Category Archives: IoT

Cyber risks: espionage mercenaries, ICS threats and stealthy IoT botnets in the cloud

Cyber mercenaries are targeting industrial control systems (ICS) and IoT deployments like never before. Threat actors are now shifting significant resources to exploit emerging network edge environments. Securing these new environments, including new technologies and converging systems, is more challenging than it may seem.

Ransomware continues to evolve. In 2019, ransomware developers implemented a new strategy to counteract the decision of many organizations to not pay a ransom choosing instead to restore compromised systems on their own.

Now cybercriminals, in addition to encrypting data and systems also post that data on public servers. They then not only demand a ransom but also threaten to publicly release valuable IP and sensitive information if their ransom demands are ignored.

Such changing strategies indicate a high level of investment in studying and investigating not just the cybersecurity systems and responses, but also the organizational motivations that drive decision making.

Subex’s threat researchers have found that ICS are increasingly gathering attention from cyber threat actors.

Cloud IOT Security Solutions

Given the nature of these threats, it becomes imperative to talk to an IoT, OT and cyber deception partner to help you keep these threats at bay. Subex Secure is securing some of the toughest to secure businesses that are using IoT and critical infrastructure across 3 continents.

Nat will be glad to help in case you wish to learn more. You can drop her a line here.

We also encourage you to read our Threat Landscape Report for Q2 2020 here

Who stole my data: Solving the IoT security puzzle!

Internet of Things security is presenting governments and businesses with an unprecedented challenge. Consequently, a largely divided U.S. Congress identified it as a bipartisan issue ready for legislation. Last month, both houses of Congress passed the Internet of Things Cybersecurity Improvement Act recognizing IoT security as a matter of national security.

IoT Security Data Services

Despite all this attention, IoT deployments are still getting breached. In a recent episode, a set of IoT devices (camera with a doorbell) were found sending user credentials to China. The number of IoT-focused attacks hit an all-time high this year underscoring the need for action at all levels. Critical infrastructure components such as industrial control systems (ICS), safety systems, video surveillance systems, and asset tracking systems are now being attacked frequently to enter IT systems to steal data through laterally moving malware.

As the Christmas gifting season appears on the horizon, a new wave of cyberattacks will emerge harnessing gifted connected devices that are less secure. Guess where your stolen data could end up?

Such episodes will repeat till such a time that we prioritize IoT security and embed it by default in every activity from inception.

Subex Secure is here to help
We are today offering critical infrastructure grade security to our customers across the globe. With Subex Secure, you can afford to focus on your core business goals while we protect your assets, data, and infrastructure. Yes, our offerings can go a long way in helping you get more out of your IoT investments without worrying about security. Anything else is a compromise.

Contact to learn how 30 percent of information security leaders are successfully managing IoT threats and vulnerabilities.

Read our latest threat landscape report to learn about cyber threats you need to know about.

Proof of value: How we helped a leading manufacturer improve their cybersecurity posture and avoid such threats.

Don’t miss this critical cybersecurity requirement

Targeted attacks on supply chains connected with various sectors rose significantly in the last 8 months, according to various research firms. And this is just the tip of the iceberg as these findings relate to existing threats or threats that have been identified.  There could be many new ones lurking in the Dark Web and elsewhere.

Most information security leaders tend to ignore the potency of unknown threats. This is because the security architecture in most enterprises and projects doesn’t permit adequate versatility to understand and identify latent threats to deal with them.  The problem is compounded by security practices based on restrictive network activities at the perimeter rather. This means that a threat that somehow manages to trick the perimeter-based security mechanism is free to wreak havoc inside the core network.

Unfortunately, even the compliance mandates that are prevailing in various countries also fail to encourage businesses and other entities to look into emerging threats through a combination of insights, forecasts, and sheer imagination.

Besides, thanks to the increasing diversity of processes and devices, it is easy to lose track of baseline cybersecurity requirements with every increase in surface area. No matter what your network architecture, industry, or level of security sophistication, gaps could arise during periods of transition, capacity expansion, or infusion of new technology.

Essential cybersecurity nestworks

The addition of IoT exponentially amplifies the threat factor. In another survey, over 70 percent of cybersecurity practitioners reported some level of unfamiliarity with threats that emerge in converged environments spanning IT, OT, and IoT.

Unfortunately, these converged environments represent the event horizon – a vista that presents infinite possibilities for hackers, malware developers, and threat actors to exploit.

Converged environments needn’t be your organizational Achilles heel. Instead, such environments can be harnessed for testing new tech and workflows to improve efficiency, data analytics, and insights as also improving your cybersecurity posture and providing depth to your cyber resilience strategies.

Subex Secure - IOT/OT Cybersecurity Solutions

Connect with to learn how you can join 30 percent of leaders who have successfully addressed this threat.

Read our latest threat landscape report here to learn about cyber threats you need to know about.

Proof: How we helped a leading manufacturer improve their cybersecurity posture and avoid such threats

Cybersecurity is key to a successful 5G strategy

5G brings forth new opportunities and threats. While the opportunities are more or less understood, the threats. While new virtualization technologies including software-defined networking (SDN) and network functions virtualization (NFV) are drawing attention and investment, there is no denying that they have raised new security concerns owing to their highly open, flexible, and programmable nature.

Cybersecurity for 5g strategy

Director Chris Krebs from the Cybersecurity and Infrastructure Security Agency (CISA) calls 5G “the single biggest critical infrastructure build that the globe has seen in the last 25 years”–an assessment that isn’t hyperbolic, given the new networks promise to revolutionize everything from IoT, to augmented reality, to farming, while also creating a whole host of new security challenges.

This underscores the importance of 5G security and the need to understand and manage it early. Enabling technologies such as robotics, IoT, IIoT, large scale automation and AI come with a huge dependency on 5G. For projects in these domains to succeed, 5G has to deliver value securely. Sacrificing value for security or sacrificing security for value are not the recommended options. A laser-sharp focus on cybersecurity aligned to outcome priorities is the way forward.

Here are a few points to ponder in this regard. These points were culled from a presentation made by Subex at the “Enterprise 5G: The Edge of Innovation “event in October.

  • 5G innovation within the enterprise space is an area witnessing plenty of action from a strategy and roadmap perspective
  • 5G is secure by design but as the data moves closer to the endpoint, the level and control of security oversight thin out. There was broad consensus on deriving ways in which different players in the market can collaboratively engage to secure the 5G ecosystem
  • What are the challenges in deploying 5G with legacy systems? Though 5G will continue to evolve there may be networks and systems that will still be on traditional networks bringing forth generational security challenges to the fore
  • The new revenue models that 5G will generate will propel massive IoT adoption
  • The success of 5G innovation will have a force multiplier effect on solving various challenges across verticals

Plenty of unknowns will be uncovered as we move forward with the deployment of newer and more robust sub-networks that rely on 5G. We need to be prepared.

In case you want to know more about strategies and solutions to deal with the cybersecurity challenges posed by sequestered 5G deployment, generational vulnerabilities, and cybersecurity innovation for 5G, Natalie Smith will be happy to assist you. Do reach out to her at

You can also download a complimentary whitepaper we have prepared for fine-tuning your 5G cybersecurity strategy below.

Download Whitepaper Here!

Pandemic era cybersecurity: types of cyberattacks organizations must be aware of

When the year began, few businesses and cybersecurity vendors had imagined the extent to which the cybercrime landscape globally would deteriorate. Subex’s threat research team had started seeing a clear increase in targeted cyberattacks. We, therefore, decide to call out this trend and in early March, we came out with our first advisory.

The cyberattacks that saw a spike in the last 180 days emerged in two distinct waves. The first wave included more actors, malware, variants of malware, and geographies and was designed to exploit the confusion created by the Covid-19 pandemic. The second wave had lesser moving parts, was more organized, and in many ways built upon the success of the first wave.

Type of Malwae Cyber Attacks


From our analysis, the second wave of attacks is still gathering momentum and will continue for at least another 65 days. We expect the attacks to slow and move into reconnaissance mode after that.

Key trends

  • Cyberattacks on Chinese interests globally and in China rise 230 percent
  • The majority of the attacks on China are emerging from just 4 countries
  • Attacks on datacenters and utility firms increase the most
  • Phishing attacks continue to rise
  • Most attacked regions – NA, South-East Asia and the Middle East
  • Attack on pharmaceutical manufacturing companies; increasing rogue activity detected; targets include attempted batch and recipe changes as also operational disruptions to reduce the production capacity
  • Variants of NotPetya are being discovered across manufacturing firms
  • Coronavirus-themed attacks evolve
    The second wave of the Coronavirus-themed attacks grew more specific and potent towards mid-May. Chatter on the Dark Web and closed-door forums picked up indicate that there were many successful breaches in the last 90 days with many firms giving in to the demands of the hackers by meeting the ransom demand placed by hackers. Regional, businesses in Europe handed over the maximum amount in ransom to hackers followed by South East Asia and the Middle-East.
  • In terms of frequency, at least one ransom was paid every 43.2 hours by some company somewhere. In some instances, APT groups in Pakistan, Russia, Iran and some other countries were also involved in multi-stage ransomware attacks. So why have APT groups resorted to monetizing their cyberattacks? One probable reason could be because in the aftermath of Covid-19, many governments have shrunk their black ops/cyber offense budgets and this must have hit the APT groups in countries that were already under sanctions, starved of funds for their cybercrime operations. It seems that some of these countries have authorized monetization of cyberattacks to keep the operations sustainable and to prevent erosion of cyber strike and malware development capabilities.
  • A threat actor based in Somalia/East Africa launched as many as 700,000 attacks in a just under four days and walked away with a huge bounty in ransom. This group seems to have used stolen credentials available on the web along with compromised apps inadvertently installed by victims. This group targeted oil and gas companies in the Middle East.
  • While deflective attacks on critical infrastructure came down this quarter, the attacks on this segment kept on rising. While the initial half of the second wave of attacks on critical infrastructure used Covid-19 themes to a large extend, the latter half of attacks used more targeted messaging and tactics.

IoT and OT cybersecurity solutions and strategies are definitely the need of the hour.

Read more about these threats and security challenges in the latest edition of our Threat Landscape Report for Q2, 2020

How IoT Security Impacts the Telecom Industry

According to our in-house research and published information obtained from research firms, telecom service providers including MVNOs and M2M connectivity providers suffered the highest volume of breach of sensitive customer information through DNS attacks. With the addition of the Internet of Things, data security takes a whole new level of significance for connectivity service providers.

In the last two years, many IoT and critical infrastructure projects involving telcos have been impacted by issues related to loT Connectivity Security leading to delay in project outcomes or projects being abandoned altogether.

This has had a clear impact on the margins of telcos as well since many of these were proof of concept projects that could theoretically have led to an increase in the number of endpoints on their network, increased data consumption, and direct revenue as a result of connectivity and managed services.

It is not just the revenue alone but the credibility and erosion of the enterprise customer base that telcos are staring at. With the emergence of other connectivity options such as satellite-based connectivity service providers, even the marketplace relevance of telcos is threatened.

It is no surprise therefore that telcos are now paying more attention to the machine to machine or M2M security practices, IoT security solutions, and cybersecurity postures that are aligned towards offering better security and assurance to customers. Telcom IoT security has therefore come into prominence like never before.

As the world battles a pandemic, there is another battle going on in parallel. Many enterprises and telcos have reported a surge in Coronavirus themed attacks designed to lure employees into downloading potent malware and application manipulation objects. This threatens telecom networks in a big way and telcos need to adapt their security posture to contain and eradicate this threat. Key elements of this change could include:

  • More focus on early detection and containment of suspicious activity and rogue devices
  • Use a Zero trust approach when it comes to enabling access to network resources
  • Work on segmenting networks or rather micro-segmenting them to prevent lateral movement of malware
  • Sensitize employees and all stakeholders to align them towards heightened awareness of cybersecurity
  • Invest in identifying threats across the spectrum including emerging ones
  • Deploy a cyber resilience strategy that prevents disruption

telcos cybersecurity

Monetizing cybersecurity has been a holy grail of sorts for telcos. On the one hand, they have to deal with meeting their security needs while on the other they have to also ensure that the deployments hosted on their networks are also secure and cyber resilient.

Recently, a leading mobile virtual network operator was able to not just monetize cybersecurity, but also use it as a vector to deepen their existing relationship with premium customers. The result – a significant increase in additional revenue. What’s more, they were also able to stay protected against malware that impaired some of their competitors and their large customers. The average savings per breach ranged from USD 250,000 to over a million. These numbers are rising as the threat environment continues to deteriorate.

The gains lodged from strengthening the profitability of key relationships – priceless. Subex Secure is powering this endeavor.

You can read this unique case study here.

IOT / OT Cybersecurity Company

To know more about Subexsecure’s offerings and to schedule a demo, call: +91 80 6659 8700

Click here to know more about how Subexsecure has been working with telcos across the globe to secure the IoT initiatives adopted by their customers.

Why cybersecurity can be a source of innovation for IoT projects

An interesting survey finding came my way almost a year ago that revealed that as much as 80 percent of projects falling in the Internet of Things domain didn’t utilize their data in its entirity. This means that most of the projects are configured to churn data that is futuristic in nature and may not be of much relevance to the stakeholders in the short run. This leads us to an interesting question. Can this huge volume of data being generated be put to some use after all?

There are various reasons why there is an overflow of data in such projects. The most agreeable one is that business owners are often pre-occupied with the need to get their hands on information that can justify their investments in such projects and in the process ignore data streams that cannot be monetized or deployed to improve efficiency, productivity or preventive maintenance practices. Such a myopic view can indeed lead to value stagnation in the long run for such projects.

A Spanish company had deployed a set of temperature sensors across its offices to monitor the ambient temperature. The data showed the existence of islands of significant temperature variation across floors. The company didn’t invest any time or resources in determining how such differences affect the productivity of employees or outcomes of meetings. Yes it would need a stretch of effort to figure this out but then its not impossible.

In another instance, a well-known retailer in South-East Asia is currently accessing information on supply chain efficiency across various points in the chain using IoT. However, this entity is still ignoring information on ambient weather conditions that are also collected alongside the data gathered by various sensor and device configurations. Again the weather information in this instance could be correlated with supply chain efficiency to determine the best weather conditions for movement of goods and supplies as also to avoid conditions that might adversely impact movement.

There are many such examples of businesses ignoring data already available to further their business interests.

Linking cybersecurity

IoT is one of the few enabling technologies that still have a long way to go when it comes to cybersecurity. Often times, proof of concept projectsrun without security coming into the picture in any form or manner. The capital and resources invested in the project are thus rendered vulnerable to a possible cyberattack. A sizeable one could lead to the project being shelved complety – a possibility that is not just a remote possibility but is happening more often than it should.

Given the significance that security entails,

Cybersecurity could be considered as an avenue for innovation. There is no reason why businesses shouldn’t be thinking and acting this way. Let me elaborate. For one, cybersecurity is all about doing more with all the data available. It is also about getting deeper into data to determine how and why data is behaving the way it is (is it under the influence of malware or has it been subject to some form of compromise?).

Attention to data for purposes of cybersecurity can yield remarkable results. It can make decision makers aware of the quantum and content of data that they are drawing from sensors and devices and therefore put it to better use. Financial services entities and retailers can take the lead in this arena. By making businesses delve deeper into data patterns, organizations are rendered more data-sensitive thereby opening avenues to better use and deploy data. And this could enable competitive differentiation and innovation across the enterprise.

Data awareness could also reduce the rate of failure of proof of concept projects. It could lead to customer delight as well when used in the right way to give actionable data and insights. A large aircraft manufacturer recently found out the hard way how ignoring basic data could be a perilous endeavor. The lesson, therefore, is clear and apparent.

Cybersecurity, when viewed as an enabler of innovation, could also lead to greater investments in time, attention and resources in securing enterprises. This holds good for all businesses irrespective of their size, maturity or market addressed.

To read the latest State of IoT Security reports

Download now!

IoT poised to transform healthcare

Among the sectors where the Internet of Things is offering a non-conventional way to address traditional challenges, healthcare stands out not just in its uniqueness but also in bearing significant potential to positively transform the quality of life of citizens. As the use cases increase, so does the scope for IoT to do more and this is just a beginning. In the days to come IoT will bring in a drastic reduction in healthcare administration costs, improve the efficacy of medicines and improve our ability to identify and isolate disease vectors well before they reveal their darker side.

Healthcare is a vast ecosystem. IoT has already made deep inroads into applications such as remote patient monitoring, clinical trials, pharma administration, personal healthcare, drug testing, insurance, robotics, smart pill cases, and treatment. Preventive healthcare is another area where IoT is helping. IoT enabled wearables are providing real-time data on every individual’s health enabling physicians to diagnose early warning signs of disease and administer medication or other interventions before it turns into a major risk to the person’s health.

With evolving technology and improving connectivity (with the arrival of 5G) and personalization of medical attention, it will be possible to do a lot more with IoT. For instance, data on responses to a certain medicine (collected and analyzed anonymously) will enable doctors to derive the exact dose to be given to the patient to ensure maximum drug efficacy. Smart jars will also remind patients to have their medicines on time and in the right dosage. This will help prevent misuse of vital medicines such as antibiotics.

Smart pills add a unique dimension to IoT. Smart pills, or simply digital pills, are medications prescribed to patients and come with edible electronic sensors that dispatch wireless messages to devices like patches, tablets or smartphones that reside outside the body when ingestion of these pills.  Since this technology will allow patients and doctors to track their drug regimen compliance, increasing patient adherence, it could lead to savings to the tune of $100 – $300 billion annually in the US alone.

Adoption challenges

Storing, securing and managing data are aspects that still pose a challenge to widespread IoT adoption in the sector. In addition, there are reliability and security issues with data alongside the lack of infrastructure and training among providers. This is because there are providers who lack the infrastructure to harness and analyze data even when it flows freely. Another issue is the cost of wearables. It is still not cheap enough for it to be used widely by populations in rural areas.

Security is still a key concern for the whole eco-system. With a diversity of devices, communication flavors, storage options, through fare networks, every aspect brings in its own security challenge. Since patient data is involved in the form of healthcare records or treatment efficacy, there are many entities and individuals out there who would want to get their hands on this data. Healthcare devices could also be highjacked to be used as conduits to launch larger Distributed Denial of Service attacks on other networks.

With so much data floating around in the networks, privacy issues have already come to the fore. Groups are suggesting that with smart pills, for instance, a surveilled compliance scenario would emerge and the doctor or the pharma company may end up receiving and hoarding more data than necessary.

The road ahead

The challenges that IoT brings forth should be measured against the benefits that it delivers. Overall, it is now becoming increasingly difficult to view healthcare minus IoT interventions in varied aspects. As these interventions get bigger and the benefits expand, the challenges will also be addressed. For a country like India that is trying to bring affordable healthcare to the masses, IoT is more than a game changer. What changes is not just affordability but also the availability of timely medicare. The savings in terms of replacing traditional and more costly alternatives are alone for India to give more attention to IoT.

India will definitely enable the emergence of many interesting use cases.

Cyberattacks grew 26% on India’s IoT deployments

India has been attracting complex cyberattacks for a while now. Hackers are using a mix of complex malware, social engineering and hit and run tactics to target various facilities and IoT deployments here. In the last quarter alone, cyberattacks on the country registered a 26 percent increase and some unique samples of malware were isolated by our threat research team.

Mumbai, Delhi and Bangalore were the most attacked cities and hackers are looking at monetizing attacks while creating large scale disruption. They are also working to overload defense mechanisms in order to prevent early detection and mitigation of these attacks.

The IoT Security Report for India for the third quarter (July-September) of the calendar year 2019, highlights the continuing attention that hackers are paying to IoT and OT installations in India. The report notes attacks, attack techniques, sectors drawing attacks and the various types of malware used to attack smart cities, defense projects, manufacturing entities, retailers and other entities using IoT or OT in the country. Download this report to find out how the threat environment in the country is evolving.

To read the latest State of IoT Security report for India

Download now!

Securing mobile edge computing

Mobile edge computing or Multi-access Edge Computing (MEC) – is a network architecture that enables cloud computing to be performed at the edge of a mobile network. Currently, many applications manage their online computations and content storage on servers far away from the devices and the end user. MEC brings those processes closer to the user by integrating with the local cellular base stations.

Multi-access edge computing is based on the principle that offering processing capacity at the edge of the network offers significant application benefits especially in responsiveness and reliability. MEC enables faster and flexible deployment of new applications and leads to lower latency — and better performance — for local applications and data when compared with centralized data center resources.

Businesses that run multiple applications that entail high volumes of data with low latency such as IoT gateways in healthcare, retail etc., will find MEC quite appealing. It is going to be a key enabler for connected cars, autonomous vehicles and industrial IoT. Edge computing will help autonomous vehicles achieve higher levels of situational awareness by merging information gathered and processed at the edge and through AI/machine learning. In such areas, even a millisecond delay can make a huge difference. Autonomous vehicles, for instance, cannot wait for information stored to be processed in the cloud (even if it only takes 200 milliseconds) to make a critical decision.

The MEC market is expected to range anywhere between USD3-9 bn by the year 2022. Start-ups will find a new world of opportunities coming their way through MEC. The convergence of connectivity and compute power and the resultant context awareness at a node will lead to services and content being customized to a new level. Wearables, smart homes, utilities and transportation are expected to drive business. All these are segments that hold great potential for start-ups to capitalize on.

As the industry evolves, and the eco-system becomes more enabling, entry barriers are expected to ease. Hyper localization a significant need from a content delivery and a last mile user perspective is enabled with lesser latency. With the content delivery networks or CDNs coming closer to the user, localized content such as area maps can be delivered faster and with more detail to a user. A CDN is a system of distributed servers (network) that deliver pages and other Web content to a user, based on the geographic locations of the user, the origin of the webpage and the content delivery server. Till now, CDNs were in datacenters far away from the user.

On the security and safety front, MEC will enable a new level of surveillance and monitoring as surveillance and video analytics can be done much closer to the source. This also means that the data available to decision makers will be much closer to real-time.

In an industrial environment, MEC can improve safety levels by giving real-time information on heavy equipment, machinery, vehicles and environmental factors. MEC will also improve the response timings in case of an accident or an emergency by enabling first responders to reach ground zero and locate the affected people faster.

In the entertainment vertical, Augmented Reality and Virtual Reality require faster response with the least possible latency. MEC makes that possible. It is expected that many new VR and AR-based games will be released once MEC becomes a commonly used technology.


Lack of standards around MEC is one factor that might slow down adoption of MEC. Many organizations are currently working in parallel on evolving competing standards around MEC focusing on various aspects. With data being stored and processed at a local node the possibility of attacks at that level also increase as a new attack surface emerges. These challenges are being addressed and there are strategies and solutions available to secure MEC and its users.

All said and done, MEC is nothing short of a revolution in the works. Beyond bringing the web and allied services closer to users, it will also usher in a new era of user experience and engagement. The opportunity is clearly on the horizon it is now up to the eco-system players to ramp up their game to hasten adoption without compromising on security in any manner.

Get Started with Subex

Schedule a Demo
close slider

I consent to receive communications from Subex Limited. Confirm Opt-In