Category Archives: IoT

Rising cyber-attacks on vaccine manufacturers: what lurks behind the screen?

The latest edition of Subex’s threat landscape report has extensively highlighted the growing attacks on pharmaceutical companies. This includes companies that are manufacturing the Covid-19 vaccines in 5 countries. This list includes India, United States, UK, South Korea, and Germany.

To offer an answer, we have to go back to 2015. On a particularly cold day in December, in the Ivano-Frankivsk region of Western Ukraine, computer screens connected to breakers came alive and started shutting down one substation after the other. Desperate plant employees tried to wrestle back control but with little success. In a few hours, more distribution centers went offline and almost 230,000 people were left in the dark.

This is an attack that everyone remembers and is almost considered as 9/11 among cyberattacks. While this cyberattack taught cyber defenders a few lessons, the hackers were able to learn a few things as well. After this attack, many APT groups invested heavily in evolving and propagating reconnaissance malware. Even malware that was being sold in closed forums was trojanized to leave backdoors open for malware developers to conduct reconnaissance operations on networks they were not targeting.

Within just a few years, many groups, therefore, stockpiled billions of bytes of stolen credentials, network security measures, vulnerabilities, and more. As Subex’s threat research report from 2019 points out, the number of reconnaissance attacks has been climbing at an exponential pace since 2015. This means that hackers are keeping tabs on everything in cyberspace from their bunkers waiting for a good opportunity to come by for them to unleash mayhem.

In the case of the pharma companies, the increased focus on vaccine production presented one such opportunity. So here are the reasons why the attacks on vaccine manufacturers increased significantly in 2020:

  • Disrupting either supply chains or manufacturing processes could potentially prolong the battle against Covid-19. This means that potential targets of hackers (including other businesses, governments, oil and gas companies etc.,) will remain in a state of disruption for a prolonged period. Without a significant proportion of the world population being vaccinated, we cannot even begin to imagine the pandemic being defeated.
  • North Korea: the second cluster of APT actors that is based in this country loves to attack anything that is at the center of world attention.
  • One of the attacks was traced to a country that was not given sufficient doses of these vaccines and these cyberattacks were done in retaliation.
  • Because companies are not paying enough attention to reconnaissance attacks, they are allowing hackers to do more damage in the long run

Even in the case of the recent cyberattacks on the Mumbai power grid, there are indications that if the cyberattack had actually happened, the attack was carried out after at least 3 years of intense reconnaissance activity by the threat actors involved.

Download the latest edition of Subex’s threat landscape report.

Rising IoT and OT Cyberthreats: Code Orange declared

As a new month emerges, it is time to revisit institutional cybersecurity practices and align it with the threat levels in cyberspace. For the second month in a row, the threat research team of Subex Secure reported a steep rise in cyberattacks. There is also increased appearance of certain code words in the Dark Web and hacker forums that point to an imminent increase in cyber risks and the threat of a major cyberattack.

This means increased risk of sophisticated cyberattacks, hacking, malicious activity, leading to a significant compromise in core systems and infrastructure as also service outages due to Denial-of-Service attacks. Increasing threats so early this year clearly indicates the need to be on alert and increase cyber vigil.

The above trends could be attributed to these developments that manifested in the second half of 2020:

  • Successful breaches have led to hackers getting hold of network and core infrastructure information and possibly even credentials.
  • Extensive supply chain poisoning carried out by state-backed actors have led to a significant degradation of the overall cybersecurity posture of businesses, governments, and large enterprises.
  • Hackers have learnt a lot in 2020. They have done their homework and have collected reams of information of human behavior in various scenarios in order to engineer an insider-driven breach through psyops techniques.
  • Industrial control systems, unsecured data lakes, network gateways low power IoT devices and even secluded networks have turned into easy targets for hackers.

Subex Secure can help detect and prevent these attacks. Our offerings include an IoT-OT cybersecurity solution, a threat intelligence product, in-situ, greenfield and ex-situ SOC services.

We can set up a free and no obligation demo for your team to showcase these capabilities for you. Connect with us, here.

Social media platforms add another layer of complexity to cyberattacks.

With increased monitoring of the Dark Web by CERT teams and cybersecurity agencies, hackers have started using social media more extensively for targeting, collaboration, ransom extraction, and other activities. Subex Secure’s research team has reported multiple instances of breaches being coordinated through social media by malware developers and hackers.

In addition to documenting multiple instances of usage of various social media platforms, the report also outlines how a new breed of enablers has emerged on the scene. These enablers are helping hackers identify targets, hack them, handle their data, and conduct ransom negotiations for monetary consideration.

The role of social media in enabling episodes of massive hacking will expand in 2021 and we are already seeing signs of reconnaissance activity tied to social media as also the appearance of malicious links that are being passed around to lure potential victims.

These are some of the findings of Subex Secure’s threat research team on the use of social media for cyber-attacks:

  • Dormant accounts that have not been active in a long time and have easy to hack passwords are being hacked into to use to promote fake news and malicious malware-laden links.
  • About 31 percent of all attacks recorded by us has some links to social media
  • The recent instance of hackers taking over social accounts of celebrities indicates the level of sophistication of these hackers and their tactics.
  • Social media is also being used to generate traffic for malicious websites to improve their search engine ranking.
  • We also recorded 27 instances of dumping of stolen data on social media platforms. The data owners were immediately notified.
  • The digital footprint and social media presence of employees connected with managing power grids, ports, defense manufacturers, water treatment plants, power plants, and other elements of critical infrastructure are being monitored by hackers.

You can read more about these findings and our analysis in the report next month.

To pre-book your copy of the report, give us a shout at

Cyberwarfare actors threaten digital transformation success

Last week we spoke about business risks emerging from the convergence of technologies. This week we are throwing some light on how geopolitical conflicts between nations are spilling over into cyberspace and causing significant losses to businesses that are not connected in any way to these conflicts.

State back Advanced Persistent Threat (APT) actors are increasingly targeting non-critical sectors and business infrastructure across the globe.  The objectives seem to be:

  • Exfiltrate data to keep tabs on the manufacturing capabilities of countries competing in open markets
  • Test the potency of test malware and weaponized communication means
  • Use the technology infrastructure in the target companies to launch attacks on other businesses in the country
  • Study the digital footprints and architectures of existing and new pieces of hardware and create rouge digital twins to fool perimeter-based cybersecurity systems

With the convergence of tech and lack of integrated cybersecurity and means to prevent lateral movement of malware, many digital transformation projects are sitting ducks for APT groups and unaffiliated malware developers.

It is therefore essential to plug such gaps to secure your digital infrastructure. Follow these steps to secure your infrastructure:

  • Be asset-aware: know which devices and networks are always connected
  • Prepare a risk-vulnerability matrix
  • Treat cyber resilience as a phased activity
  • Classify and segregate assets and networks that connect to them
  • Conduct periodic security and vulnerability analysis
  • Harden configurations, networks, and processes periodically as a rule

Subex Secure has been securing complex digital transformation projects involving the Internet of Things (IoT) and Operational Technologies (OT) for a while. We have a solution that can detect and flag threats early, prevent lateral movement of malware and help detect rogue and fake devices trying to latch on to your network.

You can find out more about our capabilities here.

Nat will be glad to help in case you wish to learn more. You can drop her a line:

Are you facing this cybersecurity challenge as well?

In addition to the threats to the Internet of Things (IoT), Operational technologies (OT) and Industrial Communication Systems, and Information Tech infrastructure, the convergence of these tech steams also exponentially increases the risks associated with them.

Businesses are indeed struggling to identify the right model that blends people, processes, and technology convergence to maximize efficiency while minimizing threats and so far this seems to be as elusive as the proverbial holy grail.

  • 7 out of 10 businesses we spoke to last year in November had attained some level of operational convergence across technologies but only 2 were addressing the threats arising out of them
  • IT-IoT and IT-OT convergence were of concern to most businesses, but they didn’t have enough actionable insights to do something about it
  • In the last 6 months, businesses hosting multiple technologies were found to be targeted using unique malware such as those that move laterally
  • Overall, convergence was found to degrade the overall cybersecurity posture of an entity significantly

Subex has understood the threats connected with converged environments well. This is why our IoT and OT cybersecurity solution is crafted to address the unique threats that come with convergence involving IoT and OT.

Our suite of offerings also includes cyber deception and security operations center solutions to improve your cybersecurity posture significantly.

If you wish to talk to us to find out more, let us know and we will schedule a discussion at a time of your convenience to give you data points on threats and risks specific to your business and ready to deploy strategies to lend depth to your cybersecurity posture.

7 Petabytes of unclaimed Data indicate a productive year for hackers!

In 2020, over 7 petabytes of new data dumps were discovered across the Dark Web. This included passwords, confidential proprietary information, and data that could make a significant impact on business. This is a huge increase from over 3 petabytes discovered in 2019 and points to some startling conclusions:

  • Hackers have diversified their targets
  • These discoveries are just the tip of the iceberg. More data might
  • For some of the data, the victims could have ended up paying a ransom but still had their information exposed

While cybersecurity investments are going to increase in 2021, so are the threats. Misinformation, new variants of ransomware, new backdoors, and increasing sophistication of cyberattacks will together create new fault lines in the cyber armor of businesses. Beyond these trends, new batches of hackers and state-sponsored APT groups will also get active this year adding to the risks and threats already identified.

With the rollout of 5G gathering momentum, the focus will shift to targeting data at rest while infiltrating data in motion.

On the Operational Technology side, Information and Communication Systems (ICS) and controllers will face the brunt of multi-stage and deceptive cyberattacks. It is essential to understand these threats before you start addressing them at an institutional, leadership, employee, infrastructure, or vendor level.

Subex has been at the forefront of cybersecurity for over four years now. Last year, in December alone, we prevented over 17.3 billion sophisticated cyberattacks through our IoT and OT cybersecurity solution Subex Secure, our cyber deception offering Subex Secure Honeypot, and our managed security services.

Throughout 2020, we helped the cybersecurity teams of businesses offload their priorities to us while they focused on steering their organizations through some testing times.

None of our customers were breached in any way in 2020 and their data and assets remain safe.

We encourage you to continue investing in cybersecurity measures while increasing employee sensitivity, building, and evolving cyber resilience measures, and staying alert and vigilant.

Nat will be glad to help in case you wish to learn more. You can drop her a line:

Summarizing January 2021, the cost of Cyberattacks thus far!

Cybersecurity lapses are expected to cost the world trillions in lost revenue in 2021. So how has 2021 turned out so far? Here are a few statistics put together by Subex’s research team based on data gathered from public sources.

• Cybercrime has already cost global businesses nearly USD 397 million so far
• The above number includes the cost of breaches in terms of lost revenue and recovery costs, ransom payouts, and cost of data leaked by hackers
• In the first month of the year, while the number of reported breaches came down, the number of successful breaches leading to data leaks has increased by 23 percent
• 15 new families of IoT devices added to those that were breached in 2021
• On the OT side, attacks on ICS and SCADA systems has risen significantly
• 1 new APT actor detected in the Asia-Pacific region

These developments have a bearing on your institutional cybersecurity posture and pose a significant threat to your business. In addition to the threat landscape, there are also internal cybersecurity challenges that will have to be addressed on priority in order to script a coherent institutional cyber resilience narrative.

Talk to us
Subex has been at the forefront of securing businesses across the globe. We simplify cyber resilience and cyber defense through our offerings. Subex Secure, an IoT and OT cybersecurity solution work across four levels to secure your assets from cyber threats and sophisticated attacks. Our cyber deflection solution Subex Honeypot can help you divert and study cyberattacks while keeping your core infrastructure safe. Our managed security services help in offloading your cybersecurity monitoring and management efforts helping you focus on other areas of business and market priority.

We understand these threats and know how to manage them.

Nat will be glad to help in case you wish to learn more. You can drop her a line:

Why 2021 could be the best year yet for Cybersecurity for your business

Yes, you have heard it right. After all the bad news that we heard in 2020 ending with the SolarWinds episode in December, it is now time to set things moving in the right direction. Five things went wrong in 2020:

  • Significant distraction and disruption caused by the Covid-19 pandemic induced changes at the workplace
  • Cybersecurity was not given enough attention from a resourcing perspective globally
  • Tech teams were not imaginative enough to figure out what could be attacked
  • Employees were not sensitized enough on the need to remain cyber aware
  • 600 percent rise in stolen data appearing online as per Subex’s threat research team

The New Year gives us a chance to fix and improve our cybersecurity posture. Last week we told you about 5 cost-effective and easy ways to do that. Beyond these measures, this is also the right time to look at revamping your cybersecurity priorities and paying attention to the right areas. Subex’s threat research team has found that the volume of cyberattacks has reduced in the last 10 days but is expected to pick up as we approach February 2021.

February has traditionally seen the launch of new malware and new methods of cyberattacks by hackers. So, it is not advisable to wait till then to build cyber resilience. A discussion with our experts will help you reach there faster.

Subex has been protecting cyberspace for a while now. Our IoT and OT cybersecurity solutions along with SOC services and a cyber deception solution can go a long way in protecting your business.
All our customers stayed safe in 2020 and were able to focus on their business priorities.  You can learn more about them here, here, and here.

Don’t let the hackers gain an upper hand.

Nat will be glad to help in case you wish to learn more. You can drop her a line:

5 Easy and cost-effective ways to stay Cyber Safe in 2021

A new year has arrived and how will things change this year as far as cybersecurity is concerned? An analysis of data on cyberattacks in 2020 might point to some answers.

In 2020, as in the years before, businesses that were distracted didn’t prioritize cybersecurity and didn’t invest in sensitizing employees on various aspects of cybersecurity were targeted. Hackers were studying such businesses for a while and when the pandemic arrived, they got a break they were waiting for. The shift in network environments, remote access, and devices operating out of unmonitored environments and a high sense of distraction gave the hackers what they wanted – an opportunity to strike.

So how do you work towards staying secure in 2021? Here are 5 cost-effective ways of doing that:

Develop in-house expertise: identify employees across departments who will champion cybersecurity.

Visualize and drill extreme scenarios: even a moderate cyberattack can cause significant monetary losses. Conduct cybersecurity drills regularly across departments. Such drills should start/end by painting a bleak scenario of how bad things will be if a cyberattack succeeds. This includes loss of clients, potential revenue, hardware, and yes jobs too. Employees should be sensitized about these losses.

Set a budget aside for recovering from cyberattacks: in case this budget is not used, it can be disbursed as an increment or a bonus among employees at the end of a calendar/fiscal year or it can be rolled over into the next year.

Promote a culture of cyber hygiene: reward employees who report phishing or other types of attacks.

Sacrifice comfort for security: storing passwords, use of default passwords and other practices should be banned, and repeat offenders should be made to undergo a deep course in cybersecurity.

Take small but visible steps with discipline: your organization won’t turn into a cybersecure one overnight. Invest in bringing in a culture of cybersecurity backed by a strong commitment from all levels working together to realize small yet important steps towards cybersecurity.

We are the people to talk to for taking your institutional security a few notches higher.

You can visit us here to know more about our offerings or drop us a line to to know more.


Cybersecurity plans for the Year 2021

From every perspective 2020 was a tough year and the demands businesses and markets had from leaders was never this high and engaging.

To help prepare for 2021, we have put together some of our most popular cybersecurity content. We hope these will feed into your cybersecurity plans for the New Year.

We began the year by preparing a comprehensive evaluation of the global threat environment. As much as 79 percent of the predictions made by us in this report were realized this year in batches. Subex was among the first OT and IoT cybersecurity vendors to draw a correlation between the onset of the Covid-19 pandemic and its implications for the digital world. Our first advisory on this event was issued in February 2020.

To keep up with the pace at which malware developers were launching new and modified malware, we published a number of malware reports throughout the year.  From the feedback we received from the industry and other stakeholders, we are happy to report that these reports helped many leaders firm up their cybersecurity posture.

We also published a few case studies to highlight the challenges we are solving for our customers. You can find them here, here and here.

To cover threats surrounding 5G and IoT we joined hands with industry body GSMA to do a webinar with industry experts. On this occasion we did a deep dive on IoT and OT security to help stakeholders understand specific interventions needed to secure installations.

We also brought out a series of blogs that investigated aspects of cyber resilience, data theft, basic cybersecurity mistakes, cyber espionage and pandemic-era cybersecurity. We are ending the year with a series of blogs on predictions and things to do to stay secure in 2021.

We hope you find these curated content pieces relevant and informative.

Nat will be glad to help in case you wish to learn more. You can drop her a line:

Get Started with Subex

Schedule a Demo
close slider

    I consent to receive communications from Subex Limited. Confirm Opt-In