November 21, 2019

Cybernews: If Aramco had our Antidrone…; and honeypots to make IoT malware stop!

Hi folks!

Recently there was a Cyber News from the Dark Side item of oh-my-Gulf proportions. You’ll no doubt have heard about it as it was all over the news for days just recently. It was the drone attack on Saudi Aramco that took out millions of barrels of crude per day and caused hundreds of millions of dollars in damage.

Alas, I’m afraid this is only the beginning. Remember those drones bringing Heathrow – or was it Gatwick? – to a standstill a while back? Well this is just a natural progression. There’ll be more, for sure. In Saudi, the Houthis claimed responsibility, but both Saudi and the US blame Iran; Iran denies responsibility. In short – same old saber-rattling in the Middle East. But that’s not what I want to talk about here – that’s geopolitics, which we don’t do, remember? ) No, what I want to talk about is that, as the finger-pointing continues, in the meantime we’ve come up with a solution to stop drone attacks like this one on Aramco. Soooo, ladies and gents, I hereby introduce to the world… our new Antidrone!

So how does it work?

The device works out the coordinates of a moving object, a neural network determines whether it’s a drone, and if it is, blocks the connection between it and its remote controller. As a result the drone either returns back to where it was launched, or it lands below where it is up in the sky when intercepted. The system can be stationary, or mobile – e.g., for installation on a motor vehicle.

The main focus of our antidrone is protection of critically important infrastructure, airports, industrial objects, and other property. The Saudi Aramco incident highlighted how urgently necessary such technology is in preventing similar cases, and it’s only going to become more so: in 2018 the world market for drones was estimated at $14 billion; by 2024 it’s forecast to be $43 billion!

Clearly the market for protection against maliciously-minded drones is going to grow too – fast. However, at the moment, our Antidrone is the only one on the Russian market that can detect objects by video using neural networks, and the first in the world to use laser scanning for tracking down the location of drones.

And now for the other item in the title of this post: honeypots…

Now, what is the situation these days with malware on IoT devices? Very simple: very bad, as IoT maliciousness is right behind the development of IoT technology itself. More IoT > more cyberattakcs. Moreover, the relationship between the quantity and variety of devices and the malware of attackers isn’t linear – it’s a lot worse; for the situation with IoT security is real bad. I’ve mentioned this plenty before.

We’ve been observing IoT-attacking malware since 2008. One of the ways we’ve been doing this is by using special traps, called honeypots (not to be confused with honeypots for spies:). These traps simulate real, vulnerable systems, which attract maliciousness like flies to ****, if you’ll pardon my French, and once we get hold of it we dissect it and develop the necessary protection (including proactive).

Over the last dozen years we’ve built up a whole infrastructure of honeypots, which is constantly growing and being optimized. For example, every now and again we change the IP addresses of our traps, since botnet owners track honeypots and after a while they train their kit to bypass them. Moreover, lists of IP addresses of honeypots are traded on the darknet.

Source

Recently we recently published the results of our unique research into IoT malware, which research lasted a whole year.

We placed more than 50 honeypots around the world, which on average were attacked around 20,000 times every 15 minutes. In all in the first half of 2019 we detected 105 million attacks from 276,000 unique IP addresses. To compare, in 2018 over the same first half-year period, we detected just 12 million attacks from 69,000 IP addresses. The main sources of infections for the first half-year of 2019 were Brazil and China. Behind them, Egypt, Russia and the US. And the total number of active infected IoT devices remains large: every month tens of thousands of devices try to distribute malware using password brute-forcing and other vulnerabilities.


Source

The Internet of Things is growing at crazy speed – just as its threats are. So we’re planning to broaden our capability of uncovering and studying those threats. Familiarity with threats is one of the key elements in providing cybersecurity, and our ‘honeypots as a service’ is ripe and ready. We collect and clusterize incoming connections, and all processed data becomes available in near-as-darn-it real time. Interested? Write us!

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email
  • No, thanks

READ COMMENTS 0
Leave a note
Facebook

April 27, 2024

Our first global Cyber Immune conference!

Despite the extraordinarily uncharacteristic weather in Dubai, we still managed to hold our first ever international Cyber Immunity Conference there; hurray! So, what is Cyber Immunity? (In case you don’t know; sorry if you do.) It’s our approach to building cybersystems that are secure-by-design and, as such, resilient against hacker attacks. Actually, there’s a lot […]

April 25, 2024

Tanks aren’t afraid of dirt – or the Arctic.

I’ve been asked rather often already about the vehicles we undertook our road trip to Tiksi in. And that’s understandable – especially since they aren’t quite the instantly recognizable household-name vehicles like, say, Land Rovers or Toyota Land Cruisers… First off, I have to say that we didn’t choose the vehicles ourselves; we left that […]

April 22, 2024

Yakutsk-Tiksi-Yakutsk-2024: first overnight stay – Khandyga.

Hi folks! Herewith, another episode in my  Yakutsk-Tiksi-Yakutsk expedition series… You’ve had my warm-up posts (about winter/ice roads, naleds, and the Kolyma Highway). Now’s come the time to climb behind the wheel and get going!… It all started in Yakutsk. From there we headed east/northeast along the Kolyma Highway for nearly a thousand kilometers. Next, […]

April 17, 2024

1500km on the R504: devilish cold; snow, ice and hoar.

There are many different kinds of roads and highways. There are straight and there are winding; there are smooth and there are bumpy; there are fast-moving and there are snail’s pace; there are ordinary and there are beautiful (rather: ordinary, pretty, beautiful, and mind-blowing). There are plenty of beautiful roads around the world – most […]

April 16, 2024

Water, outside, not frozen – below -40°C. How?!

Our friend, the Far North – even in winter (and up there, in northern Yakutia, even March is winter). The extended winter of the North is a kingdom of eternal snow and ice, extreme cold, and endless white expanses. All the same – and you won’t believe this – you can find H2O in liquid form […]

April 12, 2024

You’ve heard of a road trip. But what about an ice-road trip?!

You’ve had your intro posts already; now, if there are no questions from the audience, I’ll proceed to my next tale from the Far Northern side, which could have been titled “Yakutian ice roads heading north from Kolyma Highway“. But first, I think – an explainer… What is an ice road? And what’s a winter […]

More

Travel Vlog

You might also like…