Sectrio

Author name: Sectrio

Avatar photo
cyber security2

Five ways to profit from IoT and OT cybersecurity

Yes, you have heard it right. IoT and OT  cybersecurity needn’t be a cost center for your organization. Investing in the right cybersecurity tools, strategies and relationships can deliver many benefits for your organization. Consider these advantages that cybersecurity delivers (derived from actual use cases that Subex was involved in): New avenue for innovation: one of our customers in North America has started using a cybersecurity lab to identify and eliminate redundant processes thereby streamlining workflows for gaining efficiency Staying afloat in testing times: yet another one of customers, a leading manufacturer, was able to remain operational and profitable while the competition was attacked using data gathered from an industry association. In industry segments where the margins are low, this can mean the difference between mere survival in the market and growth Monetizing cybersecurity:  one of our customers has incorporated the higher level of service assurance delivered by them in one of their packages that are offered to overseas customers at a premium Compliance cost savings: repeated studies have shown that investments in cybersecurity can help reduce legal compliance costs as also costs incurred in the recovery or paying damages to victims or even employees. Savings is earnings Earn through insights: businesses that invest in cybersecurity also stand to turn into insight-driven enterprises as investing in cybersecurity without making adequate provisions for gathering, presenting and analyzing insights is simply impossible. With increasing investments in IoT and OT deployments, cybersecurity has to get more attention and resource allocation. In addition, we also need to look at innovative ways to make cybersecurity measures pay for themselves. In the post-pandemic world, cybersecurity will be one of the pillars of growth and customer trust. Don’t miss out on this chance to revisit your cybersecurity priorities.  

Five ways to profit from IoT and OT cybersecurity Read More »

cyberspace 1

Corona Virus proyecta una sombra en el ciberespacio

Mientras que los gobiernos, las empresas, las agencias intergubernamentales y las agencias sin fines de lucro están ocupados lidiando con la caída de la enfermedad por Coronavirus (COVID-19), ciertos grupos con intenciones maliciosas están utilizando el brote como una oportunidad para lanzar ataques cibernéticos y paralizar la infraestructura crítica y otros activos conectados a través de la ingeniería social. En los últimos 26 días, el honeypot global de Subex ha registrado un ligero descenso en los ataques directos, mientras que el volumen de correos electrónicos de phishing y otras actividades de ingeniería social específicas ha crecido significativamente. Nuestros investigadores informan un aumento del 49 por ciento en los ataques de ingeniería social a través de una variedad de canales en todos los continentes. Coronavirus es el último tema. Estos son lo que llamamos ataques temáticos que se basan en un susto o ansiedad global creada por un evento que influye en los ciudadanos a nivel personal. Los piratas informáticos han lanzado alrededor de 23 extensiones de archivos comunes (incluidos zip, mp3, mp4, xlsx, docx, EPS) en los últimos 26 días. Estos archivos tienen una carga maliciosa que podría encriptar archivos, robar / filtrar datos, dejar puertas traseras e incluso dañar datos. Los tipos de archivo incluyen: Corona_health_update.pdf (atribuido a los centros para el control de enfermedades) Origin-of-corona_cnn.mp4 Covid19_Mandatory_work_from_measures.pdf (propagado usando plataformas de mensajería instantánea) Corona_safety_alert.docx Secondary_corona_infections.pdf Correos electrónicos que contienen líneas de asunto como “emergencia de coronavirus declarada” “1000 muertes por coronavirus en las últimas 16 horas” Este medicamento podría salvarle la vida de la corona “. También se han encontrado correos electrónicos que buscan donaciones en nombre de la OMS. Los volúmenes entrantes de estos archivos infectados varían con los anuncios de salud de los gobiernos y hemos visto 3 ventanas claras para la detección de dichos archivos infectados. 7 am a 9:30 am GMT 3 p.m. a 3:30 p.m. GMT 8 p.m. a 9 p.m. GMT El tráfico de Malware de una importante red de bots en el noroeste de Asia se ha reducido significativamente, mientras que otras tres posibles redes de bots en la región informan una reducción en el volumen de tráfico saliente. ¿Dónde se ha ido todo el Malware? En la última mitad de 2019, hubo una aceptación significativa en la compra de Malware potente en tiendas y foros de Malware. Dicho Malware se lanzó en lotes incrementales con una reingeniería mínima para evitar la detección. Esta actividad se aceleró a fines de enero (2020), pero a mediados de febrero (2020), el número de nuevos programas maliciosos registrados mostró una disminución global a medida que los piratas informáticos cambiaron las tácticas para crear oportunidades utilizando la ingeniería social. Nuestros investigadores también han encontrado una ligera reducción en los precios del Malware en el último mes. Lo que significa que la demanda de nuevo Malware ha disminuido. Los grupos de piratas informáticos están utilizando el pánico y la ansiedad generados por el brote para evitar que sus víctimas analicen los correos electrónicos u otros enlaces sospechosos enviados a través de las redes sociales o las aplicaciones de mensajería instantánea. Los tiempos de angustia y ansiedad a menudo afectan el pensamiento racional y esto es con lo que cuentan los hackers para crear un problema mucho mayor. Mantener la higiene cibernética. Al igual que las medidas recomendadas por los profesionales de la salud para prevenir la propagación de la infección, en el ciberespacio también debemos tomar algunas precauciones para evitar que los grupos disruptivos utilicen la situación en su beneficio. Aquí hay algunos pasos recomendados: Confíe en fuentes conocidas para actualizaciones de atención médica (entre ellas, la Organización Mundial de la Salud, gobiernos federales o regionales, publicaciones de renombre y sus profesionales de atención médica locales). Evite la tentación de hacer clic en enlaces compartidos a través de redes sociales, aplicaciones de mensajería instantánea o cualquier otra fuente. De todos modos, las actualizaciones de noticias te llegarán, solo es cuestión de unos minutos. Pero si hace clic en un enlace sospechoso, podría terminar haciendo mucho más daño a corto y largo plazo a sus intereses comerciales / personales Verifique la URL de los sitios web cuidadosamente cada vez. Si es posible, use los motores de búsqueda para llegar a los sitios en lugar de ingresar el texto de la URL directamente Mantenga todo su software, sistema operativo, firmware y aplicaciones móviles actualizadas. No te saltes las actualizaciones. Informe cualquier correo electrónico o URL sospechosos a sus equipos de ciberseguridad Emotet On The Rise: Campaña de phishing de CoronaVirus Descargar informe

Corona Virus proyecta una sombra en el ciberespacio Read More »

Cybersecurity trends for 2019

Why cybersecurity can be a source of innovation for IoT projects

An interesting survey finding came my way almost a year ago that revealed that as much as 80 percent of projects falling in the Internet of Things domain didn’t utilize their data in its entirity. This means that most of the projects are configured to churn data that is futuristic in nature and may not be of much relevance to the stakeholders in the short run. This leads us to an interesting question. Can this huge volume of data being generated be put to some use after all? There are various reasons why there is an overflow of data in such projects. The most agreeable one is that business owners are often pre-occupied with the need to get their hands on information that can justify their investments in such projects and in the process ignore data streams that cannot be monetized or deployed to improve efficiency, productivity or preventive maintenance practices. Such a myopic view can indeed lead to value stagnation in the long run for such projects. A Spanish company had deployed a set of temperature sensors across its offices to monitor the ambient temperature. The data showed the existence of islands of significant temperature variation across floors. The company didn’t invest any time or resources in determining how such differences affect the productivity of employees or outcomes of meetings. Yes it would need a stretch of effort to figure this out but then its not impossible. In another instance, a well-known retailer in South-East Asia is currently accessing information on supply chain efficiency across various points in the chain using IoT. However, this entity is still ignoring information on ambient weather conditions that are also collected alongside the data gathered by various sensor and device configurations. Again the weather information in this instance could be correlated with supply chain efficiency to determine the best weather conditions for movement of goods and supplies as also to avoid conditions that might adversely impact movement. There are many such examples of businesses ignoring data already available to further their business interests. Linking cybersecurity IoT is one of the few enabling technologies that still have a long way to go when it comes to cybersecurity. Often times, proof of concept projectsrun without security coming into the picture in any form or manner. The capital and resources invested in the project are thus rendered vulnerable to a possible cyberattack. A sizeable one could lead to the project being shelved complety – a possibility that is not just a remote possibility but is happening more often than it should. Given the significance that security entails, Cybersecurity could be considered as an avenue for innovation. There is no reason why businesses shouldn’t be thinking and acting this way. Let me elaborate. For one, cybersecurity is all about doing more with all the data available. It is also about getting deeper into data to determine how and why data is behaving the way it is (is it under the influence of malware or has it been subject to some form of compromise?). Attention to data for purposes of cybersecurity can yield remarkable results. It can make decision makers aware of the quantum and content of data that they are drawing from sensors and devices and therefore put it to better use. Financial services entities and retailers can take the lead in this arena. By making businesses delve deeper into data patterns, organizations are rendered more data-sensitive thereby opening avenues to better use and deploy data. And this could enable competitive differentiation and innovation across the enterprise. Data awareness could also reduce the rate of failure of proof of concept projects. It could lead to customer delight as well when used in the right way to give actionable data and insights. A large aircraft manufacturer recently found out the hard way how ignoring basic data could be a perilous endeavor. The lesson, therefore, is clear and apparent. Cybersecurity, when viewed as an enabler of innovation, could also lead to greater investments in time, attention and resources in securing enterprises. This holds good for all businesses irrespective of their size, maturity or market addressed. To read the latest State of IoT Security reports Download now!

Why cybersecurity can be a source of innovation for IoT projects Read More »

IoT Healthcare

IoT poised to transform healthcare

Among the sectors where the Internet of Things is offering a non-conventional way to address traditional challenges, healthcare stands out not just in its uniqueness but also in bearing significant potential to positively transform the quality of life of citizens. As the use cases increase, so does the scope for IoT to do more and this is just a beginning. In the days to come IoT will bring in a drastic reduction in healthcare administration costs, improve the efficacy of medicines and improve our ability to identify and isolate disease vectors well before they reveal their darker side. Healthcare is a vast ecosystem. IoT has already made deep inroads into applications such as remote patient monitoring, clinical trials, pharma administration, personal healthcare, drug testing, insurance, robotics, smart pill cases, and treatment. Preventive healthcare is another area where IoT is helping. IoT enabled wearables are providing real-time data on every individual’s health enabling physicians to diagnose early warning signs of disease and administer medication or other interventions before it turns into a major risk to the person’s health. With evolving technology and improving connectivity (with the arrival of 5G) and personalization of medical attention, it will be possible to do a lot more with IoT. For instance, data on responses to a certain medicine (collected and analyzed anonymously) will enable doctors to derive the exact dose to be given to the patient to ensure maximum drug efficacy. Smart jars will also remind patients to have their medicines on time and in the right dosage. This will help prevent misuse of vital medicines such as antibiotics. Smart pills add a unique dimension to IoT. Smart pills, or simply digital pills, are medications prescribed to patients and come with edible electronic sensors that dispatch wireless messages to devices like patches, tablets or smartphones that reside outside the body when ingestion of these pills.  Since this technology will allow patients and doctors to track their drug regimen compliance, increasing patient adherence, it could lead to savings to the tune of $100 – $300 billion annually in the US alone. Adoption challenges Storing, securing and managing data are aspects that still pose a challenge to widespread IoT adoption in the sector. In addition, there are reliability and security issues with data alongside the lack of infrastructure and training among providers. This is because there are providers who lack the infrastructure to harness and analyze data even when it flows freely. Another issue is the cost of wearables. It is still not cheap enough for it to be used widely by populations in rural areas. Security is still a key concern for the whole eco-system. With a diversity of devices, communication flavors, storage options, through fare networks, every aspect brings in its own security challenge. Since patient data is involved in the form of healthcare records or treatment efficacy, there are many entities and individuals out there who would want to get their hands on this data. Healthcare devices could also be highjacked to be used as conduits to launch larger Distributed Denial of Service attacks on other networks. With so much data floating around in the networks, privacy issues have already come to the fore. Groups are suggesting that with smart pills, for instance, a surveilled compliance scenario would emerge and the doctor or the pharma company may end up receiving and hoarding more data than necessary. The road ahead The challenges that IoT brings forth should be measured against the benefits that it delivers. Overall, it is now becoming increasingly difficult to view healthcare minus IoT interventions in varied aspects. As these interventions get bigger and the benefits expand, the challenges will also be addressed. For a country like India that is trying to bring affordable healthcare to the masses, IoT is more than a game changer. What changes is not just affordability but also the availability of timely medicare. The savings in terms of replacing traditional and more costly alternatives are alone for India to give more attention to IoT. India will definitely enable the emergence of many interesting use cases.

IoT poised to transform healthcare Read More »

cyberspace 1

Corona Virus casts a shadow in cyberspace

While governments, businesses, inter-governmental agencies, and not-for-profit agencies are busy dealing with the fall out of the Coronavirus disease (COVID-19), certain groups with malicious intent are using the outbreak as an opportunity to launch cyberattacks and cripple critical infrastructure and other connected assets through social engineering. In the last 26 days, Subex’s global honeypot has registered a slight dip in direct attacks while the volume of phishing emails and other targeted social engineering activity has grown significantly. Our researchers are reporting a 49 percent rise in social engineering attacks through a variety of channels across continents. Coronavirus is the latest theme These are what we call themed attacks that ride on a global scare or anxiety created by an event that influences citizens at a personal level. About 23 common file extensions (including zip, mp3, mp4, xlsx, docx, EPS) have been released by hackers in the last 26 days. These files have a malicious payload that could encrypt files, steal/exfiltrate data, drop backdoors and even corrupt data. File types include: Corona_health_update.pdf (attributed to centers for disease control) Origin-of-corona_cnn.mp4 Covid19_Mandatory_work_from_measures.pdf (spread using instant messaging platforms) Corona_safety_alert.docx Secondary_corona_infections.pdf Emails containing subject lines such as “coronavirus emergency declared” “1000 coronavirus deaths in last 16 hours” This drug could save your life from corona”. Emails seeking donations in the name of WHO have also been found. The in-bound volumes of these infected files vary with healthcare announcements by governments and we have seen 3 clear windows for detection of such infected files. 7 am to 9:30 am GMT 3 pm to 3:30 PM GMT 8 pm to 9 pm GMT Malware traffic from a major botnet in North West Asia has reduced significantly while three other possible botnets in the region are reporting a reduction in the volume of outbound traffic. Where has all the malware gone? In the last half of 2019, there was a significant uptake in the purchase of potent malware from across malware shops and forums. Such malware was then released in incremental batches with minimal reengineering to avoid detection. This activity picked pace towards the end of January (2020) but by mid-February (2020), the number of new malware reported registered a global decline as hackers shifted tactics towards creating opportunities using social engineering. Our researchers have also found a slight reduction in malware prices in the last month. Which means that the demand for new malware has come down. Hacker groups are using the panic and anxiety generated by the outbreak to prevent their victims from scrutinizing emails or other suspicious links forwarded via social media or instant messaging applications. Times of distress and anxiety often take a toll on rational thinking and this is what hackers are counting on to create a much larger problem. Maintain cyber-hygiene Similar to the measures recommended by healthcare professionals to prevent the spread of infection, in cyberspace also we need to take a few precautions to prevent disruptive groups from utilizing the situation to their advantage. Here are a few recommended steps: Rely on known sources for healthcare updates (these include the World Health Organization, federal or regional governments, publications of repute and your local healthcare professionals. Avoid the temptation to click on links shared via social media, instant messaging applications or any other source. News updates will anyway reach you it is just a matter of a few minutes. But if you click on a suspicious link, you could end up doing far more damage in the short and long term to your businesspersonal interests Check the URL of websites carefully every time. If possible use search engines to reach sites rather than entering the URL text directly Keep all your software, OS, firmware and mobile applications updated. Do not skip updates. Report any suspicious emails or URLs to your cybersecurity teams Emotet On The Rise: CoronaVirus Phishing Campaign Download Report

Corona Virus casts a shadow in cyberspace Read More »

Cybersecurity trends 2020

Cybersecurity trends to watch out for in 2020

The adoption of IoT is growing globally. Today, active sensors are monitoring and reporting on everything from weather conditions, traffic, power consumption, water pressure, among others. Smart technology is everywhere, enabling cities, people, and governments to do more. It won’t be an exaggeration to say that the IoT boom is already here. But as more and more sensors and devices are connected to the internet, cybercriminals gain more opportunities to leverage unattended vulnerabilities. IoT botnets can compromise and leverage thousands of such devices to wreak havoc on deployments. 2019 saw a range of attacks on IoT infrastructure. Wicked, OMG Mirai, Triton, Shamoon, ADB.Miner, DoubleDoor, Hide ‘N Seek, and Mirai-Variant IoT Botnets were widely seen in cyberattacks around the world. 2020 will see hackers go after data with increased zeal. This includes highjacking devices as part of Advanced Persistent Threat attacks and using them to gain access to sensitive data and IP, which could be held for ransom. The sectors that will attract maximum attacks in South America include oil and gas, infrastructure, utilities, defense, and retail. Attacks bearing a geopolitical motive are also expected to increase this year. Regional hackers have figured out that businesses are more willing to pay ransoms to prevent such data from being published online or on the dark web. This they are working to target devices and networks to pilfer data and record conversations of value. Another tactic gaining currency is data poisoning wherein inaccurate information is fed into decision making systems to disrupt large systems. Publishing zero-day vulnerabilities without taking the vendor into confidence or giving them reaction time to patch devices creates a unique advantage for hackers as they can take advantage of such vulnerabilities to create widespread damage. This trend will persist in 2020, albeit with vendors turning more cooperative, responsive, and with more information being made available, lesser instances will come to the fore. With more businesses using bots to log data in CRMERP or other business management software, the data accessed by such bots are becoming more critical with each passing year. By spoofing identity, hackers can gain access to critical systems and then use such bots to exfiltrate data, and since most of these bots are today working with very little monitoring, an attack could theoretically last months or even years, if they go undetected. Three key target sectors in 2020 Manufacturing Retail Financial services Three trends that will continue in 2020 Increasing reconnaissance on critical infrastructure projects Phased attacks on new IoT projects Price of malware sold on forums will rise further this year (because of the demand-supply imbalance) As geopolitical faults expand, cyberwarfare has turned deadlier. Today actors sponsored by nation-states are investing in AI-based offenses to harass their adversaries. Geopolitical attacks are now targeting critical industrial systems, utilities, smart devices, renewable energy farms, offshore oil rigs, and more. With agencies finding it difficult to suppress information on such attacks from leaking out into the mass media, hackers are getting more aggressive as the impact of their work becomes more visible, monetarily rewarding, and discussed. The global network of botnets will also grow and expand in terms of devices and countries in 2020. This is one trend that refuses to move into negative territory because of various reasons. Sectors such as banking and financial services, healthcare, oil and gas, and retail will continue to attract attention from hackers in 2020. The attacks will get more sophisticated, and the attack signature will turn even paler as hackers use newer tactics and strategies to breach networks. On the response front, as this article is being written, we are seeing cybersecurity being addressed through “codes of practice” and “guidelines.” The government of California has openly come out with its resolve to make businesses do more towards securing their infrastructure, and others will follow in 2020. What is still missing is a coordinated effort to address the problem at hand. Cybersecurity will remain a half-hearted battle until all stakeholders join hands and launch a concerted effort to curb the menace. Globally, cybercrimes cost over $600 bn in damages in 2019. No nation is rich enough to afford such a colossal loss individually or collectively. Instead, if this money were to be deployed for improving healthcare, generating employment, and improving civic infrastructure, the magnitude of the damage becomes more apparent. Hopefully, 2020 will be the year where we see more coordination between stakeholders. Such a collaboration is inevitable if we are to see lasting progress in the war on cybercrimes.

Cybersecurity trends to watch out for in 2020 Read More »

The IoT Security Report for India

Cyberattacks grew 26% on India’s IoT deployments

India has been attracting complex cyberattacks for a while now. Hackers are using a mix of complex malware, social engineering and hit and run tactics to target various facilities and IoT deployments here. In the last quarter alone, cyberattacks on the country registered a 26 percent increase and some unique samples of malware were isolated by our threat research team. Mumbai, Delhi and Bangalore were the most attacked cities and hackers are looking at monetizing attacks while creating large scale disruption. They are also working to overload defense mechanisms in order to prevent early detection and mitigation of these attacks. The IoT Security Report for India for the third quarter (July-September) of the calendar year 2019, highlights the continuing attention that hackers are paying to IoT and OT installations in India. The report notes attacks, attack techniques, sectors drawing attacks and the various types of malware used to attack smart cities, defense projects, manufacturing entities, retailers and other entities using IoT or OT in the country. Download this report to find out how the threat environment in the country is evolving. To read the latest State of IoT Security report for India Download now!

Cyberattacks grew 26% on India’s IoT deployments Read More »

MCE

Securing mobile edge computing

Mobile edge computing or Multi-access Edge Computing (MEC) – is a network architecture that enables cloud computing to be performed at the edge of a mobile network. Currently, many applications manage their online computations and content storage on servers far away from the devices and the end user. MEC brings those processes closer to the user by integrating with the local cellular base stations. Multi-access edge computing is based on the principle that offering processing capacity at the edge of the network offers significant application benefits especially in responsiveness and reliability. MEC enables faster and flexible deployment of new applications and leads to lower latency — and better performance — for local applications and data when compared with centralized data center resources. Businesses that run multiple applications that entail high volumes of data with low latency such as IoT gateways in healthcare, retail etc., will find MEC quite appealing. It is going to be a key enabler for connected cars, autonomous vehicles and industrial IoT. Edge computing will help autonomous vehicles achieve higher levels of situational awareness by merging information gathered and processed at the edge and through AI/machine learning. In such areas, even a millisecond delay can make a huge difference. Autonomous vehicles, for instance, cannot wait for information stored to be processed in the cloud (even if it only takes 200 milliseconds) to make a critical decision. The MEC market is expected to range anywhere between USD3-9 bn by the year 2022. Start-ups will find a new world of opportunities coming their way through MEC. The convergence of connectivity and compute power and the resultant context awareness at a node will lead to services and content being customized to a new level. Wearables, smart homes, utilities and transportation are expected to drive business. All these are segments that hold great potential for start-ups to capitalize on. As the industry evolves, and the eco-system becomes more enabling, entry barriers are expected to ease. Hyper localization a significant need from a content delivery and a last mile user perspective is enabled with lesser latency. With the content delivery networks or CDNs coming closer to the user, localized content such as area maps can be delivered faster and with more detail to a user. A CDN is a system of distributed servers (network) that deliver pages and other Web content to a user, based on the geographic locations of the user, the origin of the webpage and the content delivery server. Till now, CDNs were in datacenters far away from the user. On the security and safety front, MEC will enable a new level of surveillance and monitoring as surveillance and video analytics can be done much closer to the source. This also means that the data available to decision makers will be much closer to real-time. In an industrial environment, MEC can improve safety levels by giving real-time information on heavy equipment, machinery, vehicles and environmental factors. MEC will also improve the response timings in case of an accident or an emergency by enabling first responders to reach ground zero and locate the affected people faster. In the entertainment vertical, Augmented Reality and Virtual Reality require faster response with the least possible latency. MEC makes that possible. It is expected that many new VR and AR-based games will be released once MEC becomes a commonly used technology. Challenges Lack of standards around MEC is one factor that might slow down adoption of MEC. Many organizations are currently working in parallel on evolving competing standards around MEC focusing on various aspects. With data being stored and processed at a local node the possibility of attacks at that level also increase as a new attack surface emerges. These challenges are being addressed and there are strategies and solutions available to secure MEC and its users. All said and done, MEC is nothing short of a revolution in the works. Beyond bringing the web and allied services closer to users, it will also usher in a new era of user experience and engagement. The opportunity is clearly on the horizon it is now up to the eco-system players to ramp up their game to hasten adoption without compromising on security in any manner.

Securing mobile edge computing Read More »

IoT in manufacturing

Rising importance of IoT in the Indian manufacturing sector

According to a leading analyst firm, by the end of next year, 30 percent of our interactions with technology will be through conversations with smart machines. According to a leading analyst firm, by the end of next year, 30 percent of our interactions with technology will be through conversations with smart machines. The manufacturing sector has already taken a lead in this direction by deploying high levels of automation and enabling data exchange across the board. Factories have been turned into smart factories and shop floors have become safer, productive and innovative, and this is just the beginning as there is still a long road to tread as we move forward on this innovation superhighway. Industry 4.0 as it is popularly referred to relies on several key technologies including autonomous robotics, simulation, horizontal and vertical system integration, the Industrial Internet of Things(IIoT) and cybersecurity. These technologies are transforming manufacturing like never before and are poised to bring in efficiencies, productivity enhancements, safety and sustainability. Such technologies are also generating unique use cases in India as well, meeting the unique challenges that we have see her so far. Industrial IoT is set to transform the Indian manufacturing landscape as well. Manufacturers here are already using IoT for tracking assets, increasing equipment efficiency, preventive maintenance, supply chain management and more. Proof of concept projects are also running in various areas as manufacturers try out the best possible combination of technologies, processes, human intervention and outcomes. Use cases A large manufacturer in Maharashtra is using IIoT to streamline its supply chain. Its factories have a huge vendor footprint spanning multiple cities across the country and abroad. Cargo coming in has to be synched with production schedules and delivery commitments to customers. Thus the whole process has to be orchestrated with precision. Every bit of cargo is tracked till it reaches the warehouse from where the production teams takeover. The shop floor is also IoT enabled with devices tracking the position of each employee and machines sharing data such as temperature, speed of various components, production efficiency, movement of carousel etc. Another manufacturer is using IIoT to manage equipment health. Each equipment shares data on its current state, state of inputs and essentials such as oil and variables influencing its performance at an optimal level. This data is monitored from a central hub from where help in the form of maintenance staff can be dispatched at short notice if required. Since this entity operates in a precision environment, manufacturing a critical component for a defense hardware manufacturer, the data is also shared with the client as part of an agreed compliance process. In other cases, IIoT is helping ensure safer working environment for employees, cleaner production environment, preventing industrial espionage and more. Why is it important? The Indian government has made “Make in India” initiative a priority. The goal is to strengthen India’s manufacturing prowess while providing a nurturing environment for Indian and international manufacturers to manufacture here. For Make in India to succeed, Indian manufacturers need to manufacture more efficiently, cost effectively and deploy all-round innovation to stay competitive. Industrial IoT will help do that. By streamlining supply chains and processes, reducing operational costs, improving safety and environmental conditions in the workplace, manufacturers can afford to focus more on improving competitiveness and on business strategies while IIoT strengthens their ability meet quality norms and other criteria. The significance of IIoT should also been seen in the context of the competition Indian manufacturers are facing from entities located in other parts of the world such as South-East Asia. Embracing IIoT will give Indian manufacturers a clear competitive advantage. Also, with norms around pollution and clean manufacturing tightening due to countries voluntarily adopting international protocols, the onus will shift to manufacturers to prove that they comply and are following green and sustainable manufacturing processes and norms. IIoT can also help here as it can give manufacturers clear and precise data to facilitate intervention-oriented decision making to improve production and reduce practices that could cause strain on the environment. IIoT can not just transform our manufacturing sector but also serve as a strong platform for adoption clean, safe and environment friendly manufacturing processes. It is now up to the sector participants to embrace IIoT and work towards integrating it with their supply chains, processes and manufacturing methods. All said and done, IIoT will be a strong ally for Indian manufacturers to succeed on a global stage.

Rising importance of IoT in the Indian manufacturing sector Read More »

Cybersecurity trends for 2019

Cybersecurity trends for 2019 in the Latin America region

From Buenos Aires to Rio de Janeiro, cities all over South America are today using Internet of Things(IoT) to improve the lives of its citizens. Sensors in Brazil now warn of gas leaks before they become dangerous. Smart technology is everywhere, enabling city organizations to proactively alert people about traffic conditions, inclement weather, and other hazards. It wont be an exaggeration to say that the region is getting ready for an IoT boom. According to a report by the Evans Corporation this year, South American developers are particularly keen on developing IoT technology; 60 percent of developers are planning IoT projects and 22 percent are already executing on them. But as more and more sensors and devices are connected to the internet, cyber criminals gain more opportunities to leverage unattended vulnerabilities. IoT botnets have the ability to compromise and leverage thousands of these devices to wreak havoc. 2018 saw a range of attacks on IoT infrastructure. Wicked, OMG Mirai, ADB.Miner, DoubleDoor, Hide ‘N Seek and Mirai-Variant IoT Botnets were widely seen in cyberattacks around the world. VPNFilter malware was behind the largest attack of the year with over half a million devices infected across over 50 countries in a single episode. 2019 will see hackers go after data with increased zeal. This include highjacking devices as part of Advanced Persistant Threat attacks and using them to gain access to sensitive data and IP which could be held for ransom. The sectors that will attract maximum attacks in South America include oil and gas, infrastructure, utilities, defense and retail. Attacks bearing a geo-political motive are also expected to increase this year. Regional hackers have figured out that businesses are more willing to pay ransoms to prevent such data from being published online or on the dark web. This they are working to target devices and networks to pilfer data and record conversations of value.  Another tactic gaining currency is data poisoning wherein inaccurate information is fed into decision making systems to disrupt large systems. Publishing zero-day vulnerabilities without taking the vendor into confidence or giving them reaction time to patch devices creates a unique advantage for hackers as they can take advantage of such vulnerabilities to create widespread damage.  This trend will persist in 2019 albeit with vendors turning more cooperative, lesser instances will come to the fore. With more businesses using bots to log data in CRMERP or other business management software, the data accessed by such bots is becoming more critical with each passing year. By spoofing identity, hackers can gain access to critical systems and then use such bots to exfiltrate data and since most of these bots are today working with very less monitoring, an attack could theoretically last months or even years, if they go undetected. As geo-political faults expand, cyberwarfare has turned deadlier. Today actors sponsored by nation states are investing in AI-based offenses to harass their adversaries. Geo-political attacks are now targeting critical industrial systems, utilities, smart devices, renewable energy farms, offshore oil rigs and more. With agencies finding it difficult to suppress information on such attacks from leaking out into the mass media, hackers are getting more aggressive as the impact of their work becomes more visible, monetarily rewarding and discussed. Sectors such as banking and financial services, healthcare, oil and gas and retail will continue to attract attention from hackers in 2019. The attacks will get more sophisticated and the attack signature will turn even paler as hackers use newer tactics and strategies to breach networks. On the response front, as this article is being written, we are clearly seeing cybersecurity being addressed through “codes of practice” and “guidelines”. The government of California has openly come out with its resolve to make businesses do more towards securing their infrastructure and others will follow in 2019. What is still missing is a coordinated effort to address the problem at hand. Cybersecurity will remain a half-hearted battle till all stakeholders join hands and launch a coordinated effort to curb the menace. Globally, cybercrimes cost $600 in damages in 2017. No nation is rich enough to afford such a huge loss individually or collectively. Instead if this money were to be deployed for improving healthcare, generating employment and in improving civic infrastructure, the magnitude of the loss becomes more apparent.  Hopefully 2019 will be the year where we see more coordination between stakeholders. Such a collaboration is inevitable if we are to see lasting progress in the war on cybercrimes.

Cybersecurity trends for 2019 in the Latin America region Read More »

Scroll to Top