Home / Blogs

Has Your ISP Been Hacked? (Growing Concern Over AI-Driven Hacking)

Protect your privacy:  Get NordVPN  [73% off 2-year plans, 3 extra months]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.

As if we didn’t have a long enough list of problems to worry about, Lumen researchers at its Black Lotus Labs recently released a blog that said that it knows of three U.S. ISPs and one in India was hacked this summer. Lumen said the hackers took advantage of flaws in software provided by Versa Networks being used to manage wide-area networks.

The hacks were described as zero-day hacks, which describe a software or hardware vulnerability that is unknown to the vendor and for which no patch or other fix is immediately available—a vendor has zero days to prepare a patch when a vulnerability is exploited. While developers have a goal of delivering products with no vulnerability, virtually all software and hardware contain bugs of some sort.

Lumen said it is moderately confident that the attacks originated from a group known as Volt Typhoon, a Chinese state-sponsored set of hackers. This is the group that U.S. intelligence officials said had been trying to penetrate and hack American ports. Lumen describes the attacks as highly significant.

CISA (the Cybersecurity & Infrastructure Security Agency) leads the effort to protect the country against malicious hackers. The agency’s mission is to “lead the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure.”

Unfortunately, the U.S. is in the bullseye for ransomware attacks. The following chart, which comes from NTT Data shows the industries that are the targets of hacking in 2024. Manufacturing has overtaken the technology sector as the most attacked, while the financial sector has climbed to third.

Manufacturing overtakes technology as the most-targeted sector in 2024 cyber attacks. (Source: NTT Data)

Hackers constantly change tactics to stay ahead of the effort to block them. In 2024, there was a decline in banking trojans, which was offset by a rise in info-stealers and penetration-testing tools.

The big concern in the security industry is that hackers are starting to deploy AI to aid in hacks. AI is particularly useful in finding vulnerable code that is buried in lengthy software programs. AI is likely going to be used as a tool to develop a custom approach to hack any given entity.

I know it sounds like old and trite advice, but ISPs need to adopt robust cybersecurity systems to try to keep most hackers out of your network and software.

By Doug Dawson, President at CCG Consulting

Dawson has worked in the telecom industry since 1978 and has both a consulting and operational background. He and CCG specialize in helping clients launch new broadband markets, develop new products, and finance new ventures.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign