enhances traditional cyber-attack models by offering a spatial understanding of where ICT activities take place. Unlike the Cyber Kill Chain, which presents intrusion as a linear sequence, or MITRE ATT&CK, which provides a matrix of tactics, the UNIDIR Intrusion Path creates a more accessible visualisation of cyber risks. The framework has already been applied to a December 2024 research project analysing how AI is transforming both cyberattacks and defensive strategies.
The introduction of this model reflects UNIDIR’s commitment to equipping policymakers, practitioners, and stakeholders with practical tools to strengthen global cybersecurity and promote a more informed digital security dialogue.
Page updated
Report abuse