menu-close
search-icon
banner

Category Archives: IoT

The SolarWinds cyberattack episode has just begun unraveling

The worst could be yet to come.

As the events unfold, the full impact of the layered cyberattack on the Austin-based IT management software firm’s customers will be felt well into the next five years or beyond. Here is what we know so far:

  • It is clearly among the biggest ever cyberattacks on the US government
  • According to reports, over 400 of the Fortune 500 companies in the US and top 10 telcos have all been impacted
  • A ‘trojanized’ software update was used to install the sunburst malware into a commonly used IT management and monitoring software
  • The update was installed by as many as 18,000 customers using the software
  • Parts of US Treasury, Department of Commerce, Department of Homeland Security, and the Pentagon have all been targeted and have borne the brunt of the attack
  • This is an example of a ‘supply-chain’ attack wherein the intended target is attacked through vendors or third-parties who have some connection with the core networks and IT infrastructure of the intended victim
  • A different threat actor was found to have deployed another malware during the same episode
  • Discussions on the litigation fallout have begun and are moving in the direction of a Class action suit

Companies across the US are on a state of high alert. The ones affected by this cyber attack will have to spend time, effort and money in cleaning up as also in shoring up their defenses to avoid any secondary attacks or release of data. These attacks have brought cybersecurity to the forefront of strategic attention from businesses everywhere.

In a tough year, where multiple vendors including Subex had issued a range of cyber attack advisories from as early as March, this was not an unanticipated attack but what is shocking is the scale and the modus operandi used by the alleged state-backed hackers who are supposed to be behind the episode. While cybersecurity governance questions are being asked, one thing is clear, there is a lot more that needs to be done to prevent and deter such attacks in the future:

  • The threat actor involved in SolarWinds attack demonstrated patience, sophistication, and tactics so removing them from the compromised environments will be a tough task. If such efforts (that are now needed in the cleanup effort) were put in securing enterprises with diligence, then post-facto efforts won’t be needed.
  • Securing your organizational assets cannot be considered a one-horse race. Instead, the challenge has to be addressed at multiple levels. Vectors of vulnerabilities known and unknown are everywhere and they need to be addressed at the government, institutional and employee levels. Within organizations, multiple strategies and tactics need to be adopted
  • A two-way authentication will go a long way in securing assets and blocking malicious users
  • Implement a Zero trust-based approach especially for those services that reside on/are accessed from the cloud or those where the updates are forced across a multitude of devices without human intervention
  • Code-Orange should be the normal threat perception level. With the prevalence of threat actors, state-backed APT groups, independent actors, and disgruntled stakeholders, it is always important to be at the highest level of alert.

The SolarWinds attack has set the agenda for 2021. While nations and businesses start transitioning out of the Covid-19 induced economic and business slowdown, inadequate attention to cybersecurity could not just slow down these recovery efforts but could also harm reputations beyond repair prolonging the impact.

Nat will be glad to help in case you wish to learn more. You can drop her a line: natalie.smith@subex.com.

What the SolarWinds episode has taught us so far

Unless you have been on a digital detox vacation, you must have heard of the SolarWinds breach. Just to refresh your memory, multiple US government agencies were compromised by pushing a trojanized update. Post installation, this update allowed the hacker to conduct multi-level reconnaissance, modify user privileges, move laterally into other critical environments and compromise the data.

The scope and scale of this breach has ‘shaken cyber defenders and governments alike. It is now time to focus on the takeaways from this incident.

  • Cyber supply chain awareness: a dual-purpose risk assesment should be conducted to assess the state of security emanating from third-party solutions and evaluating the implications of such risks
  • Finding the right cybersecurity models: such models and frameworks should be able to uncover security gaps and prioritize them. Businesses should work towards constantly reviewing these models while keeping their risk appetite to the lowest level possible
  • There is no ‘business as usual’ for cybersecurity: in 2021, the new normal will be about being cyber risk aware at all times. Cybersecurity teams will have to overwork their imaginations to identify new sources of vulnerabilities
  • Developer access management: the backdoor introduced by the hacker must have been in a file not often accessed by developers (a developers account must have also been compromised). If developer access was managed diligently and reviewed to check for anomalies, the breach would have been discovered earlier.
  • Trust is dangerous: as many such episodes before have shown, trust should not be be implicit, explicit or stated with caution. Instead trust should be established on a session to session, device to session and connection to connection and time basis. No entity should be allowed to transact for long durations from a position of trust no matter the level of privilege. Zero trust should be the way forward

Subex has been working to secure businesses in all livable continents for over two decades now. Our offerings use a blend of tactics to introduce layered security including discovery of rogue and compromised assets.

As of today, we are securing some of the toughest and hard to secure OT and IOT-based deployments globally. We can help you improve your cybersecurity posture to secure your assets.

In just under 45 minutes, we can tell you how our solution can keep such episodes of grief at bay.

Get in touch with natalie.smith@subex.com  to learn more

Cyber risks: espionage mercenaries, ICS threats and stealthy IoT botnets in the cloud

Cyber mercenaries are targeting industrial control systems (ICS) and IoT deployments like never before. Threat actors are now shifting significant resources to exploit emerging network edge environments. Securing these new environments, including new technologies and converging systems, is more challenging than it may seem.

Ransomware continues to evolve. In 2019, ransomware developers implemented a new strategy to counteract the decision of many organizations to not pay a ransom choosing instead to restore compromised systems on their own.

Now cybercriminals, in addition to encrypting data and systems also post that data on public servers. They then not only demand a ransom but also threaten to publicly release valuable IP and sensitive information if their ransom demands are ignored.

Such changing strategies indicate a high level of investment in studying and investigating not just the cybersecurity systems and responses, but also the organizational motivations that drive decision making.

Subex’s threat researchers have found that ICS are increasingly gathering attention from cyber threat actors.

Cloud IOT Security Solutions

Given the nature of these threats, it becomes imperative to talk to an IoT, OT and cyber deception partner to help you keep these threats at bay. Subex Secure is securing some of the toughest to secure businesses that are using IoT and critical infrastructure across 3 continents.

Nat will be glad to help in case you wish to learn more. You can drop her a line here.

We also encourage you to read our Threat Landscape Report for Q2 2020 here

Who stole my data: Solving the IoT security puzzle!

Internet of Things security is presenting governments and businesses with an unprecedented challenge. Consequently, a largely divided U.S. Congress identified it as a bipartisan issue ready for legislation. Last month, both houses of Congress passed the Internet of Things Cybersecurity Improvement Act recognizing IoT security as a matter of national security.

IoT Security Data Services

Despite all this attention, IoT deployments are still getting breached. In a recent episode, a set of IoT devices (camera with a doorbell) were found sending user credentials to China. The number of IoT-focused attacks hit an all-time high this year underscoring the need for action at all levels. Critical infrastructure components such as industrial control systems (ICS), safety systems, video surveillance systems, and asset tracking systems are now being attacked frequently to enter IT systems to steal data through laterally moving malware.

As the Christmas gifting season appears on the horizon, a new wave of cyberattacks will emerge harnessing gifted connected devices that are less secure. Guess where your stolen data could end up?

Such episodes will repeat till such a time that we prioritize IoT security and embed it by default in every activity from inception.

Subex Secure is here to help
We are today offering critical infrastructure grade security to our customers across the globe. With Subex Secure, you can afford to focus on your core business goals while we protect your assets, data, and infrastructure. Yes, our offerings can go a long way in helping you get more out of your IoT investments without worrying about security. Anything else is a compromise.

Contact sai.kunchapu@subex.com to learn how 30 percent of information security leaders are successfully managing IoT threats and vulnerabilities.

Read our latest threat landscape report to learn about cyber threats you need to know about.

Proof of value: How we helped a leading manufacturer improve their cybersecurity posture and avoid such threats.

Don’t miss this critical cybersecurity requirement

Targeted attacks on supply chains connected with various sectors rose significantly in the last 8 months, according to various research firms. And this is just the tip of the iceberg as these findings relate to existing threats or threats that have been identified.  There could be many new ones lurking in the Dark Web and elsewhere.

Most information security leaders tend to ignore the potency of unknown threats. This is because the security architecture in most enterprises and projects doesn’t permit adequate versatility to understand and identify latent threats to deal with them.  The problem is compounded by security practices based on restrictive network activities at the perimeter rather. This means that a threat that somehow manages to trick the perimeter-based security mechanism is free to wreak havoc inside the core network.

Unfortunately, even the compliance mandates that are prevailing in various countries also fail to encourage businesses and other entities to look into emerging threats through a combination of insights, forecasts, and sheer imagination.

Besides, thanks to the increasing diversity of processes and devices, it is easy to lose track of baseline cybersecurity requirements with every increase in surface area. No matter what your network architecture, industry, or level of security sophistication, gaps could arise during periods of transition, capacity expansion, or infusion of new technology.

Essential cybersecurity nestworks

The addition of IoT exponentially amplifies the threat factor. In another survey, over 70 percent of cybersecurity practitioners reported some level of unfamiliarity with threats that emerge in converged environments spanning IT, OT, and IoT.

Unfortunately, these converged environments represent the event horizon – a vista that presents infinite possibilities for hackers, malware developers, and threat actors to exploit.

Converged environments needn’t be your organizational Achilles heel. Instead, such environments can be harnessed for testing new tech and workflows to improve efficiency, data analytics, and insights as also improving your cybersecurity posture and providing depth to your cyber resilience strategies.

Subex Secure - IOT/OT Cybersecurity Solutions

Connect with natalie.smith@subex.com to learn how you can join 30 percent of leaders who have successfully addressed this threat.

Read our latest threat landscape report here to learn about cyber threats you need to know about.

Proof: How we helped a leading manufacturer improve their cybersecurity posture and avoid such threats

Cybersecurity is key to a successful 5G strategy

5G brings forth new opportunities and threats. While the opportunities are more or less understood, the threats. While new virtualization technologies including software-defined networking (SDN) and network functions virtualization (NFV) are drawing attention and investment, there is no denying that they have raised new security concerns owing to their highly open, flexible, and programmable nature.

Cybersecurity for 5g strategy

Director Chris Krebs from the Cybersecurity and Infrastructure Security Agency (CISA) calls 5G “the single biggest critical infrastructure build that the globe has seen in the last 25 years”–an assessment that isn’t hyperbolic, given the new networks promise to revolutionize everything from IoT, to augmented reality, to farming, while also creating a whole host of new security challenges.

This underscores the importance of 5G security and the need to understand and manage it early. Enabling technologies such as robotics, IoT, IIoT, large scale automation and AI come with a huge dependency on 5G. For projects in these domains to succeed, 5G has to deliver value securely. Sacrificing value for security or sacrificing security for value are not the recommended options. A laser-sharp focus on cybersecurity aligned to outcome priorities is the way forward.

Here are a few points to ponder in this regard. These points were culled from a presentation made by Subex at the “Enterprise 5G: The Edge of Innovation “event in October.

  • 5G innovation within the enterprise space is an area witnessing plenty of action from a strategy and roadmap perspective
  • 5G is secure by design but as the data moves closer to the endpoint, the level and control of security oversight thin out. There was broad consensus on deriving ways in which different players in the market can collaboratively engage to secure the 5G ecosystem
  • What are the challenges in deploying 5G with legacy systems? Though 5G will continue to evolve there may be networks and systems that will still be on traditional networks bringing forth generational security challenges to the fore
  • The new revenue models that 5G will generate will propel massive IoT adoption
  • The success of 5G innovation will have a force multiplier effect on solving various challenges across verticals

Plenty of unknowns will be uncovered as we move forward with the deployment of newer and more robust sub-networks that rely on 5G. We need to be prepared.

In case you want to know more about strategies and solutions to deal with the cybersecurity challenges posed by sequestered 5G deployment, generational vulnerabilities, and cybersecurity innovation for 5G, Natalie Smith will be happy to assist you. Do reach out to her at natalie.smith@subex.com

You can also download a complimentary whitepaper we have prepared for fine-tuning your 5G cybersecurity strategy below.

Download Whitepaper Here!

Pandemic era cybersecurity: types of cyberattacks organizations must be aware of

When the year began, few businesses and cybersecurity vendors had imagined the extent to which the cybercrime landscape globally would deteriorate. Subex’s threat research team had started seeing a clear increase in targeted cyberattacks. We, therefore, decide to call out this trend and in early March, we came out with our first advisory.

The cyberattacks that saw a spike in the last 180 days emerged in two distinct waves. The first wave included more actors, malware, variants of malware, and geographies and was designed to exploit the confusion created by the Covid-19 pandemic. The second wave had lesser moving parts, was more organized, and in many ways built upon the success of the first wave.

Type of Malwae Cyber Attacks

 

From our analysis, the second wave of attacks is still gathering momentum and will continue for at least another 65 days. We expect the attacks to slow and move into reconnaissance mode after that.

Key trends

  • Cyberattacks on Chinese interests globally and in China rise 230 percent
  • The majority of the attacks on China are emerging from just 4 countries
  • Attacks on datacenters and utility firms increase the most
  • Phishing attacks continue to rise
  • Most attacked regions – NA, South-East Asia and the Middle East
  • Attack on pharmaceutical manufacturing companies; increasing rogue activity detected; targets include attempted batch and recipe changes as also operational disruptions to reduce the production capacity
  • Variants of NotPetya are being discovered across manufacturing firms
  • Coronavirus-themed attacks evolve
    The second wave of the Coronavirus-themed attacks grew more specific and potent towards mid-May. Chatter on the Dark Web and closed-door forums picked up indicate that there were many successful breaches in the last 90 days with many firms giving in to the demands of the hackers by meeting the ransom demand placed by hackers. Regional, businesses in Europe handed over the maximum amount in ransom to hackers followed by South East Asia and the Middle-East.
  • In terms of frequency, at least one ransom was paid every 43.2 hours by some company somewhere. In some instances, APT groups in Pakistan, Russia, Iran and some other countries were also involved in multi-stage ransomware attacks. So why have APT groups resorted to monetizing their cyberattacks? One probable reason could be because in the aftermath of Covid-19, many governments have shrunk their black ops/cyber offense budgets and this must have hit the APT groups in countries that were already under sanctions, starved of funds for their cybercrime operations. It seems that some of these countries have authorized monetization of cyberattacks to keep the operations sustainable and to prevent erosion of cyber strike and malware development capabilities.
  • A threat actor based in Somalia/East Africa launched as many as 700,000 attacks in a just under four days and walked away with a huge bounty in ransom. This group seems to have used stolen credentials available on the web along with compromised apps inadvertently installed by victims. This group targeted oil and gas companies in the Middle East.
  • While deflective attacks on critical infrastructure came down this quarter, the attacks on this segment kept on rising. While the initial half of the second wave of attacks on critical infrastructure used Covid-19 themes to a large extend, the latter half of attacks used more targeted messaging and tactics.

IoT and OT cybersecurity solutions and strategies are definitely the need of the hour.

Read more about these threats and security challenges in the latest edition of our Threat Landscape Report for Q2, 2020

How IoT Security Impacts the Telecom Industry

According to our in-house research and published information obtained from research firms, telecom service providers including MVNOs and M2M connectivity providers suffered the highest volume of breach of sensitive customer information through DNS attacks. With the addition of the Internet of Things, data security takes a whole new level of significance for connectivity service providers.

In the last two years, many IoT and critical infrastructure projects involving telcos have been impacted by issues related to loT Connectivity Security leading to delay in project outcomes or projects being abandoned altogether.

This has had a clear impact on the margins of telcos as well since many of these were proof of concept projects that could theoretically have led to an increase in the number of endpoints on their network, increased data consumption, and direct revenue as a result of connectivity and managed services.

It is not just the revenue alone but the credibility and erosion of the enterprise customer base that telcos are staring at. With the emergence of other connectivity options such as satellite-based connectivity service providers, even the marketplace relevance of telcos is threatened.

It is no surprise therefore that telcos are now paying more attention to the machine to machine or M2M security practices, IoT security solutions, and cybersecurity postures that are aligned towards offering better security and assurance to customers. Telcom IoT security has therefore come into prominence like never before.

As the world battles a pandemic, there is another battle going on in parallel. Many enterprises and telcos have reported a surge in Coronavirus themed attacks designed to lure employees into downloading potent malware and application manipulation objects. This threatens telecom networks in a big way and telcos need to adapt their security posture to contain and eradicate this threat. Key elements of this change could include:

  • More focus on early detection and containment of suspicious activity and rogue devices
  • Use a Zero trust approach when it comes to enabling access to network resources
  • Work on segmenting networks or rather micro-segmenting them to prevent lateral movement of malware
  • Sensitize employees and all stakeholders to align them towards heightened awareness of cybersecurity
  • Invest in identifying threats across the spectrum including emerging ones
  • Deploy a cyber resilience strategy that prevents disruption

telcos cybersecurity

Monetizing cybersecurity has been a holy grail of sorts for telcos. On the one hand, they have to deal with meeting their security needs while on the other they have to also ensure that the deployments hosted on their networks are also secure and cyber resilient.

Recently, a leading mobile virtual network operator was able to not just monetize cybersecurity, but also use it as a vector to deepen their existing relationship with premium customers. The result – a significant increase in additional revenue. What’s more, they were also able to stay protected against malware that impaired some of their competitors and their large customers. The average savings per breach ranged from USD 250,000 to over a million. These numbers are rising as the threat environment continues to deteriorate.

The gains lodged from strengthening the profitability of key relationships – priceless. Subex Secure is powering this endeavor.

You can read this unique case study here.

IOT / OT Cybersecurity Company

To know more about Subexsecure’s offerings and to schedule a demo, call: +91 80 6659 8700

Click here to know more about how Subexsecure has been working with telcos across the globe to secure the IoT initiatives adopted by their customers.

Why cybersecurity can be a source of innovation for IoT projects

An interesting survey finding came my way almost a year ago that revealed that as much as 80 percent of projects falling in the Internet of Things domain didn’t utilize their data in its entirity. This means that most of the projects are configured to churn data that is futuristic in nature and may not be of much relevance to the stakeholders in the short run. This leads us to an interesting question. Can this huge volume of data being generated be put to some use after all?

There are various reasons why there is an overflow of data in such projects. The most agreeable one is that business owners are often pre-occupied with the need to get their hands on information that can justify their investments in such projects and in the process ignore data streams that cannot be monetized or deployed to improve efficiency, productivity or preventive maintenance practices. Such a myopic view can indeed lead to value stagnation in the long run for such projects.

A Spanish company had deployed a set of temperature sensors across its offices to monitor the ambient temperature. The data showed the existence of islands of significant temperature variation across floors. The company didn’t invest any time or resources in determining how such differences affect the productivity of employees or outcomes of meetings. Yes it would need a stretch of effort to figure this out but then its not impossible.

In another instance, a well-known retailer in South-East Asia is currently accessing information on supply chain efficiency across various points in the chain using IoT. However, this entity is still ignoring information on ambient weather conditions that are also collected alongside the data gathered by various sensor and device configurations. Again the weather information in this instance could be correlated with supply chain efficiency to determine the best weather conditions for movement of goods and supplies as also to avoid conditions that might adversely impact movement.

There are many such examples of businesses ignoring data already available to further their business interests.

Linking cybersecurity

IoT is one of the few enabling technologies that still have a long way to go when it comes to cybersecurity. Often times, proof of concept projectsrun without security coming into the picture in any form or manner. The capital and resources invested in the project are thus rendered vulnerable to a possible cyberattack. A sizeable one could lead to the project being shelved complety – a possibility that is not just a remote possibility but is happening more often than it should.

Given the significance that security entails,

Cybersecurity could be considered as an avenue for innovation. There is no reason why businesses shouldn’t be thinking and acting this way. Let me elaborate. For one, cybersecurity is all about doing more with all the data available. It is also about getting deeper into data to determine how and why data is behaving the way it is (is it under the influence of malware or has it been subject to some form of compromise?).

Attention to data for purposes of cybersecurity can yield remarkable results. It can make decision makers aware of the quantum and content of data that they are drawing from sensors and devices and therefore put it to better use. Financial services entities and retailers can take the lead in this arena. By making businesses delve deeper into data patterns, organizations are rendered more data-sensitive thereby opening avenues to better use and deploy data. And this could enable competitive differentiation and innovation across the enterprise.

Data awareness could also reduce the rate of failure of proof of concept projects. It could lead to customer delight as well when used in the right way to give actionable data and insights. A large aircraft manufacturer recently found out the hard way how ignoring basic data could be a perilous endeavor. The lesson, therefore, is clear and apparent.

Cybersecurity, when viewed as an enabler of innovation, could also lead to greater investments in time, attention and resources in securing enterprises. This holds good for all businesses irrespective of their size, maturity or market addressed.

To read the latest State of IoT Security reports

Download now!

IoT poised to transform healthcare

Among the sectors where the Internet of Things is offering a non-conventional way to address traditional challenges, healthcare stands out not just in its uniqueness but also in bearing significant potential to positively transform the quality of life of citizens. As the use cases increase, so does the scope for IoT to do more and this is just a beginning. In the days to come IoT will bring in a drastic reduction in healthcare administration costs, improve the efficacy of medicines and improve our ability to identify and isolate disease vectors well before they reveal their darker side.

Healthcare is a vast ecosystem. IoT has already made deep inroads into applications such as remote patient monitoring, clinical trials, pharma administration, personal healthcare, drug testing, insurance, robotics, smart pill cases, and treatment. Preventive healthcare is another area where IoT is helping. IoT enabled wearables are providing real-time data on every individual’s health enabling physicians to diagnose early warning signs of disease and administer medication or other interventions before it turns into a major risk to the person’s health.

With evolving technology and improving connectivity (with the arrival of 5G) and personalization of medical attention, it will be possible to do a lot more with IoT. For instance, data on responses to a certain medicine (collected and analyzed anonymously) will enable doctors to derive the exact dose to be given to the patient to ensure maximum drug efficacy. Smart jars will also remind patients to have their medicines on time and in the right dosage. This will help prevent misuse of vital medicines such as antibiotics.

Smart pills add a unique dimension to IoT. Smart pills, or simply digital pills, are medications prescribed to patients and come with edible electronic sensors that dispatch wireless messages to devices like patches, tablets or smartphones that reside outside the body when ingestion of these pills.  Since this technology will allow patients and doctors to track their drug regimen compliance, increasing patient adherence, it could lead to savings to the tune of $100 – $300 billion annually in the US alone.

Adoption challenges

Storing, securing and managing data are aspects that still pose a challenge to widespread IoT adoption in the sector. In addition, there are reliability and security issues with data alongside the lack of infrastructure and training among providers. This is because there are providers who lack the infrastructure to harness and analyze data even when it flows freely. Another issue is the cost of wearables. It is still not cheap enough for it to be used widely by populations in rural areas.

Security is still a key concern for the whole eco-system. With a diversity of devices, communication flavors, storage options, through fare networks, every aspect brings in its own security challenge. Since patient data is involved in the form of healthcare records or treatment efficacy, there are many entities and individuals out there who would want to get their hands on this data. Healthcare devices could also be highjacked to be used as conduits to launch larger Distributed Denial of Service attacks on other networks.

With so much data floating around in the networks, privacy issues have already come to the fore. Groups are suggesting that with smart pills, for instance, a surveilled compliance scenario would emerge and the doctor or the pharma company may end up receiving and hoarding more data than necessary.

The road ahead

The challenges that IoT brings forth should be measured against the benefits that it delivers. Overall, it is now becoming increasingly difficult to view healthcare minus IoT interventions in varied aspects. As these interventions get bigger and the benefits expand, the challenges will also be addressed. For a country like India that is trying to bring affordable healthcare to the masses, IoT is more than a game changer. What changes is not just affordability but also the availability of timely medicare. The savings in terms of replacing traditional and more costly alternatives are alone for India to give more attention to IoT.

India will definitely enable the emergence of many interesting use cases.

Get Started with Subex

Schedule a Demo
close slider




    I consent to receive communications from Subex Limited. Confirm Opt-In