menu-close
search-icon
banner

Category Archives: Cyber Security

Cyber resilience through deception

Organizations are leaving no stone unturned in their effort to improve their cybersecurity posture. Be it SIEM, EDR, deep network analysis, behavioral analytics and more. Yet, there is no respite from bad actors operating with impunity. Cyber peace of mind is still elusive.

Security through deception

Hackers move very fast. They run scans to easily scan, determine what is exploitable, and step back before you figure out their game. It is unlikely that you will be able to match pace with their speed. So, you need cybersecurity solutions that cannot be detected and can deceive these hackers.

IOT Cyber Threats

Department of Homeland Security and NIST frameworks now mandate deception technology. MITRE has introduced the Shield knowledge base, to encourage active defense and adversary engagement approaches. Deception, tech makes it harder for attackers to find their targets and wastes their efforts while slowing down attacks. A simple example of deception is planting fake and deceptive resources embedded with stealthy capabilities abilities such as setting up a beacon in a file. When a hacker opens or copies that file an alert is triggered.

When you organize a distributed deception strategy, attackers will be forced to encounter and engage deceptions realistic enough even on systems with low-risk. Their actions then trigger positive alerts that are 100 percent genuine giving cybersecurity teams enough time to stop them. Thus, deception is a proactive defense strategy that avoids the traditional wait and watch game.

Deceive to defeat
Such an approach to cybersecurity is a must if you want to tie-down bad actors and present a strong sense of cyber deterrence to them as part of a holistic cybersecurity strategy. By using distributed deception, you can keep your cyber adversaries chasing worthless cyber mirages while your security team takes them down. Your digital crown jewels are neatly stashed away safe from harm.

 

Defense-in-depth with layered digital deception
Subex Secure Cyber Deception is a mature solution that is built with layered digital randomness to confuse your adversaries. It works to deceive at multiple levels including networks, assets, data and people. Thus, it keeps hackers chasing a series of endless loops of perceived valuable assets while you identify and eliminate them.

Contact sai.kunchapu@subex.com to learn more about this offering

Read our latest threat landscape report to learn about cyber threats you need to know about.

A big basket of cyberthreats

In the last few weeks, there have been a few major cyber attacks on Indian companies. The most notable one was that of a start-up whose customer data was released on the Dark Web because they refused to pay ransom to the hacker group behind the breach. The data belonging to over 2 crore customers was up for sale for USD 40,000.

Are Indian companies that vulnerable to cyberattacks? The answer is yes. A combination of poor cybersecurity posture, lack of employee sensitivity, attention from state-backed hacker groups located in countries with adversarial intent, and sheer apathy towards embracing basic cybersecurity hygiene practices have started to hurt.

Cyber Threats for all Business

Subex’s research has found that in many cases, an increased cybersecurity budget denoted money spent in putting systems back online after a breach. Our researchers were among the first ones to call out attention to the cyber threat posed by the ongoing pandemic to businesses.

We were also the first cybersecurity vendor to identify and call out the persistent threat from 3 groups based in a neighboring country that were targeting us.

Subex understands the landscape, threats, the actors, malware involved, and ways to defeat the machinations of these actors. This is why our solutions are fully geared to improve your cybersecurity posture and degrade the potency of online threats.

Contact sai.kunchapu@subex.com to learn more about how Subex can keep such threats at bay for your institution.

subexsecure iot security

Learn more about Subex

Maritime cybersecurity: defending the shipping industry against cyber pirates

Cybercriminals and malware that threaten to break maritime operational reliability, damage key systems, and delay cargo delivery carry more risks than what we can fathom. Infected systems can compromise navigation or propulsion, threatening ship safety itself as well as the marine environment. Even a medium-sized breach caused by a cyberattack can cripple an operator by imposing a prohibitive recovery cost.

The fact that the four largest carriers in the world have all been attacked in just the last three years underscores the vulnerability of the shipping industry as a whole. Onshore, shipping companies are just as vulnerable as their counterparts having maritime vessels. The decentralized shipping and logistics setup associated with shipping companies that often have a network of subsidiaries and agents most of whom have access to a broad range of information on the company’s servers and in some cases in vessels expands the attack surface available for hackers

cybersurcity threats for shipping

The UN shipping agency IMO itself came under attack a month ago. While the nature of malware and cyberattacks are changing, the cybersecurity posture adopted by shipping agencies and offshore companies connected with the Shipping Lanes of Commerce (SLOC) and the extended supply chains that run across oceans or involve a maritime component is not robust enough.

There are several reasons for this. Since the shipping industry was relatively isolated from onshore cyberattacks till a few years ago, the industry didn’t feel the need to evolve and deploy cyber resilience practices. The emergence of state-backed hacker groups or Advanced Persistent Threat Groups has changed the situation. These groups are working hard to targeted shipping companies associated with critical areas of the national economy in several countries.

Combating cyber risks
Addressing these risks begins with knowing your vulnerabilities and being prepared for a constant increase in cyber threats that are omnipresent and potent. The cyber pirates lurking in the depths and anonymity afforded by cyberspace are already targeting shipping companies and stealing their data and demanding ransom. Unlike the real world where navies and maritime defense forces defend SLOCs, oil tankers, and commercial vessels, the onus of asset cybersecurity lies squarely on the shipping company.

To deal with these rising threats, your business needs to be protected at various levels. Your cyber posture and cyber resilience strategy need to be deep and pro-active to not just defend but also to deter cybercriminals. You need to act to defend and convey trust to your stakeholders to ensure that your cargo moves from port to port in a secure manner while your vessel is adequately protected in cyberspace.

Only a cybersecurity partner with deep expertise and solutions can help you in that endeavor. We at Subex are already working with global shipping companies to secure their assets. We can help you uncover and address threats while staying cyber resilient.

Proof of Value – get in touch with Natalie.smith@subex.com to book a no-obligation consulting slot, right away. If you mail us over the next 24 hours you can avail a special package designed for your business. Let’s fight this menace together.

subexsecure iot security

How IoT Security Impacts the Telecom Industry

According to our in-house research and published information obtained from research firms, telecom service providers including MVNOs and M2M connectivity providers suffered the highest volume of breach of sensitive customer information through DNS attacks. With the addition of the Internet of Things, data security takes a whole new level of significance for connectivity service providers.

In the last two years, many IoT and critical infrastructure projects involving telcos have been impacted by issues related to loT Connectivity Security leading to delay in project outcomes or projects being abandoned altogether.

This has had a clear impact on the margins of telcos as well since many of these were proof of concept projects that could theoretically have led to an increase in the number of endpoints on their network, increased data consumption, and direct revenue as a result of connectivity and managed services.

It is not just the revenue alone but the credibility and erosion of the enterprise customer base that telcos are staring at. With the emergence of other connectivity options such as satellite-based connectivity service providers, even the marketplace relevance of telcos is threatened.

It is no surprise therefore that telcos are now paying more attention to the machine to machine or M2M security practices, IoT security solutions, and cybersecurity postures that are aligned towards offering better security and assurance to customers. Telcom IoT security has therefore come into prominence like never before.

As the world battles a pandemic, there is another battle going on in parallel. Many enterprises and telcos have reported a surge in Coronavirus themed attacks designed to lure employees into downloading potent malware and application manipulation objects. This threatens telecom networks in a big way and telcos need to adapt their security posture to contain and eradicate this threat. Key elements of this change could include:

  • More focus on early detection and containment of suspicious activity and rogue devices
  • Use a Zero trust approach when it comes to enabling access to network resources
  • Work on segmenting networks or rather micro-segmenting them to prevent lateral movement of malware
  • Sensitize employees and all stakeholders to align them towards heightened awareness of cybersecurity
  • Invest in identifying threats across the spectrum including emerging ones
  • Deploy a cyber resilience strategy that prevents disruption

telcos cybersecurity

Monetizing cybersecurity has been a holy grail of sorts for telcos. On the one hand, they have to deal with meeting their security needs while on the other they have to also ensure that the deployments hosted on their networks are also secure and cyber resilient.

Recently, a leading mobile virtual network operator was able to not just monetize cybersecurity, but also use it as a vector to deepen their existing relationship with premium customers. The result – a significant increase in additional revenue. What’s more, they were also able to stay protected against malware that impaired some of their competitors and their large customers. The average savings per breach ranged from USD 250,000 to over a million. These numbers are rising as the threat environment continues to deteriorate.

The gains lodged from strengthening the profitability of key relationships – priceless. Subex Secure is powering this endeavor.

You can read this unique case study here.

IOT / OT Cybersecurity Company

To know more about Subexsecure’s offerings and to schedule a demo, call: +91 80 6659 8700

Click here to know more about how Subexsecure has been working with telcos across the globe to secure the IoT initiatives adopted by their customers.

8 Biggest Security Challenges for IoT security practitioners

IoT Cybersecurity, loT asset Protection, loT Risk Detection, and mitigation are key components of any loT security consulting exercise. With the increasing adoption of IoT in the post-pandemic environment, the threats to IoT deployments have also grown substantially. While cybersecurity practitioners are working towards fully understanding the cybersecurity implications of the ‘New Normal’, a few factors do stand out when it comes to IoT risk assessment and mitigation.

In this post, we identify the 8 biggest IoT cybersecurity challenges that have emerged in the last 8 months.

  1. The emergence of new actors: the last few months have seen the emergence of more sophisticated threat actors as many white hat hackers went rogue due to the absence of projects to work on. Besides, the demand for hackers from APT groups and other disruptive agencies has also increased manifold leading to these players running large recruitment campaigns on the Dark Web and forums to recruit new hackers.
  2. The pandemic has exposed several weaknesses that exist in the digital transformation matrix of various organizations including lack of multi-factor authentication, communication authentication issues, use of untested applications for collaboration and lack of sufficient cybersecurity oversight on key isolated and air-gapped infrastructure elements
  3. Rogue devices: virtualized rouge devices remotely controlled by hackers operating out of large device farms have been known to latch on to unprotected networks pretending to be legitimate devices. This challenge has grown substantially in the last few months because of the lack of device discovery options
  4. Perimeter focused security: use of firewalls and other mechanisms to control traffic at the gate left the core systems and networks vulnerable to rogue insider activity.
  5. Diffused workforce operating out of remote locations (work from home) accessing networks through compromised devices has become a matter of significant concern.
  6. Some IoT projects are in remote places that are not easily accessible. In such locations, hackers might use physical means to compromise devices and networks in-situ
  7. Easy availability of malware: malware shops have in the last 180 days dumped huge collections of highly potent malware some of which target yet to be uncovered vulnerabilities.
  8. Vast adoption of IoT without paying adequate attention to cybersecurity has led to a situation where many of the new IoT projects have become sitting ducks for hackers. Some of these projects may already have been compromised.

This indicates the gravity of the problem at hand. Some of the threats fall under the unknown unknown category which means that it will be a while before they are discovered and addressed.

 IoT cybersecurity

 

It is high time we set aside traditional approaches to IoT risk detection and management and embrace new ones that will contain and eliminate new threats.

Embracing a zero-trust security approach that relies on renewing trust subscriptions frequently within the same active session is also the way forward.

IOT / OT Cybersecurity Company

To know more about Subexsecure’s offerings and to schedule a demo, call: +91 80 6659 8700

Click here to know more about how Subexsecure has been working with telcos across the globe to secure the IoT initiatives adopted by their customers.

Five ways to profit from IoT and OT cybersecurity

Yes, you have heard it right. IoT and OT  cybersecurity needn’t be a cost center for your organization. Investing in the right cybersecurity tools, strategies and relationships can deliver many benefits for your organization. Consider these advantages that cybersecurity delivers (derived from actual use cases that Subex was involved in):

  • New avenue for innovation: one of our customers in North America has started using a cybersecurity lab to identify and eliminate redundant processes thereby streamlining workflows for gaining efficiency
  • Staying afloat in testing times: yet another one of customers, a leading manufacturer, was able to remain operational and profitable while the competition was attacked using data gathered from an industry association. In industry segments where the margins are low, this can mean the difference between mere survival in the market and growth
  • Monetizing cybersecurity:  one of our customers has incorporated the higher level of service assurance delivered by them in one of their packages that are offered to overseas customers at a premium
  • Compliance cost savings: repeated studies have shown that investments in cybersecurity can help reduce legal compliance costs as also costs incurred in the recovery or paying damages to victims or even employees. Savings is earnings
  • Earn through insights: businesses that invest in cybersecurity also stand to turn into insight-driven enterprises as investing in cybersecurity without making adequate provisions for gathering, presenting and analyzing insights is simply impossible.

With increasing investments in IoT and OT deployments, cybersecurity has to get more attention and resource allocation. In addition, we also need to look at innovative ways to make cybersecurity measures pay for themselves.

In the post-pandemic world, cybersecurity will be one of the pillars of growth and customer trust. Don’t miss out on this chance to revisit your cybersecurity priorities.

 

Corona Virus proyecta una sombra en el ciberespacio

Mientras que los gobiernos, las empresas, las agencias intergubernamentales y las agencias sin fines de lucro están ocupados lidiando con la caída de la enfermedad por Coronavirus (COVID-19), ciertos grupos con intenciones maliciosas están utilizando el brote como una oportunidad para lanzar ataques cibernéticos y paralizar la infraestructura crítica y otros activos conectados a través de la ingeniería social.

En los últimos 26 días, el honeypot global de Subex ha registrado un ligero descenso en los ataques directos, mientras que el volumen de correos electrónicos de phishing y otras actividades de ingeniería social específicas ha crecido significativamente. Nuestros investigadores informan un aumento del 49 por ciento en los ataques de ingeniería social a través de una variedad de canales en todos los continentes.

Coronavirus es el último tema.

Estos son lo que llamamos ataques temáticos que se basan en un susto o ansiedad global creada por un evento que influye en los ciudadanos a nivel personal.

Los piratas informáticos han lanzado alrededor de 23 extensiones de archivos comunes (incluidos zip, mp3, mp4, xlsx, docx, EPS) en los últimos 26 días. Estos archivos tienen una carga maliciosa que podría encriptar archivos, robar / filtrar datos, dejar puertas traseras e incluso dañar datos.

Los tipos de archivo incluyen:

Corona_health_update.pdf (atribuido a los centros para el control de enfermedades)

Origin-of-corona_cnn.mp4

Covid19_Mandatory_work_from_measures.pdf (propagado usando plataformas de mensajería instantánea)

Corona_safety_alert.docx

Secondary_corona_infections.pdf

Correos electrónicos que contienen líneas de asunto como “emergencia de coronavirus declarada” “1000 muertes por coronavirus en las últimas 16 horas” Este medicamento podría salvarle la vida de la corona “. También se han encontrado correos electrónicos que buscan donaciones en nombre de la OMS.

Los volúmenes entrantes de estos archivos infectados varían con los anuncios de salud de los gobiernos y hemos visto 3 ventanas claras para la detección de dichos archivos infectados.

7 am a 9:30 am GMT

3 p.m. a 3:30 p.m. GMT

8 p.m. a 9 p.m. GMT

El tráfico de Malware de una importante red de bots en el noroeste de Asia se ha reducido significativamente, mientras que otras tres posibles redes de bots en la región informan una reducción en el volumen de tráfico saliente.

¿Dónde se ha ido todo el Malware?

En la última mitad de 2019, hubo una aceptación significativa en la compra de Malware potente en tiendas y foros de Malware. Dicho Malware se lanzó en lotes incrementales con una reingeniería mínima para evitar la detección. Esta actividad se aceleró a fines de enero (2020), pero a mediados de febrero (2020), el número de nuevos programas maliciosos registrados mostró una disminución global a medida que los piratas informáticos cambiaron las tácticas para crear oportunidades utilizando la ingeniería social.

Nuestros investigadores también han encontrado una ligera reducción en los precios del Malware en el último mes. Lo que significa que la demanda de nuevo Malware ha disminuido.

Los grupos de piratas informáticos están utilizando el pánico y la ansiedad generados por el brote para evitar que sus víctimas analicen los correos electrónicos u otros enlaces sospechosos enviados a través de las redes sociales o las aplicaciones de mensajería instantánea. Los tiempos de angustia y ansiedad a menudo afectan el pensamiento racional y esto es con lo que cuentan los hackers para crear un problema mucho mayor.

Mantener la higiene cibernética.

Al igual que las medidas recomendadas por los profesionales de la salud para prevenir la propagación de la infección, en el ciberespacio también debemos tomar algunas precauciones para evitar que los grupos disruptivos utilicen la situación en su beneficio. Aquí hay algunos pasos recomendados:

  • Confíe en fuentes conocidas para actualizaciones de atención médica (entre ellas, la Organización Mundial de la Salud, gobiernos federales o regionales, publicaciones de renombre y sus profesionales de atención médica locales).
  • Evite la tentación de hacer clic en enlaces compartidos a través de redes sociales, aplicaciones de mensajería instantánea o cualquier otra fuente. De todos modos, las actualizaciones de noticias te llegarán, solo es cuestión de unos minutos. Pero si hace clic en un enlace sospechoso, podría terminar haciendo mucho más daño a corto y largo plazo a sus intereses comerciales / personales
  • Verifique la URL de los sitios web cuidadosamente cada vez. Si es posible, use los motores de búsqueda para llegar a los sitios en lugar de ingresar el texto de la URL directamente
  • Mantenga todo su software, sistema operativo, firmware y aplicaciones móviles actualizadas. No te saltes las actualizaciones.

Informe cualquier correo electrónico o URL sospechosos a sus equipos de ciberseguridad

Emotet On The Rise: Campaña de phishing de CoronaVirus

Descargar informe

Why cybersecurity can be a source of innovation for IoT projects

An interesting survey finding came my way almost a year ago that revealed that as much as 80 percent of projects falling in the Internet of Things domain didn’t utilize their data in its entirity. This means that most of the projects are configured to churn data that is futuristic in nature and may not be of much relevance to the stakeholders in the short run. This leads us to an interesting question. Can this huge volume of data being generated be put to some use after all?

There are various reasons why there is an overflow of data in such projects. The most agreeable one is that business owners are often pre-occupied with the need to get their hands on information that can justify their investments in such projects and in the process ignore data streams that cannot be monetized or deployed to improve efficiency, productivity or preventive maintenance practices. Such a myopic view can indeed lead to value stagnation in the long run for such projects.

A Spanish company had deployed a set of temperature sensors across its offices to monitor the ambient temperature. The data showed the existence of islands of significant temperature variation across floors. The company didn’t invest any time or resources in determining how such differences affect the productivity of employees or outcomes of meetings. Yes it would need a stretch of effort to figure this out but then its not impossible.

In another instance, a well-known retailer in South-East Asia is currently accessing information on supply chain efficiency across various points in the chain using IoT. However, this entity is still ignoring information on ambient weather conditions that are also collected alongside the data gathered by various sensor and device configurations. Again the weather information in this instance could be correlated with supply chain efficiency to determine the best weather conditions for movement of goods and supplies as also to avoid conditions that might adversely impact movement.

There are many such examples of businesses ignoring data already available to further their business interests.

Linking cybersecurity

IoT is one of the few enabling technologies that still have a long way to go when it comes to cybersecurity. Often times, proof of concept projectsrun without security coming into the picture in any form or manner. The capital and resources invested in the project are thus rendered vulnerable to a possible cyberattack. A sizeable one could lead to the project being shelved complety – a possibility that is not just a remote possibility but is happening more often than it should.

Given the significance that security entails,

Cybersecurity could be considered as an avenue for innovation. There is no reason why businesses shouldn’t be thinking and acting this way. Let me elaborate. For one, cybersecurity is all about doing more with all the data available. It is also about getting deeper into data to determine how and why data is behaving the way it is (is it under the influence of malware or has it been subject to some form of compromise?).

Attention to data for purposes of cybersecurity can yield remarkable results. It can make decision makers aware of the quantum and content of data that they are drawing from sensors and devices and therefore put it to better use. Financial services entities and retailers can take the lead in this arena. By making businesses delve deeper into data patterns, organizations are rendered more data-sensitive thereby opening avenues to better use and deploy data. And this could enable competitive differentiation and innovation across the enterprise.

Data awareness could also reduce the rate of failure of proof of concept projects. It could lead to customer delight as well when used in the right way to give actionable data and insights. A large aircraft manufacturer recently found out the hard way how ignoring basic data could be a perilous endeavor. The lesson, therefore, is clear and apparent.

Cybersecurity, when viewed as an enabler of innovation, could also lead to greater investments in time, attention and resources in securing enterprises. This holds good for all businesses irrespective of their size, maturity or market addressed.

To read the latest State of IoT Security reports

Download now!

Corona Virus casts a shadow in cyberspace

While governments, businesses, inter-governmental agencies, and not-for-profit agencies are busy dealing with the fall out of the Coronavirus disease (COVID-19), certain groups with malicious intent are using the outbreak as an opportunity to launch cyberattacks and cripple critical infrastructure and other connected assets through social engineering.

In the last 26 days, Subex’s global honeypot has registered a slight dip in direct attacks while the volume of phishing emails and other targeted social engineering activity has grown significantly. Our researchers are reporting a 49 percent rise in social engineering attacks through a variety of channels across continents.

Coronavirus is the latest theme

These are what we call themed attacks that ride on a global scare or anxiety created by an event that influences citizens at a personal level.

About 23 common file extensions (including zip, mp3, mp4, xlsx, docx, EPS) have been released by hackers in the last 26 days. These files have a malicious payload that could encrypt files, steal/exfiltrate data, drop backdoors and even corrupt data.

File types include:

Corona_health_update.pdf (attributed to centers for disease control)

Origin-of-corona_cnn.mp4

Covid19_Mandatory_work_from_measures.pdf (spread using instant messaging platforms)

Corona_safety_alert.docx

Secondary_corona_infections.pdf

Emails containing subject lines such as “coronavirus emergency declared” “1000 coronavirus deaths in last 16 hours” This drug could save your life from corona”. Emails seeking donations in the name of WHO have also been found.

The in-bound volumes of these infected files vary with healthcare announcements by governments and we have seen 3 clear windows for detection of such infected files.

7 am to 9:30 am GMT

3 pm to 3:30 PM GMT

8 pm to 9 pm GMT

Malware traffic from a major botnet in North West Asia has reduced significantly while three other possible botnets in the region are reporting a reduction in the volume of outbound traffic.

Where has all the malware gone?

In the last half of 2019, there was a significant uptake in the purchase of potent malware from across malware shops and forums. Such malware was then released in incremental batches with minimal reengineering to avoid detection. This activity picked pace towards the end of January (2020) but by mid-February (2020), the number of new malware reported registered a global decline as hackers shifted tactics towards creating opportunities using social engineering.

Our researchers have also found a slight reduction in malware prices in the last month. Which means that the demand for new malware has come down.

Hacker groups are using the panic and anxiety generated by the outbreak to prevent their victims from scrutinizing emails or other suspicious links forwarded via social media or instant messaging applications. Times of distress and anxiety often take a toll on rational thinking and this is what hackers are counting on to create a much larger problem.

Maintain cyber-hygiene

Similar to the measures recommended by healthcare professionals to prevent the spread of infection, in cyberspace also we need to take a few precautions to prevent disruptive groups from utilizing the situation to their advantage. Here are a few recommended steps:

  • Rely on known sources for healthcare updates (these include the World Health Organization, federal or regional governments, publications of repute and your local healthcare professionals.
  • Avoid the temptation to click on links shared via social media, instant messaging applications or any other source. News updates will anyway reach you it is just a matter of a few minutes. But if you click on a suspicious link, you could end up doing far more damage in the short and long term to your business\personal interests
  • Check the URL of websites carefully every time. If possible use search engines to reach sites rather than entering the URL text directly
  • Keep all your software, OS, firmware and mobile applications updated. Do not skip updates.

Report any suspicious emails or URLs to your cybersecurity teams

Emotet On The Rise: CoronaVirus Phishing Campaign

Download Report

Cybersecurity trends to watch out for in 2020

The adoption of IoT is growing globally. Today, active sensors are monitoring and reporting on everything from weather conditions, traffic, power consumption, water pressure, among others. Smart technology is everywhere, enabling cities, people, and governments to do more.

It won’t be an exaggeration to say that the IoT boom is already here. But as more and more sensors and devices are connected to the internet, cybercriminals gain more opportunities to leverage unattended vulnerabilities. IoT botnets can compromise and leverage thousands of such devices to wreak havoc on deployments.

2019 saw a range of attacks on IoT infrastructure. Wicked, OMG Mirai, Triton, Shamoon, ADB.Miner, DoubleDoor, Hide ‘N Seek, and Mirai-Variant IoT Botnets were widely seen in cyberattacks around the world.

2020 will see hackers go after data with increased zeal. This includes highjacking devices as part of Advanced Persistent Threat attacks and using them to gain access to sensitive data and IP, which could be held for ransom. The sectors that will attract maximum attacks in South America include oil and gas, infrastructure, utilities, defense, and retail. Attacks bearing a geopolitical motive are also expected to increase this year.

Regional hackers have figured out that businesses are more willing to pay ransoms to prevent such data from being published online or on the dark web. This they are working to target devices and networks to pilfer data and record conversations of value. Another tactic gaining currency is data poisoning wherein inaccurate information is fed into decision making systems to disrupt large systems.

Publishing zero-day vulnerabilities without taking the vendor into confidence or giving them reaction time to patch devices creates a unique advantage for hackers as they can take advantage of such vulnerabilities to create widespread damage. This trend will persist in 2020, albeit with vendors turning more cooperative, responsive, and with more information being made available, lesser instances will come to the fore.

With more businesses using bots to log data in CRM\ERP or other business management software, the data accessed by such bots are becoming more critical with each passing year. By spoofing identity, hackers can gain access to critical systems and then use such bots to exfiltrate data, and since most of these bots are today working with very little monitoring, an attack could theoretically last months or even years, if they go undetected.

Three key target sectors in 2020

  • Manufacturing
  • Retail
  • Financial services

Three trends that will continue in 2020

  • Increasing reconnaissance on critical infrastructure projects
  • Phased attacks on new IoT projects
  • Price of malware sold on forums will rise further this year (because of the demand-supply imbalance)

As geopolitical faults expand, cyberwarfare has turned deadlier. Today actors sponsored by nation-states are investing in AI-based offenses to harass their adversaries. Geopolitical attacks are now targeting critical industrial systems, utilities, smart devices, renewable energy farms, offshore oil rigs, and more. With agencies finding it difficult to suppress information on such attacks from leaking out into the mass media, hackers are getting more aggressive as the impact of their work becomes more visible, monetarily rewarding, and discussed.

The global network of botnets will also grow and expand in terms of devices and countries in 2020. This is one trend that refuses to move into negative territory because of various reasons.

Sectors such as banking and financial services, healthcare, oil and gas, and retail will continue to attract attention from hackers in 2020. The attacks will get more sophisticated, and the attack signature will turn even paler as hackers use newer tactics and strategies to breach networks.

On the response front, as this article is being written, we are seeing cybersecurity being addressed through “codes of practice” and “guidelines.” The government of California has openly come out with its resolve to make businesses do more towards securing their infrastructure, and others will follow in 2020. What is still missing is a coordinated effort to address the problem at hand. Cybersecurity will remain a half-hearted battle until all stakeholders join hands and launch a concerted effort to curb the menace.

Globally, cybercrimes cost over $600 bn in damages in 2019. No nation is rich enough to afford such a colossal loss individually or collectively. Instead, if this money were to be deployed for improving healthcare, generating employment, and improving civic infrastructure, the magnitude of the damage becomes more apparent. Hopefully, 2020 will be the year where we see more coordination between stakeholders. Such a collaboration is inevitable if we are to see lasting progress in the war on cybercrimes.

Get Started with Subex

Schedule a Demo
close slider




    I consent to receive communications from Subex Limited. Confirm Opt-In