Category Archives: IoT

Why 2021 could be the best year yet for Cybersecurity for your business

Yes, you have heard it right. After all the bad news that we heard in 2020 ending with the SolarWinds episode in December, it is now time to set things moving in the right direction. Five things went wrong in 2020:

  • Significant distraction and disruption caused by the Covid-19 pandemic induced changes at the workplace
  • Cybersecurity was not given enough attention from a resourcing perspective globally
  • Tech teams were not imaginative enough to figure out what could be attacked
  • Employees were not sensitized enough on the need to remain cyber aware
  • 600 percent rise in stolen data appearing online as per Subex’s threat research team

The New Year gives us a chance to fix and improve our cybersecurity posture. Last week we told you about 5 cost-effective and easy ways to do that. Beyond these measures, this is also the right time to look at revamping your cybersecurity priorities and paying attention to the right areas. Subex’s threat research team has found that the volume of cyberattacks has reduced in the last 10 days but is expected to pick up as we approach February 2021.

February has traditionally seen the launch of new malware and new methods of cyberattacks by hackers. So, it is not advisable to wait till then to build cyber resilience. A discussion with our experts will help you reach there faster.

Subex has been protecting cyberspace for a while now. Our IoT and OT cybersecurity solutions along with SOC services and a cyber deception solution can go a long way in protecting your business.
All our customers stayed safe in 2020 and were able to focus on their business priorities.  You can learn more about them here, here, and here.

Don’t let the hackers gain an upper hand.

Nat will be glad to help in case you wish to learn more. You can drop her a line:

5 Easy and cost-effective ways to stay Cyber Safe in 2021

A new year has arrived and how will things change this year as far as cybersecurity is concerned? An analysis of data on cyberattacks in 2020 might point to some answers.

In 2020, as in the years before, businesses that were distracted didn’t prioritize cybersecurity and didn’t invest in sensitizing employees on various aspects of cybersecurity were targeted. Hackers were studying such businesses for a while and when the pandemic arrived, they got a break they were waiting for. The shift in network environments, remote access, and devices operating out of unmonitored environments and a high sense of distraction gave the hackers what they wanted – an opportunity to strike.

So how do you work towards staying secure in 2021? Here are 5 cost-effective ways of doing that:

Develop in-house expertise: identify employees across departments who will champion cybersecurity.

Visualize and drill extreme scenarios: even a moderate cyberattack can cause significant monetary losses. Conduct cybersecurity drills regularly across departments. Such drills should start/end by painting a bleak scenario of how bad things will be if a cyberattack succeeds. This includes loss of clients, potential revenue, hardware, and yes jobs too. Employees should be sensitized about these losses.

Set a budget aside for recovering from cyberattacks: in case this budget is not used, it can be disbursed as an increment or a bonus among employees at the end of a calendar/fiscal year or it can be rolled over into the next year.

Promote a culture of cyber hygiene: reward employees who report phishing or other types of attacks.

Sacrifice comfort for security: storing passwords, use of default passwords and other practices should be banned, and repeat offenders should be made to undergo a deep course in cybersecurity.

Take small but visible steps with discipline: your organization won’t turn into a cybersecure one overnight. Invest in bringing in a culture of cybersecurity backed by a strong commitment from all levels working together to realize small yet important steps towards cybersecurity.

We are the people to talk to for taking your institutional security a few notches higher.

You can visit us here to know more about our offerings or drop us a line to to know more.


Cybersecurity plans for the Year 2021

From every perspective 2020 was a tough year and the demands businesses and markets had from leaders was never this high and engaging.

To help prepare for 2021, we have put together some of our most popular cybersecurity content. We hope these will feed into your cybersecurity plans for the New Year.

We began the year by preparing a comprehensive evaluation of the global threat environment. As much as 79 percent of the predictions made by us in this report were realized this year in batches. Subex was among the first OT and IoT cybersecurity vendors to draw a correlation between the onset of the Covid-19 pandemic and its implications for the digital world. Our first advisory on this event was issued in February 2020.

To keep up with the pace at which malware developers were launching new and modified malware, we published a number of malware reports throughout the year.  From the feedback we received from the industry and other stakeholders, we are happy to report that these reports helped many leaders firm up their cybersecurity posture.

We also published a few case studies to highlight the challenges we are solving for our customers. You can find them here, here and here.

To cover threats surrounding 5G and IoT we joined hands with industry body GSMA to do a webinar with industry experts. On this occasion we did a deep dive on IoT and OT security to help stakeholders understand specific interventions needed to secure installations.

We also brought out a series of blogs that investigated aspects of cyber resilience, data theft, basic cybersecurity mistakes, cyber espionage and pandemic-era cybersecurity. We are ending the year with a series of blogs on predictions and things to do to stay secure in 2021.

We hope you find these curated content pieces relevant and informative.

Nat will be glad to help in case you wish to learn more. You can drop her a line:

The SolarWinds cyberattack episode has just begun unraveling

The worst could be yet to come.

As the events unfold, the full impact of the layered cyberattack on the Austin-based IT management software firm’s customers will be felt well into the next five years or beyond. Here is what we know so far:

  • It is clearly among the biggest ever cyberattacks on the US government
  • According to reports, over 400 of the Fortune 500 companies in the US and top 10 telcos have all been impacted
  • A ‘trojanized’ software update was used to install the sunburst malware into a commonly used IT management and monitoring software
  • The update was installed by as many as 18,000 customers using the software
  • Parts of US Treasury, Department of Commerce, Department of Homeland Security, and the Pentagon have all been targeted and have borne the brunt of the attack
  • This is an example of a ‘supply-chain’ attack wherein the intended target is attacked through vendors or third-parties who have some connection with the core networks and IT infrastructure of the intended victim
  • A different threat actor was found to have deployed another malware during the same episode
  • Discussions on the litigation fallout have begun and are moving in the direction of a Class action suit

Companies across the US are on a state of high alert. The ones affected by this cyber attack will have to spend time, effort and money in cleaning up as also in shoring up their defenses to avoid any secondary attacks or release of data. These attacks have brought cybersecurity to the forefront of strategic attention from businesses everywhere.

In a tough year, where multiple vendors including Subex had issued a range of cyber attack advisories from as early as March, this was not an unanticipated attack but what is shocking is the scale and the modus operandi used by the alleged state-backed hackers who are supposed to be behind the episode. While cybersecurity governance questions are being asked, one thing is clear, there is a lot more that needs to be done to prevent and deter such attacks in the future:

  • The threat actor involved in SolarWinds attack demonstrated patience, sophistication, and tactics so removing them from the compromised environments will be a tough task. If such efforts (that are now needed in the cleanup effort) were put in securing enterprises with diligence, then post-facto efforts won’t be needed.
  • Securing your organizational assets cannot be considered a one-horse race. Instead, the challenge has to be addressed at multiple levels. Vectors of vulnerabilities known and unknown are everywhere and they need to be addressed at the government, institutional and employee levels. Within organizations, multiple strategies and tactics need to be adopted
  • A two-way authentication will go a long way in securing assets and blocking malicious users
  • Implement a Zero trust-based approach especially for those services that reside on/are accessed from the cloud or those where the updates are forced across a multitude of devices without human intervention
  • Code-Orange should be the normal threat perception level. With the prevalence of threat actors, state-backed APT groups, independent actors, and disgruntled stakeholders, it is always important to be at the highest level of alert.

The SolarWinds attack has set the agenda for 2021. While nations and businesses start transitioning out of the Covid-19 induced economic and business slowdown, inadequate attention to cybersecurity could not just slow down these recovery efforts but could also harm reputations beyond repair prolonging the impact.

Nat will be glad to help in case you wish to learn more. You can drop her a line:

What the SolarWinds episode has taught us so far

Unless you have been on a digital detox vacation, you must have heard of the SolarWinds breach. Just to refresh your memory, multiple US government agencies were compromised by pushing a trojanized update. Post installation, this update allowed the hacker to conduct multi-level reconnaissance, modify user privileges, move laterally into other critical environments and compromise the data.

The scope and scale of this breach has ‘shaken cyber defenders and governments alike. It is now time to focus on the takeaways from this incident.

  • Cyber supply chain awareness: a dual-purpose risk assesment should be conducted to assess the state of security emanating from third-party solutions and evaluating the implications of such risks
  • Finding the right cybersecurity models: such models and frameworks should be able to uncover security gaps and prioritize them. Businesses should work towards constantly reviewing these models while keeping their risk appetite to the lowest level possible
  • There is no ‘business as usual’ for cybersecurity: in 2021, the new normal will be about being cyber risk aware at all times. Cybersecurity teams will have to overwork their imaginations to identify new sources of vulnerabilities
  • Developer access management: the backdoor introduced by the hacker must have been in a file not often accessed by developers (a developers account must have also been compromised). If developer access was managed diligently and reviewed to check for anomalies, the breach would have been discovered earlier.
  • Trust is dangerous: as many such episodes before have shown, trust should not be be implicit, explicit or stated with caution. Instead trust should be established on a session to session, device to session and connection to connection and time basis. No entity should be allowed to transact for long durations from a position of trust no matter the level of privilege. Zero trust should be the way forward

Subex has been working to secure businesses in all livable continents for over two decades now. Our offerings use a blend of tactics to introduce layered security including discovery of rogue and compromised assets.

As of today, we are securing some of the toughest and hard to secure OT and IOT-based deployments globally. We can help you improve your cybersecurity posture to secure your assets.

In just under 45 minutes, we can tell you how our solution can keep such episodes of grief at bay.

Get in touch with  to learn more

Cyber risks: espionage mercenaries, ICS threats and stealthy IoT botnets in the cloud

Cyber mercenaries are targeting industrial control systems (ICS) and IoT deployments like never before. Threat actors are now shifting significant resources to exploit emerging network edge environments. Securing these new environments, including new technologies and converging systems, is more challenging than it may seem.

Ransomware continues to evolve. In 2019, ransomware developers implemented a new strategy to counteract the decision of many organizations to not pay a ransom choosing instead to restore compromised systems on their own.

Now cybercriminals, in addition to encrypting data and systems also post that data on public servers. They then not only demand a ransom but also threaten to publicly release valuable IP and sensitive information if their ransom demands are ignored.

Such changing strategies indicate a high level of investment in studying and investigating not just the cybersecurity systems and responses, but also the organizational motivations that drive decision making.

Subex’s threat researchers have found that ICS are increasingly gathering attention from cyber threat actors.

Cloud IOT Security Solutions

Given the nature of these threats, it becomes imperative to talk to an IoT, OT and cyber deception partner to help you keep these threats at bay. Subex Secure is securing some of the toughest to secure businesses that are using IoT and critical infrastructure across 3 continents.

Nat will be glad to help in case you wish to learn more. You can drop her a line here.

We also encourage you to read our Threat Landscape Report for Q2 2020 here

Who stole my data: Solving the IoT security puzzle!

Internet of Things security is presenting governments and businesses with an unprecedented challenge. Consequently, a largely divided U.S. Congress identified it as a bipartisan issue ready for legislation. Last month, both houses of Congress passed the Internet of Things Cybersecurity Improvement Act recognizing IoT security as a matter of national security.

IoT Security Data Services

Despite all this attention, IoT deployments are still getting breached. In a recent episode, a set of IoT devices (camera with a doorbell) were found sending user credentials to China. The number of IoT-focused attacks hit an all-time high this year underscoring the need for action at all levels. Critical infrastructure components such as industrial control systems (ICS), safety systems, video surveillance systems, and asset tracking systems are now being attacked frequently to enter IT systems to steal data through laterally moving malware.

As the Christmas gifting season appears on the horizon, a new wave of cyberattacks will emerge harnessing gifted connected devices that are less secure. Guess where your stolen data could end up?

Such episodes will repeat till such a time that we prioritize IoT security and embed it by default in every activity from inception.

Subex Secure is here to help
We are today offering critical infrastructure grade security to our customers across the globe. With Subex Secure, you can afford to focus on your core business goals while we protect your assets, data, and infrastructure. Yes, our offerings can go a long way in helping you get more out of your IoT investments without worrying about security. Anything else is a compromise.

Contact to learn how 30 percent of information security leaders are successfully managing IoT threats and vulnerabilities.

Read our latest threat landscape report to learn about cyber threats you need to know about.

Proof of value: How we helped a leading manufacturer improve their cybersecurity posture and avoid such threats.

Don’t miss this critical cybersecurity requirement

Targeted attacks on supply chains connected with various sectors rose significantly in the last 8 months, according to various research firms. And this is just the tip of the iceberg as these findings relate to existing threats or threats that have been identified.  There could be many new ones lurking in the Dark Web and elsewhere.

Most information security leaders tend to ignore the potency of unknown threats. This is because the security architecture in most enterprises and projects doesn’t permit adequate versatility to understand and identify latent threats to deal with them.  The problem is compounded by security practices based on restrictive network activities at the perimeter rather. This means that a threat that somehow manages to trick the perimeter-based security mechanism is free to wreak havoc inside the core network.

Unfortunately, even the compliance mandates that are prevailing in various countries also fail to encourage businesses and other entities to look into emerging threats through a combination of insights, forecasts, and sheer imagination.

Besides, thanks to the increasing diversity of processes and devices, it is easy to lose track of baseline cybersecurity requirements with every increase in surface area. No matter what your network architecture, industry, or level of security sophistication, gaps could arise during periods of transition, capacity expansion, or infusion of new technology.

Essential cybersecurity nestworks

The addition of IoT exponentially amplifies the threat factor. In another survey, over 70 percent of cybersecurity practitioners reported some level of unfamiliarity with threats that emerge in converged environments spanning IT, OT, and IoT.

Unfortunately, these converged environments represent the event horizon – a vista that presents infinite possibilities for hackers, malware developers, and threat actors to exploit.

Converged environments needn’t be your organizational Achilles heel. Instead, such environments can be harnessed for testing new tech and workflows to improve efficiency, data analytics, and insights as also improving your cybersecurity posture and providing depth to your cyber resilience strategies.

Subex Secure - IOT/OT Cybersecurity Solutions

Connect with to learn how you can join 30 percent of leaders who have successfully addressed this threat.

Read our latest threat landscape report here to learn about cyber threats you need to know about.

Proof: How we helped a leading manufacturer improve their cybersecurity posture and avoid such threats

Cybersecurity is key to a successful 5G strategy

5G brings forth new opportunities and threats. While the opportunities are more or less understood, the threats. While new virtualization technologies including software-defined networking (SDN) and network functions virtualization (NFV) are drawing attention and investment, there is no denying that they have raised new security concerns owing to their highly open, flexible, and programmable nature.

Cybersecurity for 5g strategy

Director Chris Krebs from the Cybersecurity and Infrastructure Security Agency (CISA) calls 5G “the single biggest critical infrastructure build that the globe has seen in the last 25 years”–an assessment that isn’t hyperbolic, given the new networks promise to revolutionize everything from IoT, to augmented reality, to farming, while also creating a whole host of new security challenges.

This underscores the importance of 5G security and the need to understand and manage it early. Enabling technologies such as robotics, IoT, IIoT, large scale automation and AI come with a huge dependency on 5G. For projects in these domains to succeed, 5G has to deliver value securely. Sacrificing value for security or sacrificing security for value are not the recommended options. A laser-sharp focus on cybersecurity aligned to outcome priorities is the way forward.

Here are a few points to ponder in this regard. These points were culled from a presentation made by Subex at the “Enterprise 5G: The Edge of Innovation “event in October.

  • 5G innovation within the enterprise space is an area witnessing plenty of action from a strategy and roadmap perspective
  • 5G is secure by design but as the data moves closer to the endpoint, the level and control of security oversight thin out. There was broad consensus on deriving ways in which different players in the market can collaboratively engage to secure the 5G ecosystem
  • What are the challenges in deploying 5G with legacy systems? Though 5G will continue to evolve there may be networks and systems that will still be on traditional networks bringing forth generational security challenges to the fore
  • The new revenue models that 5G will generate will propel massive IoT adoption
  • The success of 5G innovation will have a force multiplier effect on solving various challenges across verticals

Plenty of unknowns will be uncovered as we move forward with the deployment of newer and more robust sub-networks that rely on 5G. We need to be prepared.

In case you want to know more about strategies and solutions to deal with the cybersecurity challenges posed by sequestered 5G deployment, generational vulnerabilities, and cybersecurity innovation for 5G, Natalie Smith will be happy to assist you. Do reach out to her at

You can also download a complimentary whitepaper we have prepared for fine-tuning your 5G cybersecurity strategy below.

Download Whitepaper Here!

Pandemic era cybersecurity: types of cyberattacks organizations must be aware of

When the year began, few businesses and cybersecurity vendors had imagined the extent to which the cybercrime landscape globally would deteriorate. Subex’s threat research team had started seeing a clear increase in targeted cyberattacks. We, therefore, decide to call out this trend and in early March, we came out with our first advisory.

The cyberattacks that saw a spike in the last 180 days emerged in two distinct waves. The first wave included more actors, malware, variants of malware, and geographies and was designed to exploit the confusion created by the Covid-19 pandemic. The second wave had lesser moving parts, was more organized, and in many ways built upon the success of the first wave.

Type of Malwae Cyber Attacks


From our analysis, the second wave of attacks is still gathering momentum and will continue for at least another 65 days. We expect the attacks to slow and move into reconnaissance mode after that.

Key trends

  • Cyberattacks on Chinese interests globally and in China rise 230 percent
  • The majority of the attacks on China are emerging from just 4 countries
  • Attacks on datacenters and utility firms increase the most
  • Phishing attacks continue to rise
  • Most attacked regions – NA, South-East Asia and the Middle East
  • Attack on pharmaceutical manufacturing companies; increasing rogue activity detected; targets include attempted batch and recipe changes as also operational disruptions to reduce the production capacity
  • Variants of NotPetya are being discovered across manufacturing firms
  • Coronavirus-themed attacks evolve
    The second wave of the Coronavirus-themed attacks grew more specific and potent towards mid-May. Chatter on the Dark Web and closed-door forums picked up indicate that there were many successful breaches in the last 90 days with many firms giving in to the demands of the hackers by meeting the ransom demand placed by hackers. Regional, businesses in Europe handed over the maximum amount in ransom to hackers followed by South East Asia and the Middle-East.
  • In terms of frequency, at least one ransom was paid every 43.2 hours by some company somewhere. In some instances, APT groups in Pakistan, Russia, Iran and some other countries were also involved in multi-stage ransomware attacks. So why have APT groups resorted to monetizing their cyberattacks? One probable reason could be because in the aftermath of Covid-19, many governments have shrunk their black ops/cyber offense budgets and this must have hit the APT groups in countries that were already under sanctions, starved of funds for their cybercrime operations. It seems that some of these countries have authorized monetization of cyberattacks to keep the operations sustainable and to prevent erosion of cyber strike and malware development capabilities.
  • A threat actor based in Somalia/East Africa launched as many as 700,000 attacks in a just under four days and walked away with a huge bounty in ransom. This group seems to have used stolen credentials available on the web along with compromised apps inadvertently installed by victims. This group targeted oil and gas companies in the Middle East.
  • While deflective attacks on critical infrastructure came down this quarter, the attacks on this segment kept on rising. While the initial half of the second wave of attacks on critical infrastructure used Covid-19 themes to a large extend, the latter half of attacks used more targeted messaging and tactics.

IoT and OT cybersecurity solutions and strategies are definitely the need of the hour.

Read more about these threats and security challenges in the latest edition of our Threat Landscape Report for Q2, 2020

Get Started with Subex

Schedule a Demo
close slider

I consent to receive communications from Subex Limited. Confirm Opt-In