Categories
Insights

Four ways to protect your investment in IoT from cybersecurity threats

Four ways to protect your investment in IoT from cybersecurity threats


IT professionals are used to thinking about how to protect our information technology assets. Data loss, data theft, exposure, identity theft and ransom attacks are the menu du jour. As we move towards Industry 4.0 internet of things (IoT) is connecting operational technology (OT) to the network at breakneck speeds, raising the stakes for cyber-attacks to the levels of tales we see in dystopian fiction.

We have seen nation-state attacks against nuclear power plants (India, November 2019), as well as widespread attacks on IP connected surveillance cameras. Just today it was announced that  a major cyber security attack has been identified by the Australian government. However, threats like ransomware take on a new form: consider a farm with hundreds or thousands of IoT sensors being held ransom under the treat that their crop may be flooded just before harvest, sending them into financial ruin. 

Recent attacks have highlighted just how vulnerable Australian government and business are to malicious cyber attack.

OT security is no longer speculative; this week we have seen exposure of attack surfaces in the networking stacks of embedded devices. Nineteen vulnerabilities were discovered in the Treck TCP/IP library commonly in use in IoT devices, four of which are considered critical. Physical security used to be the primary concern for OT managers, but now we must consider a broader landscape. 

Physical security used to be the primary concern for OT managers, but now we must consider a broader landscape. 

How do OT cyber-attacks work? 

In addition to securing the back-office systems the devices talk to, OT security professionals now need to look at the devices themselves. The attack vectors can be broken into four key areas of concern. 

1) Device firmware: This is the software running the device and comprises the base operating system on the device and the application sitting on top of this. Both elements will make use of code which is either subject to unintentional vulnerability via defect, or introduction of malicious artefacts through open-source libraries in use. 

2) Device hardware: There are common protocols in use to communicate between the hardware elements of IoT devices which can be the subject of attack. The very common I2C and one-wire protocols connect sensors and actuators to a device and are prone to being sniffed if physical access is available. 

3) Device APIs: IoT devices are useless unless they are connected to a back end, and these interfaces or application program interfaces (APIs) are often vulnerable to attack. The same attack tools used to attack web servers can be used to attack IoT devices; most common weaknesses exploited are default usernames/passwords, weak passwords, and hard-coded passwords, but buffer overrun attacks are also a concern for the transport protocols in use (HTTPS in most instances) where the attacker uses carefully constructed URLs to attempt to break into the API. 

4) Radio networks: Wireless communications are a dream come true for an attacker, removing the need for physical access to carry out an attack. Open discovery protocols or weak network configuration can leave devices open to man-in-the-middle attacks which potentially expose user or API credentials,  allow actors to extract, inject or otherwise change device data or allow actors to alter the state of actuators by replaying or inserting commands on the device interface. 


“Physical security used to be the primary concern for OT managers, but now we must consider a broader landscape.”


So, What can you do?

We have found that there are four components to an effective protection strategy for IoT assets. 

1) URL filtering: This is the practice of recognising URLs that are known sources or destinations for cyber-attacks. In the case of IoT it is particularly important to manage this access to prevent BotNet attacks which can generate significant amounts of traffic or computational load. 

2) Behavioural assurance: IoT devices are typically low power, low data bandwidth devices so many will fit into one of a few behavioural patterns. Once a pattern is selected for a device, we watch traffic for patterns outside this behavioural definition. For example, a period of high data utilisation when the device has been classed as low bandwidth, or traffic generation during a period when the device should be dormant. 

3) Behavioural profiling: Patterns of behaviour can be established quickly for IoT devices. Artificial intelligence (AI) algorithms can be trained early in a device life cycle to understand the expected behavioural profile of a device, observing low traffic under normal circumstances, occasional high traffic due to an event, and seeing traffic to several legitimate destinations. Once established, the AI can continue to scan the traffic, watching for changes in this behavioural profile to understand when an attack is imminent, or under way. 

4) Global threat profiling: If you have access to enough devices, AI algorithms can begin to learn the patterns of the threat actors as well. This can be applied to the entire population of devices under protection, meaning that new threats can be identified and acted on more rapidly than would be otherwise possible. 

Choose the right protection and integrator  

Unico have extensive experience delivering tailored solutions that meet the specific needs of our customers. Alongside Allot, one of our strategic partners, we have a product that provides four comprehensive modes of protection for your IoT infrastructure: 

  • URL filtering 
  • Behavioural assurance 
  • Behavioural profiling 
  • Global threat profiling 

If you would like to find out more about protecting your business or your customers business please get in contact as I would be happy to show you how the Allot IoTSecure Service can provide affordable, multi-tenanted IoT protection solutions ready to ship to your customers out of the box. 


Andrew Davison

Technology and Innovation Evangelist

Categories
Business update Insights Media

Open for business COVID-19 update

Open for business COVID-19 update

27 March 2020

We are committed to servicing you and your business-critical IT infrastructure and remain fully operational. Early last week we activated our business continuity plan (BCP). Our BCP facilitates a rational, calm approach whilst acting in accordance with directives from the Australian Government.

Our team is set up with robust IT remote access infrastructure, enabling them to work remotely as required. Minimising disruption to our customers and partners is high priority, second only to the health and wellbeing of our people, customers and community.

If you have any concerns or questions about your interactions with our team during this time, please reach out to your Unico contact.

John Rowland, Managing Director


John Rowland

Managing Director

Categories
Case Studies

Developing Australia’s first eSIM solution for wearable device compatibility: uPair

UPair-1

Developing Australia’s first eSIM solution for wearable device compatibility: uPair 

One SIM, one number, one service. An eSIM (embedded SIM) solution that allows Australians to use the built-in cellular capability of their Apple Watch (GPS + Cellular). 


Customer

  • Tier 1 Australian Telco

Project

  • uPair

Objectives

  • Create a high availability, low latency and fault tolerant eSIM provisioning system 
  • Allow for a single mobile number to be allocated to multiple devices 
  • Geo-location enablement 
  • Full ACID compliance 
  • Real time performance and storage capabilities 

Approach

  • Develop a subscriber identify module that securely provides subscriber identification information to a carrier’s network 
  • eSIM provisioning for a shared number service 
  • CRM integration and customer entitlement management 
  • Built in multiple edge case scenario capability 

Outcome

  • A polished and seamless end-user experience
  • Provisioning for 20,000 to 30,000 transactions per day
  • Full 4G GPS & Cellular capability for the Apple Watch  

Australia’s largest mobile service provider, needed an application that enabled the new Apple Watch to share as single service with a mobile device through sharing accurate subscriber identification information to a carrier’s network. A single mobile number needed to be connected to multiple devices with real-time performance and storage capabilities. The solution needed to be telco grade with real-time and high availability performance requirements.

Our eSIM (embedded SIM) solution introduces the ability for customers to use the built-in cellular capability of their new Apple Watch (GPS + Cellular). Thanks to uPair thousands of Australians are connected to Australia’s biggest mobile network for phone calls and messages via their wearable devices. 

Unico’s technology has provided a host of enablers for this service, including management of customer entitlements and CRM integration. uPair encompasses customer-facing screens that enable sign-up processes, entitlements, database systems and mediator protocols which apply updates to various systems across telecom networks. 

Our team solved several technical challenges resulting from integrating new technology into an existing national network with an accelerated timeframe. uPair seamlessly handles multiple edge case scenarios such as lost settings, refreshing broken entitlements and timeouts. 


Solution

Our product was able to meet the needs of a world-class telecommunications provider and deliver a world first in eSIM technology.

– John Rowland, Managing Director, Unico


The project included provisioning and enabling of the eSIM for the Apple Watch to download and update its network whilst allowing paired devices to operate with a ‘shared number’ service. The partnership marked the first time an eSIM technology had been delivered to the Australian consumer market.  

Our solution offered a high availability, low latency and fault tolerant solution that facilitated an optimal user experience. 


Mark Hannon

Head of Sales

Categories
Case Studies

Building a bulletproof digital voting platform & website: The All-Star Mile

Building a bulletproof digital voting platform & website: The All-Star Mile

How we helped increase the longevity of the racing industry through the power of Salesforce Marketing Cloud (SFMC) and platform engineering.


Customer

  • Racing Victoria

Project

  • The All-Star Mile – Australia’s only fan voted race

Objectives

  • Attract a new audience to the racing industry
  • Design an online website and voting platform that could handle high volumes of traffic on and off peak
  • Build a seamless, multi-channel digital experience across website, email and text
  • Construct a range of end-to end consumer journeys across the All-Star Mile Campaign

Approach

  • Build a secure, audit proof web voting platform
  • Website development
  • Design Multi-channel SFMC journeys to engage multiple customer segments (email and text)
  • Mobile validation through SFMC

Outcome

  • 135,097 votes Australia and New Zealand wide
  • 96.5% validation rate of voters, halving last year’s rate
  • Over 30% female voters

Horse racing in Australia has traditionally attracted an audience comprised of males aged between 45-65. Racing Victoria sought to expand into other customer groups through the introduction of the inaugural All-Star Mile in 2019. By introducing a voting platform and website for fans to choose race participants and increase social engagement, Racing Victoria was able to attract new prospects from all demographics to the racing industry. Our team partnered with Racing Victoria for the second year to create the platform that would allow Australia’s only fan voted race to function.

Using Amazon Web Services, our team built a highly secure web voting platform from the ground up that is auto scaling and healing with cloud first design and the ability to handle high levels of user traffic. For the second year running, a Big 4 Advisory cyber and hacking team tasked with auditing the platform was again unable to penetrate the system.


“The All Star Mile was designed to attract a new and more diverse audience, which was achieved for the second year in a row with over 30% female voters. This could not have been delivered without the teamwork and collaboration between Racing Victoria and Unico – our team more than halved the number of unverified votes from last year, worked on tight deadlines and had to adapt to meet regulatory constraints”

– Marcia Allan, GM Customer Strategy & Engagement, Racing Victoria.


Racing Victoria’s goal of building fan engagement for the All-Star Mile was conducted through SFMC. Unico had previously helped Racing Victoria increase their SFMC capabilities allowing them to effectively build journeys for their subscribers. These journeys helped elevate the engagement levels with Racing Victoria which enabled them to send consistent multi-channel messaging to new audience’s generated by the All-Star Mile.

A final voting tally of 135,097 was a remarkable result during a summer that was devastated by unprecedented bushfires. Racing Victoria offered their support to the bushfire crisis by pledging to donate $1 for every vote received. In addition, they also donated all 93 horse nomination fees of $500 totaling $46,500 to the Good Friday Appeal.

If you would like to find out more about Unico’s All Star Mile secure website and voting platform, please contact Evan Harridge.


Evan-Harridge

Evan Harridge

Director of Innovation and Enterprise

Community

Giving back

We believe that everyone has a role to play and a responsibility to actively contribute to environmental sustainability and the community, making our world a better place.

At Unico we have two initiatives the Unico Community Fund aimed at supporting the local community and the Unico Conservation Foundation focused on marine sustainability and education.

Our community supported projects

A commitment to giving back, helping others in need, protecting our environment and being active in the community is an important part of Unico’s culture and something that we take seriously.

That’s why the Unico Community Fund works with partners in Australia and developing countries on locally based development projects in the areas of sustainable environment, income generation, self-reliance, education and training. We believe these key focus areas are vital in creating more sustainable communities, environments and a healthier world.

Conservation fund

The Unico Conservation Foundation has a long and proud history of supporting projects that protect the marine environment.

This commitment was inspired by a family trip on an Earthwatch Expedition in 2002 for Geoff and Denise Illing. They were impressed with the work that they saw and it transformed their way of thinking in regards to marine conservation. It inspired them to think about greater actions and other ways in which they could contribute to building a more oceans. Projects include:

  • Saving Philippines Reefs
  • Alan White Library
  • Coral Sea Monitoring
  • Melbourne Down Under.

For more information visit  www.unicoconservationfoundation.org.au.

Work with us

Work with us

Are you looking for your next opportunity?

Do you want to help Australia’s largest organisations transform their business through technology?
Unico is the place for you. We are always on the lookout for bright minds to help our customers solve complex business challenges.

We are proud of our inclusive and diverse culture and offer our team continuous professional development opportunities that are aligned with exciting and innovative technology projects.

Seeking an extraordinary career?

Unico life

Extraordinary perks for an extraordinary career
Some of the benefits our team enjoy

Flexible hours

Need to pick up and drop off the kids? Long commute? No problem, we work flexibly.

Free fuel

Fully subsidised Myki card. Our kitchens are stocked with barista grade coffee, tea and hot chocolate as well as a weekly fruit box.

Back to work scheme

We want you back! We offer primary carers sponsored childcare so you can return to work whilst your little one is cared for.

Learning & development

We want you to reach your potential and offer 24/7 access to Udemy online courses, along with other learning opportunities.

Dollar for dollar

We are proud of you, so proud that we will match dollar for dollar what you raise for Australian charities through the Unico Community Fund.

Mind, body & soul

Complimentary onsite gym, yoga and meditation, annual flu vaccinations, subsidised Osteo and employee assistance programs.

Office space

Fully renovated office with huge break out zone with amazing views of Albert Park and Port Phillip Bay, table tennis table and art on walls.

Social events

We have a jam-packed social calendar including monthly team drinks, table tennis championships and an end-of-year celebration.

Diversity & inclusion

We are a culturally diverse and inclusive workforce and celebrate our differences.

Secondments

We encourage you to spread your wings and work in other teams to learn new skills and tackle new challenges.

Volunteer day

We care about more than the bottom line. That’s why we offer you a volunteer day to support your chosen charity.

Unico Conservation Foundation

We actively contribute to environmental sustainability and the community, making our world a better place to live.

What our team says

Cory Mollison, Technical Team Lead

The team at Unico provide such a rewarding environment. I am empowered, trusted and provided with the support I need to take responsibility for solving interesting and complex problems for our customers.”

Ben Theobald, Developer

I love being given the tough and complex problems to solve for our customers and working with them to provide manageable and robust solutions.”

Emily Johnston, People & Culture Advisor

I truly enjoy coming to work as it’s a positive environment and every day is different.”

Fiona Carter, Head of Marketing

Unico has an inclusive and diverse culture and is a truly flexible workplace – leadership walk the talk. There is no clock watching and team members are empowered and trusted to get work done.”

Afsaneh Ghoddousi, Technical Team Lead

Being able to work in an environment that encourages diversity and open communication is a privilege. I enjoy being part of this exciting workplace and a member of the family we call Unico.”

Monica Vasquez, Scrum Master Team Lead

Unico welcomes people with great talent and allow us to learn new things from each other every day.”

Graduate program

Our graduate program is flexible – we work with you to understand your career aspirations and areas of interest, and tailor your experience to fit in with you and our customer needs.

Why should I choose this program?

You will be exposed to market leading technology and work with some of Australia’s leading organisations on high-impact projects. As a graduate you will experience a comprehensive induction and training program as you will be on a rotational development plan for the first 12months.

At the successful completion of the program we will match your skills, talent and area of career interest to a team – Development, Testing, Operational Support, Marketing Automation or Technology Support. As your career develops you will continue to receive on the job training, mentorship and education through formal professional development programs.

Who are we looking for?

Bright, enthusiastic and committed individuals with degrees in IT, UX/UI, software engineering, computer science, telecommunications engineering, information communication and technology.

We also look fondly on work experience, university experience and individuals who have a basic understanding software engineering principles.

Can I apply?

You bet. Your application will request your CV, academic transcript and you must have full legal rights to work in Australia.

Complete our Graduate program application form

Seeking an extraordinary career?