CLOUDLumen Black Lotus Labs outlines Raptor Train bot network...

Lumen Black Lotus Labs outlines Raptor Train bot network impacting SOHO and IoT devices

Lumen Black Lotus Labs outlines Raptor Train bot network impacting SOHO and IoT devices
Source: Lumen Black Lotus Labs

Prior to the pandemic, remote and home networks were a relatively small concern from a risk perspective. During the pandemic, this risk skyrocketed as employees were required to rely on their home network as an extension of their corporate network.

This risk is not new. What is new is the number of compromised devices in the wild…and, increasingly, potentially putting corporate entities at risk.

Lumen’s Black Lotus Labs identified Raptor Train as one such bot network starting in 2023. Raptor Train is likely driven by nation state threat actors and has grown from over 60,000 actively compromised devices in June 2023 to now over 200,000 devices. These devices include SOHO routers, IoT devices, NVR/DVR devices, NAS servers and IP cameras.

This botnet is also suspected of launching other exploitation attempts against Atlassian Confluence servers and Ivanti Connect Secure appliances.

More information on Raptor Train: https://assets.lumen.com/is/content/Lumen/raptor-train-handbook-copy

From the CIO perspective

Risk footprint has long since been a concern for CIOs and CISOs. Reducing your footprint and potential threat vectors is key. There are a couple of steps to consider:

  1. Educate: Educate staff on ways to secure their home networks and present reasons why this is critical for them personally and professionally.
  2. Update: Ensure that devices are updated with the latest firmware and security patches.
  3. Identify: Engage your CISO’s organization to identify risk vectors, prioritize and ways to mitigate them.
  4. Communicate: Communicate up and out. Communicate with staff to educate them. Also communicate with your executive team and board to ensure that they are also up to speed on current state and ongoing efforts.
  5. Evaluate: Good security is an ongoing process. Ensure that you are tied into local, state and federal law enforcement groups along with your cybersecurity partners to ensure you have the latest intelligence.

Discover more from AVOA

Subscribe to get the latest posts sent to your email.

Latest news

What’s New and Important in Google Analytics 4?

Google Analytics (GA4) has officially replaced Universal Analytics (UA). UA stopped processing data on July 1, 2023.  If you are...

How to Connect to EC2 Instance using Putty Quickly

How to Connect to EC2 Instance using Putty Quickly Connecting to an EC2 instance is needed many times when you...

Who is Promising 100x Faster Data Insights?  

(And is Now on the Azure Marketplace) Ian Moyse – Tech Industry influencer As we enter 2024, there has never been...

Silvio Di Benedetto – Veeam Backup & Replication 12.1.1.56

News Last Updated: January 22, 2024 5 Min Read During the end of this...

What to Expect from AWS re:Invent 2023 – Blog

The AWS re:Invent 2023, Amazon Web Services’ annual technology conference, is set to take place from November 27 to...

Silvio Di Benedetto – How to enable Veeam Backup & Replication logs with Azure Arc & Log Analytics

Questo articolo è disponibile anche in lingua italiana al seguente link: Azure Arc & Log Analytics: raccogliere i log...

Must read

Top 10 CIO Trends for 2019

As we get ready to close out 2018 and...

Are the cloud wars over or just getting started?

One of the biggest opportunities for enterprises large and...

You might also likeRELATED
Recommended to you