| |
|
|
|
|
|
|
|
|
|
|
Dear Cyber Pulse Subscribers,
We are into the new year of 2024, and I'm delighted to connect with you through our latest edition of Cyber Pulse. In this exclusive edition on IoT security, we dive into the exciting world of the Internet of Things (IoT) where interconnected devices are transforming industries, enriching lives, and shaping the future.
From smartphones and laptops to smart TVs and wearable gadgets, our environment is saturated with devices constantly communicating and sharing data over the Internet. This rapid proliferation of IoT devices coupled with the widespread adoption of 5G networks, heralds a future where connectivity will be omnipresent with the promise of convenience and efficiency. However, from a cyber security perspective, the interconnectedness of IoT ecosystems have created a vast attack surface, leaving them vulnerable to exploitation by malicious actors. Taking this view, the edition explores the growing threat landscape of IoT with key trends, various types of IoT cyber-attacks and important safeguards while using these smart devices.
Concerted efforts are need of the hour to implement stringent security measures across the entire IoT ecosystem. This includes securing devices at the hardware and firmware levels, encrypting data transmission, implementing strong authentication mechanisms, and regularly updating software to patch vulnerabilities. Additionally, stronger collaboration among stakeholders, including manufacturers, policymakers, cybersecurity experts, and end-users, is crucial to developing comprehensive security standards and best practices.
Thank you for being an integral part of our cybersecurity community, let's remain vigilant, stay informed, and work together to stay safe and secure in the online world.
Sincerely,
Santhosh George
CEO, ReBIT
|
|
|
|
|
|
|
|
|
|
Technology has become intricately woven into our daily routines with IoT devices. The Internet of Things (IoT) is essentially a network of physically linked objects that gather and share data online. Over the years, with technological advancements and improved connectivity, IoT has revolutionized the way we interact with objects around us. These gadgets can be anything from basic sensors to intricate equipment and, more popularly, smart home appliances.
Living in a Connected World
Whether it's entertainment, communication, or productivity, IoT devices are present around us all the time. From the first morning alarm on a smartphone to the evening unwind with a smart TV, our lives are seamlessly choreographed by IoT technology. Coffee brewed by a smart machine, health metrics tracked by a wearable, and a commute guided by GPS—we are closely surrounded and continuously interacting with these Internet-driven devices. Smart homes adjust the lighting and temperature of the air conditioner while work unfolds on a connected laptop interacting on the office network with many other devices.
Key Trends in IoT Cyber Security
By 2025, there will be an estimated 75 billion IoT devices in use, which presents a cyber security concern due to the increased attack surface available for hackers to commit fraud. By adopting a comprehensive approach while embracing IoT, we can address some of the security challenges where the speed and volume of data exchange across connected devices will make security imperative.
- Widening Attack Surface with IoE: IoE, or Internet of Everything, is the next generation of internet connectivity. The transition from IoT to the Internet of Everything (IoE) marks a significant evolution as IoE extends beyond mere devices, encompassing people, processes, and data in a holistic ecosystem. Examples of IoE can be a number of connected devices, such as mobile phones, laptop computers, cars, home appliances, medical devices, pacemakers, glucose monitors, and more, over a network.
- 5G Network and IoT Security: 5G, or fifth generation cellular network connection, is expected to significantly outperform today's 4G and LTE networks in terms of data interchange, communication speed, low latency, and overall dependability. With the 5G connected network, faster and higher volumes of data transfer will make data privacy and guaranteeing security crucial.
- IoT Device Volumes and Vulnerabilities: IoT devices are in high demand across the world, and companies are moving fast on production volumes. However, the device vulnerabilities pose a security threat, exposing the users to risks of unauthorized access or data breaches. Hence, it is important that, during manufacturing, companies implement stringent security protocols during the design and production phases.
- IoT Data Security and Privacy: As IoT devices often rely on cloud services, securing the cloud infrastructure has become important to protect the data in transit and at rest on IoT devices, preventing unauthorized access to sensitive information.
Challenges in IoT Security
The rapid proliferation of IoT devices has opened new frontiers for convenience and connectivity. However, this surge in adoption has also brought in a wave of threats, with device compromises standing out as a primary concern. Let's delve into the top IoT threats that revolve around the compromise of these connected devices.
- Insecure Authentication: Many IoT devices rely on default or weak authentication mechanisms. Attackers exploit this vulnerability, gaining unauthorized access to devices. Strengthening authentication protocols is crucial to thwarting unauthorized intrusions.
- Weak Encryption: Inadequate encryption leaves IoT communications susceptible to interception and manipulation. Devices transmitting sensitive data without robust encryption become targets for cybercriminals aiming to exploit vulnerabilities in the communication channels.
- Absence of Regular Software Updates: Failure to implement timely software updates leaves devices running outdated and vulnerable firmware. Attackers exploit known vulnerabilities in unpatched systems, compromising device integrity and exposing users to potential security breaches.
- Inadequate Physical Security: Physical access to IoT devices can be a gateway for malicious activities. Unsecured physical ports, exposed hardware, or poorly protected device locations create opportunities for unauthorized manipulation, leading to compromises in device functionality.
- Insecure Network Configurations: Devices within an IoT ecosystem often communicate through networks. Weak or misconfigured network settings provide avenues for attackers to intercept data, manipulate device behavior, or launch broader attacks within the interconnected environment.
- Default Credential Exploitation: Manufacturers commonly ship IoT devices with default usernames and passwords. Failing to change these defaults makes devices easy prey for attackers, who exploit these credentials to gain control over the compromised devices.
- Insufficient Device Management: Lack of robust device management practices hampers the ability to monitor and control IoT devices effectively. Attackers capitalize on poor management protocols, potentially compromising device functionality or using them as entry points into broader networks.
- Supply Chain Vulnerabilities: The interconnected nature of IoT often involves complex supply chains. Malicious actors may target vulnerabilities within the supply chain, compromising devices at various stages of production and distribution, leading to widespread security issues.
Growing Menace of IoT Cyber Attacks
Understanding the various types of IoT security attacks is crucial for fortifying connected ecosystems. Here are key types of attacks that pose significant risks:
- Denial of Service (DoS) and Distributed Denial of Service (DDoS): IoT devices can be overwhelmed by malicious traffic, rendering them inaccessible or disrupting their normal functioning. In DDoS attacks, a network of compromised devices is orchestrated to flood a target, exacerbating the impact.
- Man-in-the-Middle (MitM) Attacks: In MitM attacks, an unauthorized entity intercepts and potentially alters communication between IoT devices. This breach compromises data integrity and confidentiality, allowing attackers to eavesdrop on sensitive information.
- Device Spoofing and Cloning: Attackers may attempt to mimic the identity of legitimate IoT devices, gaining unauthorized access to networks or data. Cloning involves replicating device identifiers, enabling malicious entities to infiltrate and manipulate systems.
- Eavesdropping and Data Interception: IoT devices often transmit sensitive data. Eavesdropping involves intercepting and monitoring these communications, leading to potential data breaches. Encryption and secure communication protocols are essential countermeasures.
- Physical Tampering: Physical access to IoT devices can lead to tampering or manipulation. Attackers may exploit vulnerabilities by directly interacting with devices, potentially altering configurations or extracting sensitive information.
- Credential-based Attacks: Weak or default credentials are a common entry point for attackers. Credential stuffing, brute force attacks, and password spraying are techniques used to gain unauthorized access by exploiting weak authentication mechanisms.
- Firmware and Software Exploits: Attackers may target vulnerabilities in device firmware or software. Exploiting these weaknesses can lead to unauthorized access, device manipulation, or the injection of malicious code.
- IoT Botnets: Compromised IoT devices can be enlisted into botnets, powerful networks of devices controlled by a centralized entity. These botnets are often used for DDoS attacks, spreading malware, or conducting coordinated cyber assaults.
Way Forward
Smart and intelligent IoT devices have revolutionized the way we interact with objects around us. While they offer convenience, energy savings, security, and personalization, data security and privacy must always be at the forefront of our minds as we embrace these connected IoT ecosystems. Let us find a balance between their benefits and the challenges they raise, adopt them responsibly, and continue to innovate.
|
|
|
|
|
|
|
|
|
|
Governance
Leverage technology to enhance effectiveness of internal Compliance monitoring, says RBI to REs
RBI recently conducted an evaluation of the current internal compliance monitoring system in select REs and the extent to which technological solutions are being utilised to support this functionality. It was observed that REs have adopted different levels of automation for Internal Compliance monitoring, ranging from macro enabled spreadsheets to workflow-based software solutions, indicating more work towards automation.
Read more
UPI transactions crosses Rs 18.41 trillion mark in January 2024, NPCI data
The value of Unified Payment Interface (UPI) transactions reached a record high of Rs 18.41 trillion in January. The National Payments Corporation of India (NPCI) released figures showing that January's numbers were 52% higher in volume than those from the same month in the previous fiscal year.
Read more
Cyber Crime
Telecom Department warns for 401# scam calls.
The Department of Telecom (DoT) released an advisory on 401# scam calls modus operandi informing citizens to exercise caution when receiving incoming calls that prompt them to dial ‘*401#’ followed by an unknown mobile number. This activates unconditional call forwarding received on the mobile of citizens to the unknown mobile number thus allowing fraudsters to receive all incoming calls and carry out scams.
Read more
Surat police launches AI Chatbot to combat cybercrime in the city.
The city police of Surat in Gujarat has introduced the AI-powered "Cyber Mitra Chatbot" for addressing quick problem solving of cybercrimes. The Chatbot will assist Surat police in determining the volume of cybercrime cases in each region as well as the kind and concentration of crimes. It can converse with citizens in their language of choice and will have access to the 'Find My Police Station' option.
Read more
|
|
Cyber Security
AnyDesk hit by cyber-attack, production systems compromised.
The leading remote desktop software provider stated that hackers had gained access to the company's production systems through a cyberattack, forcing the business to go into lockdown for over a week. The company added that all security-related certifications had been revoked, systems had been replaced or remediated when needed, and all passwords to the company's client web portal had been invalidated as part of its incident response procedures.
Read more
Indian citizens lost 7,488.6 crore in 2023, informs MHA, Govt of India
According to the Ministry of Home Affairs' report to Parliament on Tuesday, Indians lost Rs 7,488.6 crore to cyberfraud last year. Maharashtra tops the pack with losses at a startling Rs 990.7 crore, followed by Telangana at Rs 759.1 crore, despite authorities' struggles to tackle the nation's escalating cybercrime.
Read more
Malware / Ransomware
New banking Trojan exploiting Windows SmartScreens flaw.
By taking advantage of a weakness in Windows SmartScreen, the new version of the banking Trojan Mispadu is primarily targeting nations in Latin America, particularly Mexico. According to a study released, the assaults involve a fresh version of the malware that was initially detected in 2019. Additionally, the Trment had progressed and that it was now able to target particular places worldwide, verify time zone variations, and selectively decode strings.
Read more
DDoS attack on US Pennsylvania Courts systems
The attack had an influence on court web tools including PACFile, the Guardianship Tracking System, and the usage of online docket sheets. The electronic filing system used by attorneys was unavailable, alongside other key systems that track appointed guardians, and the web docket system was also down.
Read more
|
|
|
|
|
|
|
|
|
|
The Cyber Strike is a section dedicated to providing you with a summary of the most significant cyber-attacks that occurred over the past month. With the increasing prevalence of technology in our daily lives, cyber-attacks have become a constant threat to business and individuals alike.
It is important to stay informed about the latest cyber threats and attacks to protect ourselves and our organisations from potential harm.
Let’s dive in and explore the most significant cyber-attacks of the month.
Multiple vulnerabilities in Google Chrome OS Code
Impact: Multiple vulnerabilities were reported in Google ChromeOS / ChromeOS Flex which could allow an attacker to bypass security restrictions, execute arbitrary code and cause denial of service condition on the targeted system.
Recommended Actions
- Upgrade to latest software version as released by Google Chrome
Multiple Vulnerabilities in Skyworth Router
Impact: Multiple vulnerabilities have been reported in Skyworth router which could allow a remote attacker to perform stored Cross Site Scripting (XSS) attacks, obtain sensitive information or cause Denial of Service condition on the targeted system.
Recommended Actions
- Upgrade to latest version 4.1.1.25 or later.
Multiple Vulnerabilities in GitHub Enterprise Server
Impact: Multiple vulnerabilities have been reported in the GitHub Enterprise Server, which could allow an attacker to execute remote code, escalate privileges, bypass security restrictions and disclose sensitive information on the targeted system. Software affected were GitHub Enterprise Server version prior to 3.11.3; GitHub Enterprise Server version prior to 3.10.5; GitHub Enterprise Server version prior to 3.9.8; GitHub Enterprise Server version prior to 3.8.13
Recommended Actions
- Apply appropriate software updates as mentioned by the vendor.
Critical Apache ActiveMQ Flaw Used to Deliver Godzilla Web Shells
Impact: The exploitation of the Apache ActiveMQ vulnerability to deploy the Godzilla web shell poses a critical risk to organizations, potentially leading to unauthorized access, arbitrary command execution, and the compromise of sensitive data. The sophisticated nature of the web shell increases the likelihood of successful attacks, making it imperative for organizations to promptly update and strengthen their security measures.
Recommended Actions
- Upgrade both brokers and clients to Apache ActiveMQ versions 5.15.16, 5.16.7, 5.17.6, or 5.18.3, as these releases address and fix the identified vulnerability.
- Specifically, if using Apache ActiveMQ Legacy OpenWire Modules, ensure that versions 5.8.0 through 5.18.0 are updated to the latest patched versions (5.15.16, 5.16.7, 5.17.6, or 5.18.3) to eliminate potential vulnerabilities.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ReBIT is an ambitious, employee-first organisation that believes in empowering our employees to grow alongside the organisation's goals and perform to their full potential. We are fascinated by technology, and we admire our employees. We house exceptional talent that contributes to ReBIT's mission.
We’re looking for candidates who have a zeal for technology and innovation. Check out our careers page for opportunities to work with us!
|
|
|
|
|
|
|
|
|
|
|
|
502, Building No 1, Mindspace Juinagar, Nerul,Navi Mumbai – 400706
|
|
|
|
You are receiving this email as you signed up for our newsletter.
Want to change how you receive these emails?
You can Unsubscribe here.
|
|
|
|
|
