Category Archives: Cyber Security

IoT and OT cybersecurity: the time to act was yesterday!

Yes, the time to act was yesterday, but is it too late to ramp up your cybersecurity posture now? Can investments in multi-level cybersecurity interventions at this point, save us from more cyberattacks in the future?

While post-facto investments cannot secure data lost due to cyberattacks in the past, it can definitely go a long way in protecting your data and assets in the future. Heightened levels of cybersecurity sensitivity along with a plan of action and the right tools can help ward off or at the very least mitigate the impact of brazen cyberattacks.

At Subex Secure, we have always advocated a multi-pronged approach to cybersecurity. It includes adding a good measure of cybersecurity awareness and action to processes, workflows, assets, converged environments, unsecured devices, networks and human-machine interfaces.

To work towards this objective, you need a tool powered by the latest and the most expansive threat intelligence available and has multiple levels of detection capabilities. It should also have the ability to detect rogue assets and any anomalous activity occurring in the network. Subex Secure checks all the boxes here and is a must-have tool in your armour to ward off cyberattacks and hackers. Subex Secure is the best choice to secure and improve your cybersecurity by a factor of multitudes!

IoT and OT cybersecurity: the time to act was yesterday!

Let’s begin with the second question first. Why Subex Secure? The answer to this is quite simple, Subex Secure is a certified vendor which provides a holistic, non-intrusive and comprehensible solution to your cybersecurity needs, which translates to military-grade tech that leverages the untapped potential of AI and ML in securing multiple verticals.

Currently, Subex Secure is at the heart of major smart-city hubs and key-critical infrastructure sectors, protecting innumerable IoT and OT deployments where they converge to work in harmony. We ensure that the cogs of evolutionary technology keep evolving at an incredible pace, without a hitch. And we do so backed by the world’s largest threat intelligence gathering network that constantly learns and ameliorates from unique zero-day’s and 12M sophisticated attacks that register on an average per day.

Now, to the first question. Is it too late for you to opt for cybersecurity? The answer to that is a question you need to ask yourself, can you afford a ransomware attack, data breach and public embarrassment? If yes, then it is too late! Time and time again, we’ve accurately predicted the rising threats and the signs of upcoming devastating cyberattacks in our yearly and quarterly global threat landscape reports. Yet, many don’t act on this vital report for information on the evolving threat landscape and yet choose to disregard it, pay for ineffective services or even outdated ones without realizing the negative impacts! The dangers of even the tiniest oversight far outweigh the risk of a full-blown cyberattack.

Examples of such instances have been witnessed regularly in the past couple of months, to name a few:

  • The ransomware attack on JBS ($11M)
  • The ransomware attack on Colonial Pipeline ($4.4M)
  • The data breach at Volkswagen impacting 3.3M Americans.

The fact that all the antecedent incidents took place in the last 45 days brings about the seriousness and the gravity of the situation. A more concerning fact is that most still can’t weigh in all the factors affecting them like, the strain on the cybersecurity teams working remotely, the risks of a hybrid workplace and the threats of supply chain poisoning. The risks and dangers of the ongoing asymmetrical warfare to disrupt, destabilize, and monetize cannot further exaggerate the grave situation. The only question now that remains is, can your stronghold withstand the complete might of such cyberattacks?

Talk to us today

What the headlines don’t tell you about IoT and OT cybersecurity

In the last five weeks, we have seen a series of businesses globally being targeted by cybercriminals and state-backed groups. Discussions on cybersecurity are being taken up at the highest levels of governments and regulatory bodies and we are in for a major overhaul of existing compliance mandates across countries before 2021 ends.

What the headlines don’t tell you is the increasing levels of reconnaissance activity taking place around the world.

  • 33 new and highly sophisticated reconnaissance malware has been detected in April and May this year
  • Advanced malware with mixed codes and genetic make-up detected in 16 instances
  • Increasing reconnaissance indicates increased hacker activity and interest and they may strike again soon

The implications for your business are significant. To keep such threats at bay, you need to ramp up your cybersecurity posture.

blog image

Subex Secure is here to help your institution. We have a non-intrusive cybersecurity solution with advanced AI that compliments one of the world’s most powerful threat intelligence backends. This allows you to act in real-time and prevent threat actors and malware from gaining access to critical and non-critical systems. It can even detect and mitigate stealthy malware that can linger for months and pose a bigger threat in the long run.

Our solution works with the biggest set of threat libraries. It can detect and neutralize threats across environments and deployments without allowing any upstream or downstream movement of malware. The Subex Secure suite includes these modules and products:

It covers everything from penetration testing of network vulnerabilities, network device discovery and mapping, implementing zero trust micro-segmentation, threat intelligence, logging for audits, and automated responses to attacks.

Blocking sophisticated threats and keeping cyber risks at bay is now possible with Subex Secure.

Don’t take our word for it. Book a no-obligation demo today to find out how Subex Secure can help your business.

Still paying for fractional cybersecurity? Upgrade now.

Recently a leading oil and gas company in the downstream segment in Europe got hacked. Their cybersecurity vendor was providing perimeter-based security. This meant that when the threat was able to get an entry into the core network through various means, there was no stopping it from causing large-scale disruption.

This also happened to a shipping company early in 2020 and is a trend that has been reported more often than we remember. Half-baked security measures make it easier for hackers to strike at will. It makes your assets lay hostage to the whims of disruptive hackers. Not a place where you want to be.

Subex Secure uses a multi-tier detection and mitigation mechanism to eliminate threats early. From asset discovery to intrusion detection and elimination, our IoT and OT cybersecurity solution covers all bases. This means that your enterprise always keeps hackers at bay. Subex Secure is powered by the largest and most adaptive threat intelligence gathering facility in the world. This means accurate detection and prevention of fatigue among your cybersecurity team.

Subex Secure ensures:

  • Comprehensive threat detection using multiple frameworks.
  • Detection of rogue devices and anomalous network behaviors early.
  • Remediation of threats and elimination of associated risk.
  • Prevention of lateral movement of malware.
  • Critical infrastructure grade security.
  • Reduced load on your cybersecurity team.

Don’t take our word for it. Try out Subex Secure for yourself through a no obligation demo, today. Schedule a demo

If you are at GISEC 2021 in Dubai this week, drop by Booth number SS1-29 and get free consultation aid from our critical infrastructure cybersecurity experts.

Don’t opt for fractional cybersecurity, go for fully functional cybersecurity with Subex Secure.

The Further you delay, the greater the threat becomes. Subex Secure can help detect threats in real time and mitigate them immediately.

Schedule a demo

Cyberattacks on IoT and OT deployments in the Middle East point to the need to harden security measures

In the last two weeks, our honeypot locations across the Middle East region have recorded a huge spike in cyberattacks on IoT and OT installations. In the UAE alone, the number of cyberattacks recorded has risen by over 145 percent in the last 7 days. This number is expected to rise in the coming days as we could be witnessing the start of a wave of cyberattacks designed to take advantage of the recent geopolitical situation in the region.

Segments such as smart cities, oil, and gas, shipping, and healthcare are on the radar of hackers. Using sophisticated malware and breach tactics including social engineering, privilege mining, and supply chain poisoning, hackers are now able to access and exploit core systems. In addition to shop floor operations, monitoring, and data gathering functions, even employee safety mechanisms are getting impacted due to the actions of these hackers.

Persistent reconnaissance using stealthy malware is causing data leakage and this is becoming a new concern for businesses that are now getting back on their feet after the pandemic.

Subex Secure has the wherewithal to prevent such targeted attacks. Through our IoT and OT cybersecurity solutions, threat intelligence offering, and SoC services, we can protect your assets, data, and infrastructure. Armed with features such as asset discovery, prevention of lateral movement of malware, three-phase threat detection to detect and contain threats early, Subex Secure can keep hackers and malware at bay to keep your business safe.

To learn more, do drop by booth number: SS1-29 at GISEC 2021 where you can consult our IoT and OT cybersecurity experts for free and learn about how your business can improve its cybersecurity posture.

We look forward to hosting you at our booth. See you soon.

Get your free Pass today for GISEC 2021 today!

Free Pass

Colonial pipeline cyberattack: how to prevent such episodes?

While the colonial pipeline cyberattack has brought in a renewed interest in critical infrastructure cybersecurity, it is important to note that from the year 2015, there have been cyberattacks of low magnitude recorded globally. These include reconnaissance attacks as well as disruptive attacks. Such cyberattacks have gradually expanded in scale and intensity in recent times. In the pandemic era, hackers have shown a new level of zeal in attacking critical infrastructure deployments globally.

Why are the hackers turning so confident and how can their disruptive tactics be challenged and thwarted? Let us examine some ways.

On Friday (May 7th), The Colonial Pipeline that carries 2.5 million barrels a day which accounts for 45% of the US East Coast’s supply of diesel, petrol, and jet fuel was taken offline by its operator after a ransomware attack. The FBI has officially confirmed that it is investigating the incident along with the operator and various government agencies are chipping in to help.

Attacks on critical infrastructure have risen significantly in the last two years. The increase in the number of Advanced Persistent Threat groups, threat actors with access to sophisticated tools and tactics, and the emergence of independent actors have all contributed to this trend. Here are a few more reasons for the rising attacks on critical infrastructure:

  • APT actors started monetizing cyberattacks in 2020. This could be because some of the state-backed hackers found their funding reduced in the pandemic era.
  • Extensive reconnaissance activity in 2018.,2019 and 2020 enabled hackers to get plenty of network and privilege information that is now being used by hackers to exploit networks and assets.
  • Evolution of complex and hard-to-detect ransomware. Malware developers are now merging the capabilities of various malware to evolve hybrid variants that are hard to detect and contain.
  • Employees working remotely using access facilitated by unmonitored networks.
  • The year 2020 also saw the weaponization of the greatest number of vulnerabilities.


Addressing the critical infrastructure cybersecurity challenge

Among the many measures that can be deployed to prevent such large-scale breaches and disruption, one approach stands out. Defense-in-depth, which involves building multiple layers of opportunities to detect attacks early and prevent them can help critical infrastructure operators expand the gap between critical assets and hackers.

In addition, to countermeasures, defense in depth also covers the adoption of a rigorous compliance mandate that includes reliability regulations at various levels, preparation efforts, and enhancement of employee skills to strengthen the mechanism to prepare for, respond to and recover from any incident with minimal or no disruption.

Without such holistic measures, the fight against cybercriminals and state-backed threat actors will always yield partial results and lead to the emergence of more emboldened hackers in the future.

The clock is ticking.

The Further you delay, the greater the threat becomes. Subex Secure can help detect threats in real time and mitigate them immediately.

Schedule a demo

IoT security: a challenge and an opportunity

A recent whitepaper by ABI Research talks about the need to tackle IoT security uniformly to prevent it from forcing a chokehold on IoT implementations. This report also underscores the need for having “some form of autonomous network security, threat monitoring, and remediation as a part of the overall IT security budget for any new IoT application”.

According to Subex’s latest threat landscape report, there has been a 381 percent increase in cyberattacks in the year 2020. Such attacks have been facilitated by various factors including a lack of a coherent framework and mechanism for autonomous management of threats. This factor alone has gathered plenty of attention last year thanks to the overworked and fatigued Security Operations Center (SOC) teams. With the threat environment globally shifting towards the rising diversity and sophistication of cyberattacks, the need to improve the overall institutional cyber resilience posture has never been greater.

With the rise in stealthy malware, the threat of reconnaissance has increased significantly. Further, the increase in the number of active Advanced Persistent Threat (APT) actors operating with hard-to-detect malware and breach tactics have also gone up. In April 2020, we were tracking 37 active APT groups across regions. As of April 29, 2021, that number has gone up to 43. Many members of APT groups are also operating independently and offering their skills and services for various hacking projects across the globe.

IoT security: a challenge and an opportunity

As more enterprises start adopting IoT as part of their digital transformation projects and other remote infrastructure management initiatives, the threat actors have got a head start. New IoT projects and proof of concept deployments are already in the crosshairs of these actors.

Now that we have a context for the rise in cyberattacks and cybercrime, let us take a closer look at one of the strategic recommendations made in this whitepaper. On page 8, it advises companies to separate IoT management from IoT security with help from leveraging data. According to ABI, many companies confuse IoT management and IoT security. The latter is considered as a component of the former but giving security individual attention is always a great idea.

A security-first mindset prioritizes and lays the foundation for proper scaling by protecting core operations and functionality. Leveraging your own data via machine learning and using intelligent network security will mitigate overall cybersecurity risks in IoT networks as they scale. This will not only positively impact RoI but will avoid future catastrophic issues that can sink companies. This is a recommendation we at Subex Secure have been making for a while. Autonomous remediation powered by an intelligent network security approach is what is needed in these times to secure value, capital, and assets.

Read the Global IoT Threat Landscape Report to learn more!

The Global Threat Landscape Report

Why the oil and gas sector is experiencing a spurt in cyberattacks

Last week (the week of 19th April), the oil and gas sector was attacked 12 million times and we are talking only about sophisticated attacks here. The attackers were using sophisticated malware and breach tactics to create multiple breaches thereby increasing the chances of a successful attack. As this vital sector tries to get back on its feet, threat actors are already working hard to derail the recovery efforts.

So why is this sector getting attacked so often and with such high levels of persistence?

There are six reasons for this.

  • Hackers have been able to study the oil and gas infrastructure and vulnerabilities extensively in the last 24 months and are using that information to target oil and gas companies. Most of this work was done using reconnaissance malware.
  • Breached data that is already available on the Dark Web and other forums are being used in some of these attacks.
  • APT actors have started showing more interest in oil and gas operations of companies located in the Middle East, USA, and the UK
  • The incidence of new malware used in these attacks is low right now (less than 2 percent). Most of these attacks were carried out using variants of know malware such as Jigsaw, NotPetya, Ryuk, Ekanas, and Tesla malware. The morphological aspects of these malware were modified suitably to help them evade signature-based detection systems.
  • Stretched Security Operations Center teams and systems being brought online after long hiatus without applying patches and updates.
  • Modification of privileges to account for employees working from home.


Subex has extensive experience in detecting and preventing such sophisticated attacks. In addition to our threat intelligence gathering infrastructure that generates real-time and multi-sectoral threat intelligence we also have an IoT and OT security solution that can secure your assets, data, and infrastructure from these attacks.

Talk to us today to learn how you can defend your upstream, midstream, and downstream assets.

To learn more of the best practices download the white paper on Cybersecurity approaches for the Oil and gas Industry.

Download Now

Rising cyberattacks in 2021 and its link to data stolen in 2020

Integrated digital production footprint, unsecured data centers hosting data from multiple technology streams such as IoT, OT and IT, and rapid ingress of new and emerging tech are creating new vulnerabilities that are persistent and disruptive.

Consider these scenarios:

  • A connected component within a network can give cyber criminals access to a larger network. A single vulnerability can thus serve as a beachhead for a multitude of attacks.
  • Distracted employees may unintentionally download malware, leave ports open or ignore signs of a data breach.
  • The addition of new and untested components could create new vulnerabilities as these could be pre-rigged with trojans.
  • Cybersecurity teams are struggling to handle an explosion of attack surfaces in the aftermath of the ongoing pandemic.

In the first three months of 2021, cyberattacks have grown by 381 percent globally. Such attacks have been facilitated by data stolen and transferred in 2020 and unfixed vulnerabilities.  This is according to our threat research team. Learn more about the research on The Global Threat Landscape Report .

Subex Secure is a specialist in protecting your IoT and OT infrastructure from cyberattacks. Our cybersecurity solution Subex Secure protects infrastructure, assets, data, and networks. It is a three-tier threat detection feature that identifies and flags threats early preventing lateral movement of malware. It can also discover rogue devices and mitigate threats.

Talk to us about improving your cybersecurity posture and eliminate cyberthreats immediately.

Schedule a demo

Cybersecurity in the oil and gas industry

In the last 9 months, cyber attacks on global oil and gas companies have grown significantly. Over 20 percent of the total attacks are directed towards upstream companies with up to 7 percent of the attacks targeting exploration activities exclusively. This translates to just over 5 million sophisticated attacks each day. This data is from Subex’s research.

Using a mix of social engineering, insider extortion and complex malware deployment chains, hackers are able to create breaches and deploy multi-modal malware with ease. Hackers have also figured out ways to use the distraction created by local, regional or global events such as the ongoing Covid-19 pandemic to their advantage.

By deploying complex malware and breach tactics, hackers and malware developers are able to harvest information in batches from oil and gas companies. The information exfiltrated includes:

  • Information on geological profile, reserve type, production capabilities
  • Basin modeling information
  • Well locations and seismic information.
  • Information on whether the oil and gas company decides to go ahead with the lease or surrender the area
  • Economic analysis data including probability of hypothetical reserves transitioning into proven ones.

Such data breaches is then used to extort money or sold to competitors, traders and other parties who can further monetize the information and further their own interests.

In some countries, hackers use cyberattacks to launch cyber kinetic attacks as well. Oil refineries and pipelines have been targeted extensively in the last 28 months.

Oil companies are also targeted in a systematic and coordinated manner across various streams. Beyond oil exploration, refining, transport, storage and supply infrastructure are also on the radar of hackers. Use of Internet of Things (IoT), Operational Technologies (OT) and Information Technology (IT) and convergence of these technologies creates islands of vulnerability.

You can learn more about ways to cyber secure your assets, operations, and infrastructure here.

Subex is working with oil and gas companies across the globe. We are securing their upstream, midstream and downstream operations and infrastructure.

Secure your Company using Subex Secure’s Solutions and deter Cyberthreats immediately.

Schedule a demo

Have you been breached? Watch out for these Indicators of Compromise.

It is the season of breaches and hackers are operating with impunity. Continuing from their success in breaching many organizations through social engineering, digital extortion, and data theft, these hackers have now become more brazen. With businesses still dealing with the aftermath of the ongoing pandemic and with diffused workforces operating from unmonitored environments,  hackers have never had it so good. This trend is expected to play out for the rest of 2021.

These attacks are also facilitated by enterprises that miss out on initial Indicators of Compromise. If the attacks are scuttled during the reconnaissance phase itself, the impact of such attacks can be minimized and this will deter hackers to some extent. However, if the attacks slip through, then not just will a major cyberattack be imminent, but your data could already be in the hands of data brokers who would have taken steps to monetize it or even sell it back to you for a ransom payout.

This is therefore the time to work towards securing your assets and infrastructure and watch out for indicators of breach and compromise. You need to act immediately if you record any of these signs:

  • Changes in the number of devices, device signature changes, and other anomalies
  • The appearance of spurious domain names similar to yours online.
  • Change in email behaviors and download patterns.
  • Unprecedented activity connections from atypical ports
  • Unknown protocol communications
  • Unauthorized download of remote access tools
  • Mismatch in requests for downloading specific files.
  • Anomalies in the outbound traffic pattern
  • Low-intensity attack that is detected. This usually means the hackers are testing your cybersecurity response mechanisms to fashion a custom attack.
  • The appearance of unauthorized tools such as those related to network and port scanning.

Subex Secure is a proven and hardened IoT and OT cybersecurity solution that can secure networks, devices, and converged environments. Features such as early threat detection, device discovery vertical-specific threat intelligence, and a high level of anomaly sensitivity render it a vital piece of your cyber armor.

We can set up a no-obligation proof of concept demo to show how it can protect your business. Talk to us now. Don’t wait till you are breached.

Schedule a demo

Get Started with Subex

Schedule a Demo
close slider

    I consent to receive communications from Subex Limited. Confirm Opt-In