Connect with us

Published

on

Krisanapong Detraphiphat | Moment | Getty Images

John Hultquist, vice president of intelligence analysis at Google-owned cybersecurity firm Mandiant, likens his job to studying criminal minds through a soda straw. He monitors cyberthreat groups in real time on the dark web, watching what amounts to a free market of criminal innovation ebb and flow.

Groups buy and sell services, and one hot idea — a business model for a crime — can take off quickly when people realize that it works to do damage or to get people to pay. Last year, it was ransomware, as criminal hacking groups figured out how to shut down servers through what’s called directed denial of service attacks. But 2022, say experts, may have marked an inflection point due to the rapid proliferation of IoT (Internet of Things) devices.

Attacks are evolving from those that shut down computers or stole data, to include those that could more directly wreak havoc on everyday life. IoT devices can be the entry points for attacks on parts of countries’ critical infrastructure, like electrical grids or pipelines, or they can be the specific targets of criminals, as in the case of cars or medical devices that contain software.

“What I wish is that the vulnerabilities of cybersecurity could never negatively affect human life and infrastructure,” says Meredith Schnur, cyber brokerage leader for US & Canada at Marsh & McLennan, which insures large companies against cyberattacks. “Everything else is just business.”

For the past decade, manufacturers, software companies and consumers have been rushing to the promise of Internet of Things devices. Now there are an estimated 17 billion in the world, from printers to garage door openers, each one packed with software (some of it open-source software) that can be easily hacked. In a conversation Dec. 26 with The Financial Times, Mario Greco, the group CEO of giant insurer Zurich Insurance Group, said cyberattacks could pose a larger threat to insurers than pandemics and climate change, if hackers aim to disrupt lives, rather than merely spying or stealing data.

IoT devices are a key entry point for many attacks, according to Microsoft’s Digital Defense Report 2022. “While the security of IT hardware and software has strengthened in recent years, the security of Internet of Things (IoT) … has not kept pace,” according to the report.

A rash of attacks that reached the physical world through the cyber world in the past year show the rising stakes. Last February, Toyota stopped operations at one of its plants because of a cyberattack. In April, Ukraine’s power grid was targeted. In May, the Port of London was hit with a cyberattack. That followed up on a 2021 that included to major attacks on critical infrastructure in the U.S., taking down energy and food supply operations of Colonial Pipeline and the JBS meatpacking conglomerate.

What many experts are anticipating is the day enterprising criminals or hackers affiliated with a nation-state figure out an easy-to-replicate scheme using IoT devices at scale. A group of criminals, perhaps connected to a foreign government, could figure out how to take control of many things at once – like cars, or medical devices. “We have already seen large-scale attacks using IoT, in the form of IoT botnets. In that case, actors leveraging unpatched vulnerabilities in IoT devices used control of those devices to carry out denial of service attacks against many targets. Those vulnerabilities are found regularly in ubiquitous products that are rarely updated.”

In other words, the possibility already exists. It’s only a question of when a criminal or a nation decides to act in a way that targets the physical world at a large scale. “It’s not always the art of the possible. It’s a market-driven thing,” Hultquist said. “Somebody figures out a scheme that is successful at making money.”

Aside from responding rapidly to attacks, the only answer to the “cat-and-mouse game” is constant innovation, says Shlomo Kramer, an early investor in Palo Alto Networks and currently one of the top cyber security investors worldwide.

There are a handful of companies, new regulatory approaches, a growing focus on cars as a particularly important area, and a new movement within the software engineering world to do a better job of incorporating cybersecurity from the beginning.

Internet of Things has a big update problem

The cybersecurity industry is upping its game. Companies including ForeScout and Phosphorus focus on Internet of Things security, which has a heavy emphasis on constant inventory of “endpoints” – where new devices connect to a network.

But one of the key problems in Internet of Things security is that there isn’t a good process for updating devices with patches, as new vulnerabilities, hacks or attacks are discovered, says Greg Clark, former CEO of Symantec, currently the chairman of Forescout. Many users are accustomed to downloading updates and patches to computers and phones; and even in those cases, a significant number of users don’t bother to do the updates.

The problem is much worse in the IoT: For instance, who bothers to update their garage-door opener? “Not many of the IoT devices have a system to update the code,” says Clark. “It becomes a serious problem to remediate the vulnerabilities in the IoT.”

He said one focus for cybersecurity companies has become putting controls around the devices so they can only do a specific set of things. That way, the devices can’t be weaponized to launch attacks on other networks. “There are a lot of hammers swinging,” Clark said, on products that make the IoT more secure).

Medical devices, which are seen as particularly important and particularly vulnerable, are one focus. Last month, Palo Alto Networks announced a new product aimed at medical device makers.

IoT device makers are not regulated enough

Because the challenges are new, and cut across industries, the U.S. guidelines and regulations remain patchwork. That has left a lot of IoT cybersecurity up to consumers and companies across sectors, rather than the many manufacturers making IoT devices.

“I’m hopeful there will be some new standards, and newer regulations that will force the vendors to do more,” says Randy Trzeciak, director of the science information and security policy & management program at Carnegie Mellon University. “There should be a national discussion around insuring device security, and where the manufacturer needs to take some ownership and responsibility.”

Clark said CISA and the National Institutes of Standards and Technology are working together, issuing guidelines for the thousands of manufacturers that make IoT devices covering such things as ensuring that IoT devices identify themselves to networks as they are added to them. In 2020, the U.S. Congress turned the guidelines into a law, but only for companies that supply the U.S. government with IoT devices. A spokesman for the National Institutes of Standards and Technology says this is the only national law the agency knows of. Some state-specific and industry-specific laws also exist: For instance, data in medical devices would be covered by HIPAA, and the National Highway Traffic Safety Administration has some jurisdiction over cars.

Some investors and executives cautiously welcome the increasing involvement of regulators. “It’s simply too complex,” Kramer said. “There’s not enough qualified and experienced security people.”

How cars are being targeted

As more criminal hackers aim attacks at the physical sphere, cars are a target. That includes theft, with attackers exploiting the keyless entry systems, but also attacks on sensitive information now being stored in cars, such as maps and credit card data.

Led by the European Union, countries around the world are rapidly adopting cybersecurity regulations for cars, with the EU’s coming into effect in July of last year.

The transition to electric vehicles has created an opportunity for regulators to get ahead of the criminals. As the new technology lowered the barriers to entry, more car companies entered the market. In turn, that has created an opportunity for regulators to work with industry groups that want to protect their home-grown industries.

The concerns about cars are nothing new. In one landmark experiment in 2015, two hackers attacked a Jeep Cherokee. “They shut down the engine on the highway – the brakes didn’t respond. This is not a pleasant situation,” said David Barzilai, CEO of a six-year-old Israeli company called Karamba Security, which helps car companies make their IoT devices more secure.

Barzilai says that in the past 12 months, there were dozens of attacks, both by serious criminal gangs and teen-agers. “When we started six years ago, the attacks were by states, mostly China,” he says. “Within the last 12 months, there’s a democratization” in car attacks, he said, pointing to the case in January 2022 of the teen who figured out how to access the control systems of a few dozen Teslas at once,  last January — have already done.

Connected cars usually have SIM cards, that hackers can attack via cellular networks, he said. “All cars of the same vehicle model use the same software,” he said. “Once hackers identify a vulnerability, and a way to exploit it remotely, they can replicate the attack on other vehicles.” 

Cybersecurity grew as an industry mostly as an after-the-fact attempt to fix software and hardware that was long since on the market, as criminals and foreign governments discovered vulnerabilities in the systems that they could exploit. One study by IBM‘s System Science’s Institute found it costs six times more to fix a cybersecurity vulnerability while software is being implemented than when it is under development. The IoT is still relatively new as an industry, giving security-minded developers a chance to get ahead of the cat-and-mouse game, says Trzeciak, and there’s a growing movement of researchers and developers working on this, including Carnegie Mellon’s Software Engineering Institute’s DevSecOps initiative, which aims to add security into earlier phases of software development. That process-based innovation could make all kinds of software, including that in cars and medical devices, more secure — and therefore, the devices safer.

Continue Reading

Technology

Mark Zuckerberg unveils $799 Meta Ray-Ban Display glasses

Published

on

By

Mark Zuckerberg unveils 9 Meta Ray-Ban Display glasses

At the Meta Connect developer conference, Mark Zuckerberg, head of the Facebook group Meta, shows the prototype of computer glasses that can display digital objects in transparent lenses.

Andrej Sokolow | Picture Alliance | Getty Images

Mark Zuckerberg on Wednesday unveiled the $799 Meta Ray-Ban Display glasses, the social media company’s first consumer-ready smart glasses with a built-in display.

The glasses, which costs $799, contain a small digital display that can be controlled via hand gestures through a wristband powered by neural technology, confirming a CNBC report in August. A promotional video of the new smart glasses appeared on Meta’s YouTube page on Monday but was later removed.

Tune in Thursday at 11:00 a.m. ET: Meta Chief Product Officer Chris Cox joins CNBC TV to discuss with Julia Boorstin the highlights of Meta’s annual Connect event, live from the company’s HQ in Menlo Park CA.

The new smart glasses are a bridge between the company’s audio-only Ray-Ban Meta smart glasses and the experimental Orion augmented reality glasses that the company revealed at last year’s Connect event. Orion can overlay 3D visuals over a person’s real-world field of view with the help of a wireless computing puck, but the glasses are expensive to make and not yet available to consumers.

The Meta Ray-Ban Display glasses come with the Meta Neural Band, an EMG wristband that allows users to control the device using hand gestures.

“These are glasses with the classic style that you’d expect from Ray-Ban, but they’re the first AI glasses with a high resolution display and a fully weighted Meta neural band,” Zuckerberg said.

With the new glasses, people can do tasks like watch videos through the display or see and respond to text messages, Zuckerberg said. The display doesn’t block a person’s view, and it disappears when not being used, he said.

The glasses go on sale in the U.S. on Sept. 30.

During a demo, Zuckerberg repeatedly attempted to call Meta tech chief Andrew Bosworth unsuccessfully.

“This is uh — you know, it happens,” Zuckerberg said.

Meta has been developing its smart glasses with eyewear giant EssilorLuxottica since 2019, and last year renewed a long-term partnership agreement to continue making the products.

The company on Wednesday also debuted the Oakley Meta Vanguard smart glasses, intended for athletes who participate in high-intensity sports like snowboarding and mountain biking. The Oakley-branded glasses will cost $499 when they launch on Oct. 21, making it $100 more expensive than the Oakley Meta HSTN glasses that went on sale in June.

The Oakley Meta Vanguard smart glasses have a sportier look than the Oakley Meta HSTN glasses thanks to a wraparound design that extends its colorful lenses around a person’s temples. Unlike the Oakley Meta HSTN glasses, the new model contains a button on the underside of its frames so that athletes who wear helmets can more easily capture photos and videos.

The new sports-centric smart glasses have up to nine hours of battery life, can capture 3K video and contain speakers that are louder than their predecessors. The glasses can connect with Garmin-branded fitness watches to track certain stats like their heart rates using the Meta AI assistant. Preorders start today.

Meta also debuted the Ray-Ban Meta (Gen 2), the latest version of the company’s original smart glasses. The Ray-Ban Meta (Gen 2) costs $379, up from $299 for the version released in 2023. The Ray-Ban Meta (Gen 2) has double the battery life of the previous model, lasting 8 hours on a single charge, and a more powerful camera that can capture 3K Ultra HD video. The new glasses go on sale today.

Zuckerberg also announced Horizon TV, pitching it as a way to watch television shows, sporting events and movies using the company’s Quest VR headsets. Some of Meta’s partners who will be contributing content to the app include Disney and Universal Pictures, Zuckerberg said.

WATCH: Tech management in the AI era. Here’s what to know.

AI disruption of entry-level roles now climbing the corporate ladder

Continue Reading

Technology

Netskope prices IPO at $19, valuing company at $7.3 billion

Published

on

By

Netskope prices IPO at , valuing company at .3 billion

Thomas Fuller | SOPA Images | Lightrocket | Getty Images

Cybersecurity company Netskope is eying a $7.3 billion valuation after pricing shares at $19 for its upcoming IPO, at the top end of its expected range.

Netskope will start trading on Thursday on the Nasdaq under the ticker symbol “NTSK.” The share sale raised $908.2 million.

Earlier this week, Netskope lifted its expected pricing range to between $17 and $19 a share, up from an original range of $15 to $17. The company revealed plans to go public last month.

Netskope’s offering comes amid a hot period for IPO activity after a years-long lull spurred by step inflation and soaring interest rates. The long-overdue resurgence has fueled optimism on Wall Street and in a venture capital industry eager for return on investment.

Ticket reseller StubHub slid 6% it its first day of trading Wednesday, but a lackluster start may not be reason for concern. CoreWeave went public in March and closed flat in its first day, with shares going on to triple.

Swedish buy now, pay later firm Klarna jumped 15% in its debut this month. Peter Thiel-backed cryptocurrency exchange Bullish, design software company Figma and stablecoin issuer Circle have also jumped since their recent market debuts.

Read more CNBC tech news

The cybersecurity sector is also undergoing a busy stretch for dealmaking fueled by ongoing artificial intelligence advancements and a shifting threat landscape.

This year’s biggest tech deals include Google’s whopping $32 billion acquisition of Israeli cloud security startup Wiz and Palo Alto Network‘s $25-billion CyberArk buyout. Thoma Bravo-backed SailPoint went public in February after the private equity firm took it private in 2022. Cybersecurity competitors CrowdStrike and Zscaler have also made acquisitions this year to beef up their offerings.

Santa Clara, California-based Netskope was founded in 2012 and is led by co-founder and CEO Sanjay Beri. At the end of July, the company said it had 2,910 employees and 4,317 customers across 90 countries.

Netskope says it competes in the IT security vendor and networking space against the likes of Broadcom, Cisco, Palo Alto Networks and Zscaler.

Annual recurring revenues rose 33% to $707 million at the end of July and revenues reached $328 million for the six months ended July 31. The company also reported a net loss of $170 million during that period.

Some of Netskope’s significant backers include Accel, Iconiq and Lightspeed Venture Partners.

WATCH: Some of the recent IPO offerings have been ‘frothy’, says Tastylive’s Tom Sosnoff

Some of the recent IPO offerings have been 'frothy', says Tastylive's Tom Sosnoff

Continue Reading

Technology

AI startup Nscale came out of nowhere and is blowing away Nvidia CEO Jensen Huang

Published

on

By

AI startup Nscale came out of nowhere and is blowing away Nvidia CEO Jensen Huang

Nscale, the UK-headquartered AI infrastructure provider.

Courtesy: Nscale

Two years ago, Nscale was a brand new startup in the U.K. that had yet to raise any outside funding or officially announce its existence.

Last year the London-based company came out of stealth, and in December announced that it had raised its Series A fundraising, totaling $155 million.

Now, Nscale finds itself at the center of the action in the hottest market on the planet: artificial intelligence. And it has close to $700 million in fresh capital from Nvidia, the world’s most valuable company.

In press releases on Tuesday, Nscale was named as an AI infrastructure partner for Nvidia, Microsoft and OpenAI, as the companies expand their buildouts in the U.K. Nscale then said it signed a five-year $6.2 billion agreement with Microsoft and Aker to develop “hyperscale AI infrastructure” in Europe, specifically Norway, where Aker is headquartered.

OpenAI made prior headlines with Nscale, announcing plans in July for a data center in Norway for a Stargate-branded AI data center. Nscale agreed to commit $1 billion for the project, with the goal of racking up 100,000 Nvidia graphics processing units (GPUs) at the site before 2027.

It’s a remarkably quick rise for a company that wasn’t even around when OpenAI kicked off the generative AI boom with the launch of ChatGPT in late 2022. At that time, what’s now Nscale was part of Arkon Energy, which was established a year earlier to provide infrastructure for cryptocurrency mining. Nscale was spun out to address soaring demand for data centers capable of handling AI workloads.

Read more CNBC tech news

Like CoreWeave, which went public this year and now sports a market cap of $58 billion, Nscale is combining data center space, power and lots of GPUs with its own software in order to an provide end-to-end service for AI infrastructure.

CoreWeave, which supplies infrastructure to Microsoft, Google, Nvidia and OpenAI, also has roots in crypto. Founded in 2017, the company built up its initial fleet of Nvidia GPUs for ethereum mining before pivoting to AI.

Nscale didn’t respond to a request for comment following this week’s announcements, but CEO Josh Payne, who previously founded Arkon, told CNBC in late July that the company was targeting two big problems in Europe. One is a lack of sufficient computing capacity and the other is a “very fragmented market.”

“What the continent needs is large AI infrastructure projects deploying compute [power],” Payne said, after the announcement with OpenAI for the Norway buildout. “The ecosystem can consume from the project to build AI products, to generate productivity growth and economic benefit.”

Payne wrote in a LinkedIn post on Wednesday that the agreement with Microsoft and Aker is a “huge win for European-owned AI infrastructure.”

Europe has been pushing the concept of “sovereign AI,” requiring data centers and AI workloads to be located and processed on European soil. Nscale has quickly emerged as an important player in the U.K.’s bid to evolve into a global leader in AI. In January, Britain laid out an AI “action plan,” promising to reduce bureaucracy to help its domestic AI sector thrive.

Trump’s UK trip sparks tech investment splurge

While Nscale is addressing the European market, many of its early partners are big U.S. AI vendors. They timed their announcements on Tuesday to President Donald Trump’s state visit to the U.K.

On Wednesday, Trump visited Windsor Castle and met with King Charles, Queen Camilla and other members of the royal family. His trip comes at a contentious moment for U.K. Prime Minister Keir Starmer, who is under pressure to bring stability to the country after the exit of Deputy Prime Minister Angela Rayner over a house tax scandal and a major cabinet reshuffle.

Microsoft headlined the U.K. announcements, committing $15.5 billion of new investment to computing equipment. The software giant said it plans to work with Nscale to construct what will become the U.K.’s largest supercomputer in Loughton, a suburban town in the English county of Essex.

The site will initially house 23,040 Nvidia Blackwell GPUs to be delivered in the first quarter of 2027. When it goes live, it will generate 50 megawatts of AI capacity, scalable to 90 megawatts, according to a statement from Nscale.

“No one can make that kind of capital investment unless they’ve got somebody already committed to spend the money once the work is complete, and that’s the role we’re playing,” Microsoft President Brad Smith said Tuesday, adding the deal represents a major vote of confidence in Nscale.

OpenAI said it would launch a U.K. version of Stargate through a partnership with Nscale and Nvidia. OpenAI will deploy 8,000 GPUs in the project’s first phase early next year, with the option to expand capacity to approximately 31,000 GPUs over time.

Stargate U.K. will operate across a number of sites in the country — one of the early ones being Cobalt Park, an industrial state in the Northern English city Newcastle. Stargate was initially spawned in the U.S. in January as part of President Trump’s effort to push investments in AI infrastructure.

Nvidia CEO Jensen Huang attends the “Winning the AI Race” Summit in Washington D.C., U.S., July 23, 2025.

Kent Nishimura | Reuters

Nvidia’s announcement on Tuesday included an investment of up to £11 billion ($15 billion) with Nscale and CoreWeave to boost U.K. AI infrastructure.

Nvidia CEO Jensen Huang separately revealed on Wednesday that the chipmaker had made a £500 million ($683 million) equity investment into Nscale.

“We convinced ourselves that Nscale could be a national champion for AI infrastructure in the U.K.,” Huang told journalists at a press conference in London.

Nick Patience, AI practice lead at the Futurum Group, told CNBC that Nscale is “a key part of Nvidia’s push in the U.K. market and an acknowledgment by the government that it has to do something to get the AI infrastructure built here, which has been a long slog.”

Rapid growth

After exiting stealth in May of last year, Nscale’s first public announcement came two months later, when the company partnered with UAE’s Open Innovation AI to deploy 30,000 GPUs. Around the same time, Nscale said it was acquiring Kontena, which was founded in 2018 and specialized in high-performance computing data centers.

The next month, Nscale announced an agreement with Asian telecom company Singtel to offer a “GPU-as-a-Service (GPUaaS),” and serve customers in Europe and Southeast Asia. Initially, Nscale’s infrastructure relied on GPUs from Advanced Micro Devices. Today, the startup promotes various offerings from market leader Nvidia.

Nscale’s big financing landed in December, when the company said it raised $155 million in a round led by Sandton Capital Partners, with participation from Kestrel0x1, Blue Sky Capital Managers and Florence Capital.

Sandton co-founder Rael Nurick said in the press release that with its “unique vertically integrated approach, Nscale is building the hyperscale AI platform to power AI at scale.”

Nscale said at the time that it had grown its AI data center pipeline to 1.3 gigawatts from 300 megawatts the prior year to and that it was aiming to have 350,000 GPUs running by the end of 2027.

By comparison, CoreWeave said at a banking conference last week that its portfolio consists of “about 2.2 gigawatts of capacity that’s coming online.” The company said in its IPO prospectus in March that its 32 data centers were running 250,000 GPUs.

It’s been a whirlwind few years for Payne, Nscale’s founder. While he was serving as executive chairman of Arkon, he was also operating chief at Australia’s Battery Future Acquisition Corp., a blank check company that says it’s “targeting critical battery minerals and related supply chains.”

He’s got a lot of work in front of him.

Building out AI data centers with costly GPUs is a capital intensive process that’s historically required a hefty amount of debt. CoreWeave had raised a total of $12.4 billion in debt through the end of 2024, in addition to well over $1 billion in equity financing before its IPO. It announced a $1.5 billion bond sale in July after a $2 billion debt offering in May.

Nscale was trying to raise $1.8 billion earlier this year through a private credit deal led by bankers at Goldman Sachs, according to Bloomberg.

In the December video tied to Nscale’s equity fundraising, Payne called it “one of the largest Series As raised in U.K., European history.” He said the company would use the cash to deploy up to another 4,000 GPUs in its data center in Norway and to develop up to 180 megawatts of capacity in the company’s portfolio.

The aim, Payne said, was to deploy 50,000 GPUs by the end of 2025 and 150,000 by the end of next year.

“The key challenges that we see in the market is the significant increase in density at the GPU level,” he said. “This funding allows us to scale up materially” he said, and to become “one of the largest players in Europe.”

WATCH: OpenAI restructuring clears hurdle

OpenAI restructuring clears hurdle

Continue Reading

Trending