Dan Demeter – Kaspersky (Image: Kaspersky)
This figure is around nine times more than the number found in H1 2018, when only around 12 million attacks were spotted originating from 69,000 IP addresses
LAGOS, Nigeria, October 16, 2019- Kaspersky honeypots networks of virtual copies of various internet connected devices and applications have detected 105 million attacks on IoT devices coming from 276,000 unique IP addresses in the first six months of the year. This figure is around nine times more than the number found in H1 2018, when only around 12 million attacks were spotted originating from 69,000 IP addresses. Capitalising on weak security of IoT products, cybercriminals are intensifying their attempts to create and monetise IoT botnets. This and other findings are a part of the ‘IoT: a malware story’ report on honeypot activity in H1 2019.
Cyberattacks on IoT devices are booming, as even though more and more people and organisations are purchasing ‘smart’ (network-connected and interactive) devices, such as routers or DVR security cameras, not everybody considers them worth protecting. Cybercriminals, however, are seeing more and more financial opportunities in exploiting such gadgets. They use networks of infected smart devices to conduct DDoS attacks or as a proxy for other types of malicious actions. To learn more about how such attacks work and how to prevent them, Kaspersky experts set up honeypots – decoy devices used to attract the attention of cybercriminals and analyse their activities.
Based on data analysis collected from honeypots, attacks on IoT devices are usually not sophisticated, but stealth-like, as users might not even notice their devices are being exploited. The malware family behind 39% of attacks – Mirai – is capable of using exploits, meaning that these botnets can slip through old, unpatched vulnerabilities to the device and control it. Another technique is password brute-forcing, which is the chosen method of the second most widespread malware family in the list – Nyadrop. Nyadrop was seen in 38.57% of attacks and often serves as a Mirai downloader. This family has been trending as one of the most active threats for a couple of years now. The third most common botnet threatening smart devices – Gafgyt with 2.12% – also uses brute-forcing.
In addition, the researchers were able to locate the regions that became sources of infection most often in H1 2019. These are China, with 30% of all attacks taking place in this country, Brazil saw 19% and this is followed by Egypt (12%). A year ago, in H1 2018 the situation was different, with Brazil leading with 28%, China being second with 14% and Japan following with 11%.
“As people become more and more surrounded by smart devices, we are witnessing how IoT attacks are intensifying. Judging by the enlarged number of attacks and criminals’ persistency, we can say that IoT is a fruitful area for attackers that use even the most primitive methods, like guessing password and login combinations. This is much easier than most people think: the most common combinations by far are usually “support/support”, followed by “admin/admin”, “default/default”. It’s quite easy to change the default password, so we urge everyone to take this simple step towards securing your smart devices” – said Dan Demeter, security researcher at Kaspersky.
To keep your devices safe, Kaspersky recommends users:
- Install updates for the firmware you use as soon as possible. Once a vulnerability is found, it can be fixed through patches within updates.
- Always change preinstalled passwords. Use complicated passwords that include both capital and lower-case letters, numbers and symbols if it’s possible.
- Reboot a device as soon as you think it’s acting strangely. It might help get rid of existing malware, but this doesn’t reduce the risk of getting another infection.
- Keep access to IoT devices restricted by a local VPN, allowing you to access them from your “home” network, instead of publicly exposing them on the internet.
Kaspersky recommends companies to take the following measures:
- Use threat data feeds to block network connections originating from malicious network addresses detected by security researchers.
- Make sure all devices software is up to date. Unpatched devices should be kept in a separate network inaccessible by unauthorised users.
Digitalization in logistics – A user’s experience
Geraldine Mamburu, Founder & MD PDQ Logistics (Source: Geraldine Mamburu)
In some cultures, children are sometimes named after events that would have taken place close to or during their birth. Jokes around naming children Quarantine Buthelezi, Social-distance Moyo, or Pandemic Ndlovu, were circulating in 2020 and made for a good laugh, however, one couple in India took this a little too seriously and named their twin boy and girl, Corona and Covid.
Looking back, I do not recall ever coming across a proposal to name children after any of the variations around the word digital, after all, every second Point of View that was being released was around digitalization and digital transformation. It got me thinking, and realised that a lot of these terminologies are thrown about in the corporate space, but what does this actually mean to the end-user? How does the user interact, make use of, and appreciate digitalization?
Being in the logistics space has found me interacting with a lot more digital platforms over and above e-commerce, social media, and the all-so-dreaded-virtual-meeting platforms. My favourite most convenient app (which is currently the best thing ever since sliced bread in my books) has got to be Truck Fuel Net (TFN). TFN offers a cloud-based, real-time software management solution that helps me manage all my on-road refuelling and driver spend needs. Given that the bulk of operational costs in road freight is fuel, one must have their finger on the pulse and be on the constant lookout for the best price, over and above monitoring driver efficiency. The TFN Management system helps me decide, where, when, and how much the driver can refuel.
Sidebar – I’ve been driving a Ford Kuga 1.6 AWD for a few years (NB: No fire starter jokes allowed) and for such a small engine, that car can chow fuel – I’m talking 11 – 12km/100! I never used to fill up because it was painful watching all that money go down the drain. When I filled up the truck for the first-time round, let’s just say I needed to sit down because I felt a little dizzy.
Every day, we transport goods worth millions of Rands. It goes without saying that the safety and security of the driver, the goods we carry, as well as the trucks themselves, is of paramount importance. TFN’s solutions enable us to run a cashless operation. In the road freight sector, cargo, equipment, and increasingly drivers, are all targets for criminals and if we can take one incentive out of the equation, the better off we are.
Whilst on cashless operations, I would like to give SANRAL a standing ovation. Now, now, before your eyes roll all the way to the back of your head, let me just say that we might have qualms as “Gautengers” about how they went about the e-toll saga, but their app is such a lifesaver! With an e-tag fitted on the vehicle, I can manage my account quickly and securely. The app works in real-time, allowing me to be kept informed of my spend on vehicles. And lo and behold when I do forget to top up (because …you know …admin), I immediately get a notification the moment my funds are depleted, allowing me to top up immediately whilst the truck is still on route, contributing to a seamless operation. Well done SANRAL. Sometimes the government does get it right …sometimes.
The South African logistics sector contributes about 12% towards the GDP, according to Stellenbosch University and the World Bank. Of that percentage, approximately ¾ is attributed to road freight alone. With such modestly generous figures, it’s encouraging to see various organisations come up with digitally inspired solutions to cater to this industry.
This brings me to my most used platforms, Car Track and Tracker. I can only assume that before the advancement in technology, one must have had to have a great deal of faith, composure, and trust. Not to say that we no longer require these skills, but the ability to log onto these apps and be able to get real-time updates on the exact location of a customer’s goods in transit certainly prevents a blood vessel or two from popping (in the event that you cannot reach the driver.) As for Google Maps, it goes without saying, that this is the backbone of my interaction with these tracking platforms.
There are a bunch of other digital platforms such as Linebooker that I am still to explore as the business continues to grow. However, it’s been interesting to know that before we start thinking self-driven trucks (think of that one scene from Terminator, were the machine is operating the truck…but I digress) and other seemingly complex technological advancements aimed at this industry, there are still digital channels that make the day to day operations in logistics that much easier.
What other digital platforms are you using or have you heard off that have made a world of a difference in the logistics space?
Article by: Geraldine Mamburu, Founder & MD PDQ Logistics
Three African-American Female Engineers Who Changed Our World
Image source: Pexels
The fields of science, technology, engineering, and mathematics (STEM) produce innovation that drives us forward as a species. Despite the fact that women and people of color have often been at the forefront of new discoveries, their representation within the STEM fields is historically low.
As culture progresses in understanding toward the value of a diverse workforce, those seeking out the future leaders of STEM are reaching out to underrepresented populations – specifically, women and people of color. One such outreach is ‘Introduce a Girl to Engineering Day’, a global campaign established by the National Society of Professional Engineers.
The event, which takes place this February 25, is run by teachers, volunteers, and STEM professionals, and includes engaging engineering-based learning activities that encourage young women to develop problem solving skills and indulge their interest in science and engineering.
The road to their future success was paved by the intrepid women who came before them, including these three remarkable African-American female engineers:
- Kimberly Bryant: Seeking to create an inclusive technology learning space for young women of color, Ms. Bryant created the not-for-profit coding camp Black Girls Code. As of late 2019, the organization has 15 chapters, and Ms. Bryant has been recognized as a White House Champion of Change for Tech Inclusion as well as one of 2013’s 25 Most Influential African Americans in Technology.
- Dr. Patricia Bath: An early pioneer of laser surgery for cataract treatment, Dr. Bath was the first female member of the Jules Stein Eye Institute, the first female African-American surgeon at UCLA Medical Center, and the first female leader of a postgraduate ophthalmology training program.
- Alice Parker: A housewife from New Jersey, Mrs. Parker developed and filed a patent for a gas-powered central heating system inspired by cold coastal winters. Her filing came before both the Women’s Liberation Movement and the Civil Rights Movement, a remarkable achievement for an African-American woman during her time.
More stories of African-American female engineers and female leadership in engineering can be seen here:
To discover more about Introduce a Girl to Engineering Day, visit NSPE online.
North Ladder Secures $5 Million Series A Financing Round To Accelerate Global Expansion
North Ladder Team (Source: Siddharth Sudhakar)
North Ladder (previously called BuyBack Bazaar), a UAE based secured trading platform for pre-owned luxury assets and electronics, today announced a $5 million Series A funding round led by regional venture capital firm BECO Capital. The new investment will help the company scale up its technology platform, enhance customer experience and pursue further geographic expansion.
The homegrown start-up also revealed that it will begin operating under the new brand name North Ladder effective immediately, representing the company’s strategy of charting new markets and supporting individuals across the globe in their endeavour to elevate their financial situation. The disruptive and innovative technology platform is the first of its kind, providing access to verified buyers of second-hand goods and instant cash. North Ladder currently enables users to sell electronics such as phones, laptops, tablets, and smart watches, as well as luxury assets including watches and cars, with a unique option of buying it back within a few months.
The Series A financing builds on an exceptional year for North Ladder which saw rapid growth of its clients, network of buyers and corporate partnerships. To date, the platform has witnessed over 15,000 transactions in the UAE, with over 85 different nationalities served while earning an impressive 4.9/5 customer satisfaction rating. In 2021, the start-up is looking to establish its presence in the Kingdom of Saudi Arabia and the United States, with a focus on scaling the platform significantly in the next 18 to 24 months.
“North Ladder has demonstrated tremendous success with its unique model of helping customers access immediate funds against their assets. The provision of a seamless and trusted digital platform for the sale of pre-owned goods has immense socially transformative potential at a global scale. We are excited about partnering with them to take their services to the next level,” said Dany Farha, CEO & Managing Partner, BECO Capital.
The company recently appointed Sandeep Shetty, former Managing Director of the core ride hailing business at Careem, as Cofounder and Chief Executive Officer of North Ladder. Prior to Careem he also led the digital transformation program at Emirates NBD and has held leadership positions at McKinsey & Company and GE Capital across India, the United States and the Middle East. Sandeep joins the leadership team of co-founders Pishu Ganglani and Ricky Husaini who together bring years of prior global start-up, financial services, technology and operations experience.
“Our exciting partnership with the region’s leading investor BECO Capital gives us the opportunity to scale operations in the UAE and expand to other strategic markets, with the mission of meaningfully impacting people across all strata of society,” said Sandeep Shetty of North Ladder. “Our global auction brings professional buyers from around the world to compete and provide local customers with the best prices and no hidden surprises.”
Since its launch in 2018, North Ladder has been recognized as one of the “Top 5 innovative start-ups in the MENA region” by PayPal backed accelerator, Village Capital and awarded as an Innovator by Entrepreneur Middle East.