menu-close
search-icon
banner

Category Archives: Cyber Security

Have you been breached? Watch out for these Indicators of Compromise.

It is the season of breaches and hackers are operating with impunity. Continuing from their success in breaching many organizations through social engineering, digital extortion, and data theft, these hackers have now become more brazen. With businesses still dealing with the aftermath of the ongoing pandemic and with diffused workforces operating from unmonitored environments,  hackers have never had it so good. This trend is expected to play out for the rest of 2021.

These attacks are also facilitated by enterprises that miss out on initial Indicators of Compromise. If the attacks are scuttled during the reconnaissance phase itself, the impact of such attacks can be minimized and this will deter hackers to some extent. However, if the attacks slip through, then not just will a major cyberattack be imminent, but your data could already be in the hands of data brokers who would have taken steps to monetize it or even sell it back to you for a ransom payout.

This is therefore the time to work towards securing your assets and infrastructure and watch out for indicators of breach and compromise. You need to act immediately if you record any of these signs:

  • Changes in the number of devices, device signature changes, and other anomalies
  • The appearance of spurious domain names similar to yours online.
  • Change in email behaviors and download patterns.
  • Unprecedented activity connections from atypical ports
  • Unknown protocol communications
  • Unauthorized download of remote access tools
  • Mismatch in requests for downloading specific files.
  • Anomalies in the outbound traffic pattern
  • Low-intensity attack that is detected. This usually means the hackers are testing your cybersecurity response mechanisms to fashion a custom attack.
  • The appearance of unauthorized tools such as those related to network and port scanning.

Subex Secure is a proven and hardened IoT and OT cybersecurity solution that can secure networks, devices, and converged environments. Features such as early threat detection, device discovery vertical-specific threat intelligence, and a high level of anomaly sensitivity render it a vital piece of your cyber armor.

We can set up a no-obligation proof of concept demo to show how it can protect your business. Talk to us now. Don’t wait till you are breached.

Schedule a demo

Unraveling the biggest cyber risk associated with 5G

On average when compared to other generations, hackers have much more to gain from breaching 5G networks and deployments that rely on them. In addition to theft of subscriber data, hackers can impersonate genuine network users, launch large scale DDoS attacks and access gated information and live sessions by faking authentication.

While the traditional school believes that the explosive rise in attack surface is the biggest threat associated with 5G, we are now witnessing the emergence of new threats that could cause a bigger concern in the near future.

Network slicing and the use of technologies such as ERP and IoT in some of the network slices could render some layers more vulnerable to cyberattacks. Looking at this from another perspective, some of these slices could also be less protected by authentication layers which makes them an easy target for hackers. When we superimpose the above two scenarios on to a single network node, then that node could hypothetically become a sitting duck. It could be hacked into in less time than what you have taken to read this post or more specifically till this line.

A hacked network node can then be used to steal data including location information of users, launch DDoS attacks and access other network functions and slices belonging to other business users. Lack of a one-on-one mapping between applications and the intermittent identities creates a situation wherein a hacker could hijack a layer and move laterally to breach the core network as well. Thus, with the addition of each network slice, the cumulative cyber risk could grow exponentially.

Lack of a zero-trust approach and adaptive security monitoring can hamper any effort designed to secure 5G. Thus, it is not just about understanding 5G cybersecurity and the evolving threat landscape but it is also about acting diligently to secure 5G against such threats.

You don’t have to learn to live with such cyber risks and threats. Subex Secure has been working to secure 5G for a while.

Our offerings help:

  • Detect and contain latent malware.
  • Prevent malware from moving laterally.
  • Discover rogue/unauthorized devices on the network.
  • Identify anomalous network activity.
  • Deflect cyberattacks through decoys.
  • Protect devices and data streams.

Secure your 5G assets using Subex Secure’s Solutions and deter Cyberthreats immediately.

Schedule a demo

Maritime cybersecurity: cyber threats expected to rise exponentially this year

While the 220,000-ton, 400-metre-long Ever Given a ship that is currently causing a traffic jam in the Suez Canal, is bagging all attention, maritime companies are having to deal with another threat that has emerged in the last couple of years and threatens to destabilize the industry and cause irrecoverable harm to business.

Along with piracy, cyber-attacks have now become a persistent risk for maritime organizations. The sheer intensity, persistence, and diversity of attacks on ships and offshore infrastructure is now reaching alarming levels. Here are some facts that were revealed by Subex Secure’s threat research team:

  • The average time between a reconnaissance attack and a full-blown attack in the maritime industry is just 11 days.
  • It is also one of the industries where hackers take the least amount of time to monetize a cyberattack.
  • Cyber-attacks are primarily targeting navigation and tracking systems, off-shore data dumps, shore-based coordination facilities, ports and ship building infrastructure.

Maritime cybersecurity: cyber threats expected to rise exponentially this year

These attacks are coordinated and carried out from multiple geographies after morphing the base IP address. There seems to be an element of involvement of state-backed hacking groups on freighters and oil tankers. Subex’s team was able to identify at least two instances where cyber-attacks led to a breakdown of some aspects of on-sea navigation systems belonging to ships. The crew in both cases simply reset the affected parts and recalibrated navigation data using satcom before moving on.

Both the instances were not investigated subsequently when the ships concerned docked at a major port in South East Asia. The very fact that such incidents occurred while the ships were in the middle of an ocean and far away from any help highlights the gravity of the situation.

This is nothing short of a crisis for the industry and the companies involved.

Such instances are now becoming more common. Which is why Subex Secure has decided to help maritime agencies to address this challenge. Subex Secure is already working with the leading maritime agencies and shipping supply chain companies to secure the sector.

We are already deployed on maritime vessels crisscrossing all major oceans as well as offshore facilities connected with the maritime sector.

Talk to us now to learn how we can help your maritime company.

Secure your maritime Company using Subex Secure’s Solutions and deter Cyberthreats immediately.

Schedule a demo

Privilege mining: 2021’s single biggest cybersecurity threat for enterprises

With hackers deploying sophisticated breach tactics, the traditional way of keeping hackers outside the perimeter is no longer a viable strategy to prevent breachers. In the year 2020, based on the data we saw on the Dark Web, we were able to ascertain that stolen credentials and privileges were not just used but were being mined to maximize the footprint of a breach as well.

In June last year, a leading heavy equipment manufacturer in Europe was breached. Hackers used the stolen credentials to skim more credentials and finally access the Intellectual Property (IP) vault of this company which didn’t just have critical IP data but also credentials for other vaults holding joint IP with vendors. Needless to say, most of this information made its way into shady market places trading such information.

Privilege mining, wherein the hackers move horizontally and vertically across digital infrastructures using a series of credentials stolen on the go is now the biggest cyber threat out there. Tons of credentials and network information from previous breaches have created opportunities for hackers like never before. Even at a conservative scale, this information could be enough to sustain cyberattacks well into 2023.

It is therefore prudent to exercise diligence and caution and take the following steps immediately irrespective of your threat perception:

  • Reset passwords across the enterprise and accounts
  • Use multi-factor authentication
  • Segregate networks, deeply monitor zones of convergence between tech streams such IoT, Operational Technology and IT
  • Use a solution such as Subex Secure to protect all components of your infrastructure including devices, networks, and systems

Talk to us now to learn more about improving your cybersecurity posture to deter hackers

Schedule a demo

Supply chain poisoning is an imminent concern

Recently, the Government Accountability Office, the US government watchdog found that cybersecurity practices for 5 major weapon systems were inadequate. There were security gaps in the acquisition process, with three of five programs reviewed lacking any cybersecurity requirements in their contract awards.

This also means:

  • Supply chain poisoning and contamination and trojanising input lines remains a source of concern
  • Critical projects could be compromised at will by hacker groups
  • Core system and infrastructure can be rendered inoperable or inaccessible during times of crisis to degrade the quality of response
  • Laterally moving malware could target other wings of the US government as well by exploiting such vulnerabilities

Improving cybersecurity posture is all about working consistently with diligence and discipline to address gaps and vulnerabilities. It also requires a solution that can prevent such gaps from impacting your infrastructure while you work to address them.

Subex Secure is a proven and hardened cybersecurity solution that can secure networks, devices, and converged environments. Features such as early threat detection, comprehensive threat intelligence, multi-level detection capabilities, device discovery, and a high level of anomaly sensitivity render it a vital piece of your cyber armor.

We can set up a no-obligation proof of concept demo to show how it can protect your business. Talk to us now. Don’t wait till you are breached.

Why 2021 could be the best year yet for Cybersecurity for your business

Yes, you have heard it right. After all the bad news that we heard in 2020 ending with the SolarWinds episode in December, it is now time to set things moving in the right direction. Five things went wrong in 2020:

  • Significant distraction and disruption caused by the Covid-19 pandemic induced changes at the workplace
  • Cybersecurity was not given enough attention from a resourcing perspective globally
  • Tech teams were not imaginative enough to figure out what could be attacked
  • Employees were not sensitized enough on the need to remain cyber aware
  • 600 percent rise in stolen data appearing online as per Subex’s threat research team

The New Year gives us a chance to fix and improve our cybersecurity posture. Last week we told you about 5 cost-effective and easy ways to do that. Beyond these measures, this is also the right time to look at revamping your cybersecurity priorities and paying attention to the right areas. Subex’s threat research team has found that the volume of cyberattacks has reduced in the last 10 days but is expected to pick up as we approach February 2021.

February has traditionally seen the launch of new malware and new methods of cyberattacks by hackers. So, it is not advisable to wait till then to build cyber resilience. A discussion with our experts will help you reach there faster.

Subex has been protecting cyberspace for a while now. Our IoT and OT cybersecurity solutions along with SOC services and a cyber deception solution can go a long way in protecting your business.
All our customers stayed safe in 2020 and were able to focus on their business priorities.  You can learn more about them here, here, and here.

Don’t let the hackers gain an upper hand.

Nat will be glad to help in case you wish to learn more. You can drop her a line: natalie.smith@subex.com.

2020, a wake-up call for cybersecurity

Less than 15 days to go before the year ends but hackers are yet to take a break.

This week we heard how alleged state-backed hackers managed to use network management software updates to smuggle malware into the networks of government and corporate clients who downloaded the updates from an IT infrastructure management platform. The malware in this case can be used to conduct espionage on a grand scale.

According to Cybersecurity Ventures in 2021 there will be a cyberattack every 11 seconds. Also, according to them, by the measure of GDP, cybercrime will cost us enough to create the third-largest (virtual) economy in the world at USD 6.1 trillion.  Hackers have engineered and re-engineered malware across domains and industries and have created a huge war chest to invest in improving the quality of cyberattacks in the near future.

Using domain fronting, hackers can trick servers into allowing malware-laden traffic on scales that have never been seen before. Here are the five things hackers got right this year:

  • They exploited the confusion caused by the pandemic well and created new opportunities
  • Ransomware R&D cycles were considerably shrunk which is why we saw a flood of ransomware in the last 6 months
  • They attacked in waves with each wave bringing more complexity and stealth in the mode of attacks
  • Use of new and more legitimate intermediaries to steal data: at least one site was found to ask users to share their credentials to check if they have been breached or not. The problem. The site was found to be operated by a company with a questionable background
  • Phishing attacks became more sophisticated: from asking recipients to register for a vaccine to enforcing a government mandate, we saw it all this year

Hackers can shift focus easily, moving from one target to another. Unfortunately, you cannot move from one grade of cyber defense posture to another to outwit them that fast. Unless your cyber resilience posture is agile enough. Matching steps with hackers will help you prevent cyberattacks while staying a step ahead of them can help deter cyberattacks.

Subex has been helping our customers do just that across industries. As a leading IoT and OT cybersecurity vendor, we are today defending some of the toughest and hardest to secure installations in the world.

And here is the proof of value delivered by Subex: this is how we are securing a telco a smart city project and North America’s leading manufacturer.

Our customers stayed safe while their counterparts turned victims throughout 2020.

You can visit us here to know more about our offerings or drop us a line to natalie.smith@subex.com to continue this conversation.

What the SolarWinds episode has taught us so far

Unless you have been on a digital detox vacation, you must have heard of the SolarWinds breach. Just to refresh your memory, multiple US government agencies were compromised by pushing a trojanized update. Post installation, this update allowed the hacker to conduct multi-level reconnaissance, modify user privileges, move laterally into other critical environments and compromise the data.

The scope and scale of this breach has ‘shaken cyber defenders and governments alike. It is now time to focus on the takeaways from this incident.

  • Cyber supply chain awareness: a dual-purpose risk assesment should be conducted to assess the state of security emanating from third-party solutions and evaluating the implications of such risks
  • Finding the right cybersecurity models: such models and frameworks should be able to uncover security gaps and prioritize them. Businesses should work towards constantly reviewing these models while keeping their risk appetite to the lowest level possible
  • There is no ‘business as usual’ for cybersecurity: in 2021, the new normal will be about being cyber risk aware at all times. Cybersecurity teams will have to overwork their imaginations to identify new sources of vulnerabilities
  • Developer access management: the backdoor introduced by the hacker must have been in a file not often accessed by developers (a developers account must have also been compromised). If developer access was managed diligently and reviewed to check for anomalies, the breach would have been discovered earlier.
  • Trust is dangerous: as many such episodes before have shown, trust should not be be implicit, explicit or stated with caution. Instead trust should be established on a session to session, device to session and connection to connection and time basis. No entity should be allowed to transact for long durations from a position of trust no matter the level of privilege. Zero trust should be the way forward

Subex has been working to secure businesses in all livable continents for over two decades now. Our offerings use a blend of tactics to introduce layered security including discovery of rogue and compromised assets.

As of today, we are securing some of the toughest and hard to secure OT and IOT-based deployments globally. We can help you improve your cybersecurity posture to secure your assets.

In just under 45 minutes, we can tell you how our solution can keep such episodes of grief at bay.

Get in touch with natalie.smith@subex.com  to learn more

Cybersecurity challenges and trends that will mark 2021

As 2021 emerges on the horizon, here are the top trends that our threat researchers feel will define the New Year.

Ransomware propagation: the first quarter of 2021 will provide some respite to cybersecurity teams battling ransomware. Already we are seeing signs of a slowdown as malware developers are investing more time in developing new ransomware. This respite is however temporary as new and stronger ransomware and variants will start emerging from April.

Attack fatigue: nation state actors have shown signs of fatigue setting in. After ruthlessly targeting vulnerable sectors such as healthcare and manufacturing during the pandemic, many hackers have retreated to the comfort of their basements. This trend is expected to continue till the end of Jan 2021.

Manufacturing, retail and healthcare on the radar: attacks on these sectors will intensify.

Media and entertainment (M&E) industry will be most impacted sector in 2021. This is based on the trends we are currently seeing especially the activity in the malware forums we are tracking.

Deep fake videos will be weaponized with greater intensity as part of multi-stage phishing campaigns

Botnet farms to increase: as 5G rollout gathers pace, more IoT devices will be added some of which will not have the bare minimal levels of security in place.

Industrial control systems to bear the brunt of sophisticated attacks. Industrial espionage at a large scale will hit energy, power, oil, gas and manufacturing companies

Data stored on public cloud will be the target of cloud jacking in a more organized manner

Subex is here to help
We will be glad to help you address your security challenges in the New Year. At Subex, we have a robust and evolved IoT and OT security solution backed by consulting and SoC services tailored to your unique cybersecurity needs.

Subex is today securing the business of its customers around the world. Our suite of solutions bring features such as cyber deception, device discovery, threat detection and deflection and prevention of lateral movement of threats. These are essential to keep your business safe and protected.

You can visit us here to know more about our offerings or drop us a line to natalie.smith@subex.com to continue this conversation.

What’s next for healthcare cybersecurity in 2021?

What’s next for healthcare cybersecurity in 2021?

The year 2020 saw the highest increase in cyberattacks registered by a single sector ever. The health-care industry in the second quarter of the year saw a 63 percent rise (from the previous quarter) in sophisticated attacks while Q3 saw a 39 percent increase. Put together, this has set the warning bells ringing across CERT teams and cybersecurity vendors trying hard to stop these cyberattacks from derailing the ongoing fight against the Covid-19 pandemic.

The mode of attack
In over 79 percent of the attacks, healthcare service providers were kept away from critical data including patient records, device calibration information and administrative documentation. Such data was held to ransom to put psychological stress on these healthcare institutions (many of whom had frontline Covid-19 healthcare workers) to pay off steep ransom to free their data. This cycle has repeated innumerable times this year.

The hackers also exposed several weaknesses in the way healthcare institutions approach cybersecurity:

  • Use of unpatched and outdated software that is well past its prime as well as untested collaborative platforms
  • Less than secure data storage practices
  • Lax attention to cybersecurity
  • Lack of a proactive and complete outlook towards cybersecurity
  • Lack of employee sensitization on cybersecurity threats

As many as 42 percent of healthcare institutions we spoke to this year had experienced some form of breach due to a cyberattack. Majority of them (71 percent) paid the ransom quietly and got their data back. The others did not respond to questions on what happened after the cyber-attack citing confidentiality reasons.

“Hackers view healthcare institutions as easy targets for a cyberattack because of prevailing practices and pre-existing vulnerabilities that have been around for years, if not decades. This is also one of the sectors where the time taken to monetize a cyberattack is the shortest. Together these two factors have contributed immensely in turning healthcare into one of the most vulnerable sectors out there. In many ways, the cybersecurity journey of many healthcare providers is just starting,” said Kiran Zachariah, VP Digital Security at Subex.       

Looking ahead
The volume of cyberattacks is not expected to decrease in 2021. But we are expecting healthcare service providers to mount a strong challenge to hackers and to move away from being easy targets for malware developers and other adversarial entities. We are expecting attacks on R&D institutions to rise significantly as hackers shift their attention to the results Covid-19 vaccines are getting from real-world trials. Such attention will extend to other areas witnessing frenzied R&D efforts.

Healthcare institutions need to ramp up their cybersecurity efforts and increase the distance between them and hackers. Wasting hackers’ machinations through deception and by deploying solutions that detect and contain attacks early is one option to consider.

Subex is here to help
Subex Secure is a suite of solutions that includes Subex Secure Edgetech, Subex Secure Threat Intelligence and Subex Secure Security Operations Center services. Our OT and IoT security solution Subex Secure is agentless, non-intrusive, and built for discovery, detection, mitigation, and protection. It can passively and actively discover devices and their vulnerabilities and contain threats and prevent lateral movement through rapid digital detention. It can be deployed to scale and in a staggered and proactively flags threats and vulnerabilities through a 3-step filter process.

We can help you improve your cybersecurity posture so that you can focus your energy and attention towards fighting Covid-19 and other healthcare challenges out there. Connect with natalie.smith@subex.com to learn more.

Get Started with Subex

Schedule a Demo
close slider




I consent to receive communications from Subex Limited. Confirm Opt-In