The Internet Archive, a prominent online repository of web pages, faced significant disruptions on Thursday after a major cyberattack that exposed user data. Brewster Kahle, the organisation’s founder, reported a series of distributed denial-of-service (DDoS) attacks that began earlier in the week, leading to the defacement of its website and the breach of usernames, emails, and passwords for millions of users. Although the data has not been corrupted, the attack has raised concerns about cybersecurity vulnerabilities, especially with the upcoming US presidential election on November 5.
The hackers, a group claiming to be pro-Palestinian called ‘SN_BLACKMETA,’ targeted the Internet Archive, accusing it of being connected to US government support for Israel. They reportedly posted a defacing message on the site, which informed users that 31 million accounts had been breached. The site ‘Have I Been Pwned’ later confirmed the stolen records, adding credibility to the hackers’ claims.
Brewster Kahle, founder of the Internet Archive, announced that the organisation is actively working to restore services and strengthen security measures following a major cyberattack. Established in 1996, the nonprofit is renowned for its Wayback Machine, which archives web pages and serves as a critical resource for researchers and journalists. This incident underscores the increasing risks of cyberattacks, particularly for organisations dedicated to preserving information and fostering an open internet.
OpenAI reports cybercriminals are increasingly using its AI models to generate fake content aimed at influencing elections. The startup has neutralised over 20 attempts this year, including accounts producing articles on the US elections. Several accounts from Rwanda were banned in July for similar activities related to elections in that country.
The company confirmed that none of these attempts succeeded in generating viral engagement or reaching sustainable audiences. However, the use of AI in election interference remains a growing concern, especially as the US approaches its presidential elections. The US Department of Homeland Security also warns of foreign nations attempting to spread misinformation using AI tools.
As OpenAI strengthens its global position, the rise in election manipulation efforts underscores the critical need for heightened vigilance. The company recently completed a $6.6 billion funding round, further securing its status as one of the most valuable private firms.
ChatGPT continues to see rapid growth, boasting 250 million weekly active users since launching in November 2022, emphasising the platform’s widespread influence.
T-Mobile customers impacted by hurricanes in Florida can now send SMS texts via Starlink satellites. SpaceX confirmed that the service is available on a ‘best-effort basis’ and at no cost.
Users with T-Mobile phones can send texts, including messages to emergency services and 911, using Starlink satellites. Phones connected to the satellite service will display ‘T-Mobile SpaceX’ and may show 1 to 2 bars of service.
SpaceX advises that the service works best outdoors but can sometimes function near windows indoors. There may be occasional issues requiring users to retry sending texts.
A recent Microsoft support scam nearly cost a Washington DC couple $14,000 after they lost access to their email. Searching Google for help, they unknowingly called a scammer posing as a legitimate technician. The scammer claimed there was suspicious activity on their account and used scare tactics to convince them to give remote access to their computer.
The situation escalated when the scammer claimed a crooked bank employee was involved in leaking information. He suggested setting up a sting operation to catch the suspect. The couple, sensing something was off, cut off contact before any financial loss occurred.
Fake Microsoft support pages often appear in search results, luring users into thinking they’re contacting real customer service. Scammers then use panic-inducing language to access sensitive information. Victims like Bob unknowingly grant access, putting personal and financial data at risk.
To avoid falling victim to such scams, users should rely only on official Microsoft contact details. Verifying sources, installing strong antivirus software, and recognising red flags can prevent these sophisticated attacks.
Zoom plans to roll out custom AI avatars by 2025, offering users a photorealistic digital clone that can replicate head and arm movements. Users will be able to script what their avatar says, with audio synced to lip movements, making it a potential game-changer for asynchronous workplace communication.
The company sees these avatars as a time-saving tool, particularly for those needing to scale video content creation. Despite the promising benefits, questions remain about how Zoom will prevent misuse of this technology, particularly in light of growing concerns around deepfakes. Many fear these digital avatars could be used maliciously to impersonate others or spread disinformation.
Zoom has announced some safety measures, such as advanced authentication and watermarks, though details remain unclear. Other companies offering similar tools, such as Tavus and Microsoft, have stricter safeguards in place, raising concerns that Zoom’s efforts may not be sufficient to curb potential risks.
The rise of deepfakes continues to fuel regulatory debates. While some states in the US have introduced laws to combat the spread of AI-aided impersonation, there is still no comprehensive federal regulation addressing the issue. As Zoom prepares to launch this feature, the company will need to balance innovation with security.
The FBI has successfully orchestrated a crypto sting operation using a token it created to investigate market manipulation. The NexFundAI Token, launched on the Ethereum blockchain, was part of the operation that led to the indictment of 18 individuals and entities for their involvement in fraudulent activities.
The investigation uncovered a sophisticated scheme involving pump-and-dump operations and wash trading, which artificially inflated token prices. Over $25 million worth of cryptocurrency was seized, and several trading bots responsible for manipulating markets across 60 different tokens were shut down.
This operation, known as “Operation Token Mirrors,” is seen as a warning to crypto investors about the risks of market manipulation. Authorities, including the FBI and SEC, are continuing to investigate those involved in fraudulent crypto schemes.
Internet Initiative Japan Inc. (IIJ) and JSC Uzbektelecom have forged a significant collaboration to strengthen network security services in Uzbekistan and throughout the Central Asian region. Central to this partnership is the integration of IIJ Safous, a sophisticated zero-trust access service that IIJ will provide to empower Uzbektelecom to launch its own security offerings.
The initiative builds upon a previous partnership established through the Telecommunication Infrastructure Development Project awarded in January 2023, which includes prominent players such as Toyota Tsusho, NEC Corporation, and NTT Communication Corporation. Together, they aim to address the growing demand for enhanced cybersecurity solutions in a rapidly evolving digital landscape.
That collaboration aligns closely with Uzbekistan’s ‘Digital Uzbekistan 2030‘ strategy, which aims to enhance the country’s digital infrastructure while highlighting the importance of cybersecurity. As the ICT market continues to expand, the partnership between IIJ and Uzbektelecom is set to foster innovations in managed security services and cloud solutions.
With the outsourcing services sector projected to grow by an annual rate of 12.53% from 2024 to 2029, this initiative strengthens Uzbekistan’s digital security landscape. It also serves as a model for similar partnerships that drive regional digital transformation.
Fortum, Finland’s largest power utility, is dealing with a wave of cyber threats and security incidents targeting its energy facilities, CEO Markus Rauramo revealed. The utility, which manages hydro, wind, solar, nuclear, and combined heat and power plants, faces daily denial-of-service attacks, disruptions to satellite communications, drone sightings, and suspicious individuals around its sites. Fortum has sought assistance from Finnish authorities to investigate the incidents, which have also impacted its operations in Sweden.
Finnish and Swedish intelligence services have declined to comment on the cyber attacks or identify any potential perpetrators. Fortum’s head of security, Jari Stenius, noted an uptick in the frequency of such incidents but emphasised that their impact on operations has been minimal so far. To strengthen its defences, the company has enforced strict access controls, employed private security, set up backup systems, and conducted regular drills with authorities.
The Finnish National Bureau of Investigation (KRP) confirmed that police are currently conducting several investigations into activities near critical infrastructure sites.
Mexico has become the focal point for cybercrime in Latin America, accounting for over 50% of all reported cyber threats in the region during the first half of 2024, according to a study by cybersecurity firm Fortinet. With 31 billion cybercrime attempts, hackers are taking advantage of Mexico’s strategic ties with the US and booming industries like logistics and manufacturing, which are being targeted for larger ransom payouts.
Fortinet’s report highlighted how cybercriminals are using advanced tools, such as AI, to streamline attacks and focus on specific sectors for maximum impact. The rapid shift of production closer to the US, known as nearshoring, has made Mexico’s electronics and automotive industries prime targets. Despite a slight dip in attack numbers compared to last year, the overall threat level remains significant.
Experts, including Fortinet executives, emphasised the need for Mexico to strengthen its cybersecurity laws. While President Claudia Sheinbaum has pledged to establish a cybersecurity and AI center, there has been no mention of legal measures yet. Cybersecurity professionals warn that urgent action is needed as Mexico’s role in global supply chains continues to grow.
The Bureau of Industry and Security (BIS) of the US Department of Commerce has introduced a Notice of Proposed Rulemaking to address national security risks associated with the connected vehicle supply chain, particularly concerning foreign adversaries such as China and Russia. Building on Executive Order 13873, which focuses on securing the US information and communications technology supply chain, the proposed rule outlines three main categories of prohibited transactions.
First is importing vehicle connectivity system (VCS) hardware from entities owned or controlled by China or Russia. Second, the sale of completed connected vehicles that incorporate software developed by these foreign adversaries and third, restrictions on manufacturers linked to these countries from selling connected vehicles.
Additionally, the rule mandates compliance mechanisms, including mandatory annual Declarations of Conformity certifying adherence to regulations and general and specific authorisations for certain otherwise prohibited transactions. Furthermore, it imposes recordkeeping requirements that necessitate maintaining documentation related to compliance declarations for ten years.
Notably, prohibitions on software are set to take effect for the model year 2027, while hardware prohibitions will begin in 2030. In addition, violations of the proposed rule may incur significant penalties, with civil fines reaching up to $368,136 and criminal penalties as high as $1 million. The regulatory framework reflects the US government’s commitment to safeguarding national security by regulating the import and sale of connected vehicle systems tied to foreign adversaries.
Why does it matter?
Consequently, it underscores the importance of compliance for stakeholders in the automotive and technology sectors, highlighting the need for vigilance in navigating these new regulatory challenges.
