Telegram is tightening its policies, sharing user IPs and phone numbers of criminals with authorities. As hybrid warfare blends state-backed hacking with cybercrime, Telegram faces pressure to curb illegal activities exploiting its encryption features.
As cyber warfare escalates, blending state-sponsored hacking with digital criminal activity, platforms like Telegram are under mounting pressure to confront illegal activities facilitated through their services. In a significant and necessary policy shift, Telegram has updated its terms of service to disclose the IP addresses and phone numbers of users engaged in criminal behaviour. Founder Pavel Durov announced that Telegram would provide this information to authorities in response to valid legal requests, marking a firm stand against “bad actors” who abuse the platform.
This shift comes as hybrid warfare—where cyberattacks mix conventional and unconventional tactics—becomes an increasingly dangerous global threat. These attacks, often orchestrated by state-backed groups, are designed to create political or economic instability. Telegram, with its user base nearing one billion, has become a prime target for cybercriminals and state actors seeking to exploit its encryption features to operate under the radar.
“We won’t let bad actors jeopardize the integrity of our platform,”
Durov declared, underlining Telegram’s commitment to prevent its service from becoming a sanctuary for illegal activities. This policy change is timely, as governments worldwide, especially in the West, have voiced concerns over Telegram’s role in facilitating cybercrime. Recent warnings from the FBI highlighted North Korea’s state-sponsored hackers syphoning billions through illegal channels to fund its nuclear ambitions, spotlighting the urgency of addressing these threats.
Telegram’s revised policy reflects the broader challenge posed by hybrid warfare—a sophisticated form of conflict where cybercriminals, often backed by state actors, carry out attacks while maintaining plausible deniability. This tactic has been notably employed by Russia, which has long used cyber warfare to destabilize Western institutions and infrastructure. The difficulty in identifying these actors stems from their use of non-state intermediaries, making it easy for sponsoring governments to deny involvement.
Countries like Russia and North Korea have mastered these cyberwarfare strategies, engaging in ransomware attacks, data breaches, and financial disruptions on an unprecedented scale. Global distributed social platforms have inadvertently become tools for these operations, as their encryption features offer cover for malicious activities. In many cases, these cyberattacks are part of a broader geopolitical strategy, aimed at undermining democracies and destabilizing economies.
As platforms like Telegram expand rapidly, so does the complexity of monitoring and policing their usage. The growing user base, while a testament to Telegram’s popularity, also creates a much wider pool of potential bad actors—ranging from cybercriminals to terrorists. The surge in users mirrors similar growth on platforms like Signal, and this increased scale brings a heightened risk of misuse.
For example, Telegram’s popularity in regions marred by conflict, such as the Middle East, has made it an attractive platform for illegal activities. Extremist groups have used the service for recruitment, fundraising, and coordination, particularly during flashpoints like the ongoing Israel-Gaza conflict. This situation, coupled with Telegram’s role in the dark web economy, has created a hotbed for criminal activity that is extremely challenging to police.
Western regulators are grappling with the enormous complexity of this issue. As cyberattacks cross borders with ease, a unified international regulatory framework has proven elusive. This lack of coherence allows bad actors to exploit jurisdictional gaps, enabling them to evade detection and prosecution. In conflicts such as the Russia-Ukraine war, platforms like Telegram have been used by both sides—not only for coordination but also to spread disinformation and propaganda, exacerbating the chaos of cyber conflict.
The threat posed by cybercrime has grown far beyond the isolated attacks of the past. With over 100 elections scheduled across 64 countries in 2024, the specter of foreign interference looms ominously over global democratic processes. Recent history has demonstrated just how potent these tactics can be. In the 2020 U.S. elections and the 2024 UK general election, we saw a troubling rise in politically motivated disinformation campaigns. Russian-affiliated networks, such as the notorious "CopyCop," flooded online platforms with fabricated news about the war in Ukraine. Simultaneously, political parties engaged in what has been coined "bureaucratic disinformation," manipulating statistics to obscure the economic realities of their opponents' policies.
These campaigns have a profoundly destabilizing effect, polarizing public opinion and sowing confusion. The prevalence of disinformation has not only distorted political discourse but also led to targeted online harassment of individuals falsely depicted in fake content. With audiences increasingly unsure of what to trust, the authenticity of online material has become suspect, contributing to record levels of public distrust. In the UK, for example, 58% of respondents in a recent poll claimed they "almost never" trust politicians to tell the truth, a damning indictment of how deep this crisis runs.
The urgency of this issue cannot be overstated. In 2024, state-sponsored cyberattacks, particularly from Russia, North Korea, and China, have intensified in both frequency and sophistication. These attacks are designed not just to disrupt electoral processes but to undermine the very fabric of democratic governance. Experts warn that we are witnessing cyber interference on an unprecedented scale, with some describing it as reaching "tidal wave dimensions."
Platforms like Telegram, Signal, and WhatsApp have unwittingly provided a digital battleground for these activities, their encrypted messaging systems offering anonymity that facilitates foreign interference and disinformation on a global scale. Without intervention, the scope of this interference will only widen, further eroding the integrity of democratic institutions worldwide.
The intertwining of cybercrime and foreign interference with digital platforms has exposed a glaring accountability crisis—not merely within law enforcement but at the highest levels of corporate governance. Platforms like Telegram, with massive global user bases, are now integral to this cybersecurity landscape. Yet the real conversation must move beyond law enforcement’s reactive stance and into the boardroom. Corporate leaders must now recognize that their platforms are no longer just tools of communication; they have become weaponized in the fight for global influence.
“It’s time for boards of companies like Telegram to step up,” insist industry experts. The risk of inaction is immense. These platforms must take a proactive stance, developing comprehensive policies that prevent bad actors from using their services to further cybercrime and foreign sabotage. Pavel Durov’s decision to revise Telegram’s policies and collaborate with authorities marks a significant step forward. However, it cannot be a solitary move. This shift must be part of a broader initiative across the tech industry—one that prioritizes rigorous scrutiny and the implementation of stronger, more enforceable regulations.
Governments, too, have a critical role to play. Legal frameworks must be established that not only empower tech companies to act but hold them accountable for the misuse of their platforms. This is no longer an issue of mere compliance but of global security. Without the necessary cooperation between governments and the private sector, the dark web and hybrid warfare will continue to thrive, providing fertile ground for cybercriminals and state-backed actors to exploit, unchecked.
As international efforts intensify, with the FBI, the EU, and other global bodies ramping up their focus on combating cybercrime and foreign interference, platforms like Telegram must be positioned on the frontlines. Whether it's the ransomware attacks emanating from North Korea, the ongoing cyber espionage campaigns spearheaded by China, or the disinformation wars being waged in the Russia-Ukraine conflict, the stakes have never been higher. The digital realm has become the frontline of modern conflict, and the need for more stringent, enforceable policies has never been clearer.
Telegram’s recent policy shift is a crucial first step in addressing these evolving threats. However, the broader battle against cybercrime and hybrid warfare remains far from over. As platforms continue to grow, and as cybercriminals supported by state actors become ever more sophisticated, we face an urgent need for concerted global action. The digital landscape, once heralded as a space for open communication and free exchange of ideas, now risks becoming a battleground for control and influence. If we are to protect the integrity of our global institutions, stronger accountability, enhanced cooperation, and robust regulatory action are not just necessary—they are imperative.
This week’s Cyber Pulse Mid-Week Briefings cover Australia’s new Cyber Security Bill, rising ransomware claims, Zscaler's AI-driven platform growth, and cyber threats from East Asia, including Chinese influence operations, North Korean tech theft, and costly global data breach claims.
Governor Gavin Newsom vetoed Senate Bill 1047, which would have enforced strict safety measures for AI models with over $100M in funding. He argued the bill’s focus was too broad and advocated for more targeted AI regulations that address risks from smaller, less costly systems.
Europe faces a critical choice: embrace AI innovation or enforce restrictive regulations? Fragmented rules risk leaving Europe behind in AI advancements and economic growth. Clear, unified policies are key to keeping Europe competitive in the global AI race.
The UAE is stepping up its AI game, with Sheikh Mohamed bin Zayed al-Nahyan meeting US President Joe Biden to boost AI cooperation. As the UAE shifts from oil to tech, it's deepening ties with US firms and tackling hurdles like AI chip restrictions, aiming to lead the global AI race.
