Welcome reader to your CybersecurityHQ report.

Headlines

Researchers at Lumen Technologies’ Black Lotus Labs have discovered an attack that disabled more than 600,000 routers in October 2023. The primary culprit is the so-called “Chalubo,” a remote access trojan that attacked a telecommunications company in the US heartland — perhaps the largest attack of its kind in the country’s history.

Lumen has not publicly disclosed the telecom that was affected, and due to the relatively common methods that the hackers used, they could not identify the threat actors, either. They do, however, stress the importance of the event, saying in their report, “A sizeable portion of this ISP’s service area covers rural or underserved communities; places where residents may have lost access to emergency services, farming concerns may have lost critical information from remote monitoring of crops during the harvest, and health care providers cut off from telehealth or patients’ records.”

On Thursday, Open AI CEO Sam Altman said that the company stopped five covert influence operations that were trying to use their models for “deceptive activity.” Among the content being generated were short comments and longer articles in multiple ranges, as well as names and bios for fake social media accounts. The operations have been running for at least three months.

The company says these were being spread in an “attempt to manipulate public opinion or influence political outcomes.” And they identified Russia, China, Iran, and Israel as state actors behind these operations.

In similar news, Juhan Lepassaar, head of the European Union Agency for Cybersecurity, or ENISA, said that geopolitics were behind a rising tide of digital attacks in 2024 in an interview with The Associated Press. Lepassaar said a major turning point was Russia’s invasion of Ukraine in February 2022.

In his words, “The number of hacktivist attacks (against) European infrastructure — threat actors whose main aim is to cause disruption — has doubled from the fourth quarter of 2023 to the first quarter of 2024.” The culprit? Lepassaar blames Russia for much of the activity.

Interesting Read

Recent EPA inspections are sounding the alarm over cybersecurity vulnerabilities across a vast swath of US water systems. This is largely caused by old systems that are extremely expensive to update, and slim municipal budgets have allowed these legacy systems to drift along without proper upgrades.

This vulnerability should be a top priority because water sanitation systems are so vital to public health. But we’ll see how the cybersecurity gap is closed if it ever will be. Read this article by Ray Fernandez at Techopedia to learn more.

Employment Tip: Set Clear Goals

Trying to find any kind of opening in the cybersecurity field might not be the best strategy. To create long-term success, define a clear pathway from where you are now to where you want to be. Setting achievable goals along the way allows you to hit those milestones and maintain a clear vision of your ultimate destination.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team