Sectrio

Author name: Prayukth K V

Prayukth K V has been actively involved in productizing and promoting cross eco-system collaboration in the emerging tech and cybersecurity domains for over a decade. A marketer by profession and a published author, he has also proposed and promoted critical infrastructure protection strategies that rely on in-depth threat research and deflection strategies to deceive hackers and malware. Having been at the frontlines of cyber securing infrastructure, Prayukth has seen cyberattacks and defense tactics at close quarters.

prayukth
maritime cybersecurity

Maritime cybersecurity: defending the shipping industry against cyber pirates

Cybercriminals and malware that threaten to break maritime operational reliability, damage key systems, and delay cargo delivery carry more risks than what we can fathom. Infected systems can compromise navigation or propulsion, threatening ship safety itself as well as the marine environment. Even a medium-sized breach caused by a cyberattack can cripple an operator by imposing a prohibitive recovery cost. The fact that the four largest carriers in the world have all been attacked in just the last three years underscores the vulnerability of the shipping industry as a whole. Onshore, shipping companies are just as vulnerable as their counterparts having maritime vessels. The decentralized shipping and logistics setup associated with shipping companies that often have a network of subsidiaries and agents most of whom have access to a broad range of information on the company’s servers and in some cases in vessels expands the attack surface available for hackers The UN shipping agency IMO itself came under attack a month ago. While the nature of malware and cyberattacks are changing, the cybersecurity posture adopted by shipping agencies and offshore companies connected with the Shipping Lanes of Commerce (SLOC) and the extended supply chains that run across oceans or involve a maritime component is not robust enough. There are several reasons for this. Since the shipping industry was relatively isolated from onshore cyberattacks till a few years ago, the industry didn’t feel the need to evolve and deploy cyber resilience practices. The emergence of state-backed hacker groups or Advanced Persistent Threat Groups has changed the situation. These groups are working hard to targeted shipping companies associated with critical areas of the national economy in several countries. Combating cyber risks Addressing these risks begins with knowing your vulnerabilities and being prepared for a constant increase in cyber threats that are omnipresent and potent. The cyber pirates lurking in the depths and anonymity afforded by cyberspace are already targeting shipping companies and stealing their data and demanding ransom. Unlike the real world where navies and maritime defense forces defend SLOCs, oil tankers, and commercial vessels, the onus of asset cybersecurity lies squarely on the shipping company. To deal with these rising threats, your business needs to be protected at various levels. Your cyber posture and cyber resilience strategy need to be deep and pro-active to not just defend but also to deter cybercriminals. You need to act to defend and convey trust to your stakeholders to ensure that your cargo moves from port to port in a secure manner while your vessel is adequately protected in cyberspace. Only a cybersecurity partner with deep expertise and solutions can help you in that endeavor. We at Subex are already working with global shipping companies to secure their assets. We can help you uncover and address threats while staying cyber resilient. Proof of Value – get in touch with Natalie.smith@subex.com to book a no-obligation consulting slot, right away. If you mail us over the next 24 hours you can avail a special package designed for your business. Let’s fight this menace together.

Maritime cybersecurity: defending the shipping industry against cyber pirates Read More »

Banner 1

Don’t miss this critical cybersecurity requirement

Targeted attacks on supply chains connected with various sectors rose significantly in the last 8 months, according to various research firms. And this is just the tip of the iceberg as these findings relate to existing threats or threats that have been identified.  There could be many new ones lurking in the Dark Web and elsewhere. Most information security leaders tend to ignore the potency of unknown threats. This is because the security architecture in most enterprises and projects doesn’t permit adequate versatility to understand and identify latent threats to deal with them.  The problem is compounded by security practices based on restrictive network activities at the perimeter rather. This means that a threat that somehow manages to trick the perimeter-based security mechanism is free to wreak havoc inside the core network. Unfortunately, even the compliance mandates that are prevailing in various countries also fail to encourage businesses and other entities to look into emerging threats through a combination of insights, forecasts, and sheer imagination. Besides, thanks to the increasing diversity of processes and devices, it is easy to lose track of baseline cybersecurity requirements with every increase in surface area. No matter what your network architecture, industry, or level of security sophistication, gaps could arise during periods of transition, capacity expansion, or infusion of new technology. The addition of IoT exponentially amplifies the threat factor. In another survey, over 70 percent of cybersecurity practitioners reported some level of unfamiliarity with threats that emerge in converged environments spanning IT, OT, and IoT. Unfortunately, these converged environments represent the event horizon – a vista that presents infinite possibilities for hackers, malware developers, and threat actors to exploit. Converged environments needn’t be your organizational Achilles heel. Instead, such environments can be harnessed for testing new tech and workflows to improve efficiency, data analytics, and insights as also improving your cybersecurity posture and providing depth to your cyber resilience strategies. Connect with natalie.smith@subex.com to learn how you can join 30 percent of leaders who have successfully addressed this threat. Read our latest threat landscape report here to learn about cyber threats you need to know about. Proof: How we helped a leading manufacturer improve their cybersecurity posture and avoid such threats

Don’t miss this critical cybersecurity requirement Read More »

cybersecurity for 5g strategy

Cybersecurity is key to a successful 5G strategy

5G brings forth new opportunities and threats. While the opportunities are more or less understood, the threats. While new virtualization technologies including software-defined networking (SDN) and network functions virtualization (NFV) are drawing attention and investment, there is no denying that they have raised new security concerns owing to their highly open, flexible, and programmable nature. Director Chris Krebs from the Cybersecurity and Infrastructure Security Agency (CISA) calls 5G “the single biggest critical infrastructure build that the globe has seen in the last 25 years”–an assessment that isn’t hyperbolic, given the new networks promise to revolutionize everything from IoT, to augmented reality, to farming, while also creating a whole host of new security challenges. This underscores the importance of 5G security and the need to understand and manage it early. Enabling technologies such as robotics, IoT, IIoT, large scale automation and AI come with a huge dependency on 5G. For projects in these domains to succeed, 5G has to deliver value securely. Sacrificing value for security or sacrificing security for value are not the recommended options. A laser-sharp focus on cybersecurity aligned to outcome priorities is the way forward. Here are a few points to ponder in this regard. These points were culled from a presentation made by Subex at the “Enterprise 5G: The Edge of Innovation “event in October. 5G innovation within the enterprise space is an area witnessing plenty of action from a strategy and roadmap perspective 5G is secure by design but as the data moves closer to the endpoint, the level and control of security oversight thin out. There was broad consensus on deriving ways in which different players in the market can collaboratively engage to secure the 5G ecosystem What are the challenges in deploying 5G with legacy systems? Though 5G will continue to evolve there may be networks and systems that will still be on traditional networks bringing forth generational security challenges to the fore The new revenue models that 5G will generate will propel massive IoT adoption The success of 5G innovation will have a force multiplier effect on solving various challenges across verticals Plenty of unknowns will be uncovered as we move forward with the deployment of newer and more robust sub-networks that rely on 5G. We need to be prepared. In case you want to know more about strategies and solutions to deal with the cybersecurity challenges posed by sequestered 5G deployment, generational vulnerabilities, and cybersecurity innovation for 5G, Natalie Smith will be happy to assist you. Do reach out to her at natalie.smith@subex.com You can also download a complimentary whitepaper we have prepared for fine-tuning your 5G cybersecurity strategy below. Download Whitepaper Here!

Cybersecurity is key to a successful 5G strategy Read More »

Blog no 3 Banner

Pandemic era cybersecurity: types of cyberattacks organizations must be aware of

When the year began, few businesses and cybersecurity vendors had imagined the extent to which the cybercrime landscape globally would deteriorate. Subex’s threat research team had started seeing a clear increase in targeted cyberattacks. We, therefore, decide to call out this trend and in early March, we came out with our first advisory. The cyberattacks that saw a spike in the last 180 days emerged in two distinct waves. The first wave included more actors, malware, variants of malware, and geographies and was designed to exploit the confusion created by the Covid-19 pandemic. The second wave had lesser moving parts, was more organized, and in many ways built upon the success of the first wave.   From our analysis, the second wave of attacks is still gathering momentum and will continue for at least another 65 days. We expect the attacks to slow and move into reconnaissance mode after that. Key trends Cyberattacks on Chinese interests globally and in China rise 230 percent The majority of the attacks on China are emerging from just 4 countries Attacks on datacenters and utility firms increase the most Phishing attacks continue to rise Most attacked regions – NA, South-East Asia and the Middle East Attack on pharmaceutical manufacturing companies; increasing rogue activity detected; targets include attempted batch and recipe changes as also operational disruptions to reduce the production capacity Variants of NotPetya are being discovered across manufacturing firms Coronavirus-themed attacks evolve The second wave of the Coronavirus-themed attacks grew more specific and potent towards mid-May. Chatter on the Dark Web and closed-door forums picked up indicate that there were many successful breaches in the last 90 days with many firms giving in to the demands of the hackers by meeting the ransom demand placed by hackers. Regional, businesses in Europe handed over the maximum amount in ransom to hackers followed by South East Asia and the Middle-East. In terms of frequency, at least one ransom was paid every 43.2 hours by some company somewhere. In some instances, APT groups in Pakistan, Russia, Iran and some other countries were also involved in multi-stage ransomware attacks. So why have APT groups resorted to monetizing their cyberattacks? One probable reason could be because in the aftermath of Covid-19, many governments have shrunk their black ops/cyber offense budgets and this must have hit the APT groups in countries that were already under sanctions, starved of funds for their cybercrime operations. It seems that some of these countries have authorized monetization of cyberattacks to keep the operations sustainable and to prevent erosion of cyber strike and malware development capabilities. A threat actor based in Somalia/East Africa launched as many as 700,000 attacks in a just under four days and walked away with a huge bounty in ransom. This group seems to have used stolen credentials available on the web along with compromised apps inadvertently installed by victims. This group targeted oil and gas companies in the Middle East. While deflective attacks on critical infrastructure came down this quarter, the attacks on this segment kept on rising. While the initial half of the second wave of attacks on critical infrastructure used Covid-19 themes to a large extend, the latter half of attacks used more targeted messaging and tactics. IoT and OT cybersecurity solutions and strategies are definitely the need of the hour. Read more about these threats and security challenges in the latest edition of our Threat Landscape Report for Q2, 2020

Pandemic era cybersecurity: types of cyberattacks organizations must be aware of Read More »

IoT security impacts on Telcom Industry

How IoT Security Impacts the Telecom Industry

According to our in-house research and published information obtained from research firms, telecom service providers including MVNOs and M2M connectivity providers suffered the highest volume of breach of sensitive customer information through DNS attacks. With the addition of the Internet of Things, data security takes a whole new level of significance for connectivity service providers. In the last two years, many IoT and critical infrastructure projects involving telcos have been impacted by issues related to loT Connectivity Security leading to delay in project outcomes or projects being abandoned altogether. This has had a clear impact on the margins of telcos as well since many of these were proof of concept projects that could theoretically have led to an increase in the number of endpoints on their network, increased data consumption, and direct revenue as a result of connectivity and managed services. It is not just the revenue alone but the credibility and erosion of the enterprise customer base that telcos are staring at. With the emergence of other connectivity options such as satellite-based connectivity service providers, even the marketplace relevance of telcos is threatened. It is no surprise therefore that telcos are now paying more attention to the machine to machine or M2M security practices, IoT security solutions, and cybersecurity postures that are aligned towards offering better security and assurance to customers. Telcom IoT security has therefore come into prominence like never before. As the world battles a pandemic, there is another battle going on in parallel. Many enterprises and telcos have reported a surge in Coronavirus themed attacks designed to lure employees into downloading potent malware and application manipulation objects. This threatens telecom networks in a big way and telcos need to adapt their security posture to contain and eradicate this threat. Key elements of this change could include: More focus on early detection and containment of suspicious activity and rogue devices Use a Zero trust approach when it comes to enabling access to network resources Work on segmenting networks or rather micro-segmenting them to prevent lateral movement of malware Sensitize employees and all stakeholders to align them towards heightened awareness of cybersecurity Invest in identifying threats across the spectrum including emerging ones Deploy a cyber resilience strategy that prevents disruption Monetizing cybersecurity has been a holy grail of sorts for telcos. On the one hand, they have to deal with meeting their security needs while on the other they have to also ensure that the deployments hosted on their networks are also secure and cyber resilient. Recently, a leading mobile virtual network operator was able to not just monetize cybersecurity, but also use it as a vector to deepen their existing relationship with premium customers. The result – a significant increase in additional revenue. What’s more, they were also able to stay protected against malware that impaired some of their competitors and their large customers. The average savings per breach ranged from USD 250,000 to over a million. These numbers are rising as the threat environment continues to deteriorate. The gains lodged from strengthening the profitability of key relationships – priceless. Subex Secure is powering this endeavor. You can read this unique case study here. To know more about Subexsecure’s offerings and to schedule a demo, call: +91 80 6659 8700 Click here to know more about how Subexsecure has been working with telcos across the globe to secure the IoT initiatives adopted by their customers.

How IoT Security Impacts the Telecom Industry Read More »

8 Biggest Security Challenges for IoT security practitioners 1

8 Biggest Security Challenges for IoT security practitioners

IoT Cybersecurity, loT asset Protection, loT Risk Detection, and mitigation are key components of any loT cybersecurity consulting exercise. With the increasing adoption of IoT in the post-pandemic environment, the threats to IoT deployments have also grown substantially. While cybersecurity practitioners are working towards fully understanding the cybersecurity implications of the ‘New Normal’, a few factors do stand out when it comes to IoT risk assessment and mitigation. In this post, we identify the 8 biggest IoT cybersecurity challenges that have emerged in the last 8 months. The emergence of new actors: the last few months have seen the emergence of more sophisticated threat actors as many white hat hackers went rogue due to the absence of projects to work on. Besides, the demand for hackers from APT groups and other disruptive agencies has also increased manifold leading to these players running large recruitment campaigns on the Dark Web and forums to recruit new hackers. The pandemic has exposed several weaknesses that exist in the digital transformation matrix of various organizations including lack of multi-factor authentication, communication authentication issues, use of untested applications for collaboration and lack of sufficient cybersecurity oversight on key isolated and air-gapped infrastructure elements Rogue devices: virtualized rouge devices remotely controlled by hackers operating out of large device farms have been known to latch on to unprotected networks pretending to be legitimate devices. This challenge has grown substantially in the last few months because of the lack of device discovery options Perimeter focused cybersecurity: use of firewalls and other mechanisms to control traffic at the gate left the core systems and networks vulnerable to rogue insider activity. Diffused workforce operating out of remote locations (work from home) accessing networks through compromised devices has become a matter of significant concern. Some IoT projects are in remote places that are not easily accessible. In such locations, hackers might use physical means to compromise devices and networks in-situ Easy availability of malware: malware shops have in the last 180 days dumped huge collections of highly potent malware some of which target yet to be uncovered vulnerabilities. Vast adoption of IoT without paying adequate attention to cybersecurity has led to a situation where many of the new IoT projects have become sitting ducks for hackers. Some of these projects may already have been compromised. This indicates the gravity of the problem at hand. Some of the threats fall under the unknown unknown category which means that it will be a while before they are discovered and addressed. It is high time we set aside traditional approaches to IoT risk detection and management and embrace new ones that will contain and eliminate new threats. Embracing a zero-trust cybersecurity approach that relies on renewing trust subscriptions frequently within the same active session is also the way forward. To know more about Sectrio’s offerings and to schedule a demo, call: +91 80 6659 8700 Click here to know more about how Sectrio has been working with telcos across the globe to secure the IoT initiatives adopted by their customers.

8 Biggest Security Challenges for IoT security practitioners Read More »

Scroll to Top