Connect with us

Published

on

Houston Chronicle/hearst Newspapers Via Getty Images | Hearst Newspapers | Getty Images

The City of Wichita recently had an experience that’s become all too common — its water system was hacked. The cyberattack, which targeted water metering, billing and payment processing, followed the targeting of water utilities across the U.S. in recent years.

In going after America’s water, hackers aren’t doing anything special. Despite rising fears of AI use in cyber threats, the go-to criminal way into systems remains preying on human foibles, be it via phishing, social engineering, or a system still running on a default password — “old school” cyberattacks, according to Ryan Witt, vice president of cybersecurity firm Proofpoint.

The rising cybercrime wave targeting key infrastructure led the Environmental Protection Agency to issue an enforcement alert warning that 70% of water systems it inspected do not fully comply with requirements in the Safe Drinking Water Act. Without quantifying an exact number, the EPA said some have “alarming cybersecurity vulnerabilities” — default passwords that have not been updated, vulnerable single login setups, and former employees who retained systems access.

While the methods may be simple, an attack last year by an Iranian-backed activist group against 12 water utilities in the U.S. reinforced how purposeful “an attacker’s mindset” can be, according to Witt. The targeted utilities all contained equipment that was Israeli-made.

FBI, NSA, CISA all express concern

In February, the FBI warned Congress that Chinese hackers have burrowed deep into the United States’ cyber infrastructure in an attempt to cause damage, targeting water treatment plans, the electrical grid, transportation systems and other critical infrastructure. A Russian-linked hack in January of a water filtration plant in a small Texas town, Muleshoe — located near a U.S. Air Force base — caused a water tank to overflow. “Water is among the least mature in terms of security,” Adam Isles, head of cybersecurity practice for Chertoff Group, recently told CNBC.

Psychological impact on the population is also a strategic aim, seen not only in targeting of water assets but the Colonial Pipeline hack that made national headlines in 2021, and in the words of the federal Cybersecurity and Infrastructure Security Agency, featured “snaking lines of cars at gas stations across the eastern seaboard and panicked Americans filling bags with fuel, fearful of not being able to get to work or get their kids to school.” 

Attacks on U.S. water utilities’ IT systems can have a similar psychological impact, and even if the attacks don’t directly interfere with the operations of the utility, still lessen public trust in water supply. No hack to date has shut off the water to a population, but that’s the bigger worry, said Stuart Madnick, an MIT professor of engineering systems and co-founder of Cybersecurity at MIT Sloan.

Service hacking by China is meant to create 'panic and chaos', says Fmr. CISA Director Chris Krebs

Meddling with a water supply through attacks targeting IT (informational technology), like Wichita’s system, is minor in comparison to a successful attack on the OT (operating technology) that controls water plants. That is a massive risk, Madnick said, and the threat of it happening is not zero.

“We have demonstrated in our lab how operations, such as a water plant, could be shut down not just for hours or days, but for weeks. It is definitely technically possible,” he said.

A recent letter sent by EPA Administrator Michael Regan and National Security Advisor Jake Sullivan to the nations’ governors detailed the urgency of the threat. But Madnick is wary of the government’s ability to act quickly or robustly enough to prevent such an occurrence. Budgets, outdated infrastructure, and reluctance to move on an issue that may seem both vital and daunting suggest that the fixes may indeed not come quickly enough. “It has not happened yet, and serious action to prevent ‘likely’ will not happen, until after it has happened,” he said.

Outdated water utility technology

Like any modern system, water utilities rely on technology for monitoring, for operations, and for customer communication. The technology creates vulnerabilities — for providers and users — so the need for enhanced security measures is acute. “The community risk from cyberattacks includes an attacker gaining control of the operations of a system to damage infrastructure, disrupt the availability or flow of water, or altering the chemical levels, which could allow untreated wastewater to be discharged into a waterway or contaminate drinking water provided to a community,” said an EPA spokesman.

Witt says there are some initial steps to take in improving the cyber hygiene of dated systems. “Improving password strength, reducing exposure to public-facing internet, and the need for cybersecurity awareness training,” would go a long way to shoring up defenses, he said. Another potential fix is the deployment of what are called air-gapped systems that separate supervisory and control systems from other networks. Since the easiest way into these systems is to obtain credentials and then exploit the system, “A systems admin should not be able to access office systems such as email and be able to operate a control panel of a water system from the same laptop,” Witt said.

For the most part, attacks that have occurred have been preventable, according to the EPA. “Systems were victimized by destructive and costly cyberattacks because they failed to adopt basic cyber resiliency practices,” the EPA spokesman said. “All drinking water and wastewater systems are at risk — large and small, urban and rural,” he said. 

While it has not been a tool needed to date in these water utility attacks, AI is coming alongside the concerted cyber efforts of geopolitical rivals. “Rapid advances in artificial intelligence are giving cyberthreat actors more sophisticated tactics, techniques, and procedures to penetrate operational technology that controls critical infrastructure facilities,” the EPA spokesman said. “These attacks have been linked to a variety of types of malicious actors, including hackers working on behalf of or in support of other nations who could use disruptions to U.S. critical infrastructure to their strategic advantage.”

Continue Reading

Technology

USDC stablecoin issuer Circle files for IPO as public markets open to crypto

Published

on

By

USDC stablecoin issuer Circle files for IPO as public markets open to crypto

Jeremy Allaire, Co-Founder and CEO, Circle 

David A. Grogan | CNBC

Circle, the company behind the USDC stablecoin, has filed for an initial public offering with the U.S. Securities and Exchange Commission.

The S1 lays the groundwork for Circle’s long-anticipated entry into the public markets.

While the filing does not yet disclose the number of shares or a price range, sources told Fortune that Circle plans to move forward with a public filing in late April and is targeting a market debut as early as June.

JPMorgan Chase and Citi are reportedly serving as lead underwriters, and the company is seeking a valuation between $4 billion and $5 billion, according to Fortune.

This marks Circle’s second attempt at going public. A prior SPAC merger with Concord Acquisition Corp collapsed in late 2022 amid regulatory challenges. Since then, Circle has made strategic moves to position itself closer to the heart of global finance — including the announcement last year that it would relocate its headquarters from Boston to One World Trade Center in New York City.

Read more about tech and crypto from CNBC Pro

Circle is best known as the issuer of USDC, the world’s second-largest stablecoin by market capitalization.

Pegged one-to-one to the U.S. dollar and backed by cash and short-term Treasury securities, USDC has roughly $60 billion in circulation.

Circle is best known as the issuer of USDC, the world’s second-largest stablecoin by market capitalization.

Pegged one-to-one to the U.S. dollar and backed by cash and short-term Treasury securities, USDC has roughly $60 billion in circulation. It makes up about 26% of the total market cap for stablecoins, behind Tether‘s 67% dominance. Its market cap has grown 36% this year, however, compared with Tether’s 5% growth.

Coinbase CEO Brian Armstrong said on the company’s most recent earnings call that it has a “stretch goal to make USDC the number 1 stablecoin.” 

The company’s push into public markets reflects a broader moment for the crypto industry, which is navigating renewed political favor under a more crypto-friendly U.S. administration. The stablecoin sector is ramping up as the industry grows increasingly confident that the crypto market will get its first piece of U.S. legislation passed and implemented this year, focusing on stablecoins.

Stablecoins’ growth could have investment implications for crypto exchanges like Robinhood and Coinbase as they integrate more of them into crypto trading and cross-border transfers. Coinbase also has an agreement with Circle to share 50% of the revenue of its USDC stablecoin.

The stablecoin market has grown about 11% so far this year and about 47% in the past year, and has become a “systemically important” part of the crypto market, according to Bernstein. Historically, digital assets in this sector have been used for trading and as collateral in decentralized finance (DeFi), and crypto investors watch them closely for evidence of demand, liquidity and activity in the market.

More recently, however, rhetoric around stablecoins’ ability to help preserve U.S. dollar dominance – by exporting dollar utility internationally and ensuring demand for U.S. government debt, which backs nearly all dollar-denominated stablecoins – has grown louder.

A successful IPO would make Circle one of the most prominent crypto-native firms to list on a U.S. exchange — an important signal for both investors and regulators as digital assets become more entwined with the traditional financial system.

Continue Reading

Technology

Hims & Hers shares rise as company adds new weight-loss medications to platform

Published

on

By

Hims & Hers shares rise as company adds new weight-loss medications to platform

The Hims app arranged on a smartphone in New York on Feb. 12, 2025.

Gabby Jones | Bloomberg | Getty Images

Hims & Hers Health shares closed up 5% on Tuesday after the company announced patients can access Eli Lilly‘s weight loss medication Zepbound and diabetes drug Mounjaro, as well as the generic injection liraglutide, through its platform.

Zepbound, Mounjaro and liraglutide are part of the class of weight loss medications called GLP-1s, which have exploded in popularity in recent years. Hims & Hers launched a weight loss program in late 2023, but its GLP-1 offerings have evolved as the company has contended with a volatile supply and regulatory environment.

Lilly’s weekly injections Zepbound and Mounjaro will cost patients $1,899 a month, according to the Hims & Hers website. The generic liraglutide will cost $299 a month, but it requires a daily injection and can be less effective than other GLP-1 medications.

“As we look ahead, we plan to continue to expand our weight loss offering to deliver an even more holistic, personalized experience,” Dr. Craig Primack, senior vice president of weight loss at Hims & Hers, wrote in a blog post.

A Lilly spokesperson said in a statement that the company has “no affiliation” with Hims & Hers and noted that Zepbound is available at lower costs for people who are insured for the product or for those who buy directly from the company. 

In May, Hims & Hers started prescribing compounded semaglutide, the active ingredient in Novo Nordisk‘s GLP-1 weight loss medications Ozempic and Wegovy. The offering was immensely popular and helped generate more than $225 million in revenue for the company in 2024.

But compounded drugs can traditionally only be mass produced when the branded medications treatments are in shortage. The U.S. Food and Drug Administration announced in February that the shortage of semaglutide injections products had been resolved.

That meant Hims & Hers had to largely stop offering the compounded medications, though some consumers may still be able to access personalized doses if it’s clinically applicable. 

During the company’s quarterly call with investors in February, Hims & Hers said its weight loss offerings will primarily consist of its oral medications and liraglutide. The company said it expects its weight loss offerings to generate at least $725 million in annual revenue, excluding contributions from compounded semaglutide.

But the company is still lobbying for compounded medications. A pop up on Hims & Hers’ website, which was viewed by CNBC, encourages users to “use your voice” and urge Congress and the FDA to preserve access to compounded treatments.

With Tuesday’s rally, Hims and Hers shares are up about 27% in 2025 after soaring 172% last year.

WATCH: Hims & Hers shares tumble over concerns around weight-loss business

Hims & Hers shares tumble over concerns around weight-loss business

Continue Reading

Technology

Meta’s head of AI research announces departure

Published

on

By

Meta's head of AI research announces departure

Meta CEO Mark Zuckerberg holds a smartphone as he makes a keynote speech at the Meta Connect annual event at the company’s headquarters in Menlo Park, California, on Sept. 25, 2024.

Manuel Orbegozo | Reuters

Meta’s head of artificial intelligence research announced Tuesday that she will be leaving the company. 

Joelle Pineau, the company’s vice president of AI research, announced her departure in a LinkedIn post, saying her last day at the social media company will be May 30. 

Her departure comes at a challenging time for Meta. CEO Mark Zuckerberg has made AI a top priority, investing billions of dollars in an effort to become the market leader ahead of rivals like OpenAI and Google.

Zuckerberg has said that it is his goal for Meta to build an AI assistant with more than 1 billion users and artificial general intelligence, which is a term used to describe computers that can think and take actions comparable to humans.

“As the world undergoes significant change, as the race for AI accelerates, and as Meta prepares for its next chapter, it is time to create space for others to pursue the work,” Pineau wrote. “I will be cheering from the sidelines, knowing that you have all the ingredients needed to build the best AI systems in the world, and to responsibly bring them into the lives of billions of people.”

Vice President of AI Research and Head of FAIR at Meta Joelle Pineau attends a technology demonstration at the META research laboratory in Paris on February 7, 2025.

Stephane De Sakutin | AFP | Getty Images

Pineau was one of Meta’s top AI researchers and led the company’s fundamental AI research unit, or FAIR, since 2023. There, she oversaw the company’s cutting-edge computer science-related studies, some of which are eventually incorporated into the company’s core apps. 

She joined the company in 2017 to lead Meta’s Montreal AI research lab. Pineau is also a computer science professor at McGill University, where she is a co-director of its reasoning and learning lab.

Some of the projects Pineau helped oversee include Meta’s open-source Llama family of AI models and other technologies like the PyTorch software for AI developers.

Pineau’s departure announcement comes a few weeks ahead of Meta’s LlamaCon AI conference on April 29. There, the company is expected to detail its latest version of Llama. Meta Chief Product Officer Chris Cox, to whom Pineau reported to, said in March that Llama 4 will help power AI agents, the latest craze in generative AI. The company is also expected to announce a standalone app for its Meta AI chatbot, CNBC reported in February

“We thank Joelle for her leadership of FAIR,” a Meta spokesperson said in a statement. “She’s been an important voice for Open Source and helped push breakthroughs to advance our products and the science behind them.” 

Pineau did not reveal her next role but said she “will be taking some time to observe and to reflect, before jumping into a new adventure.”

WATCH: Meta awaits antitrust fine from EU

Meta awaits antitrust fine from EU

Continue Reading

Trending