TypoSquatting: Using Your Brain to Trick You

Diego Samuel Espitia    12 May, 2020

Our brain is amazing and has evolved over thousands of years to make our lives simpler or to minimize processing time on things it considers unnecessary. One of them would be reading each letter in a written text. This can be checked by several ways, as in the following example: 

Why Does That Happen? 

This is due to the way we learn to read, since initially we only see images and it is not until after we understand them that we begin to associate sounds with words. Once we are used to reading the same words for a long time, our brain places words where they are not, or immediately replaces the numbers with their corresponding letters, or can read text when it is written backwards, among many other things. 

Without a doubt, this brain capacity is incredibly powerful, but it also poses some cybersecurity risks because of the possibility it offers to easily generate deception. For example, if you get a message saying “www.gooogle.com” you don’t realise that “gooogle” has three “o” instead of the two that the actual website has. 

What TypoSquatting Is 

For many years now, criminals have realised that it is possible to use this capacity against us. Phishing campaigns use these small text alterations to trick users, and they are very effective if they are associated with feelings of fear or financial distress. This type of threat has been called TypoSquatting. 

Due to the current health crisis caused by the Covid-19, this technique is being increasingly used. One of the institutions that has been most targeted by these hoaxes is the World Health Organization, which had to publish a cybersecurity communication intended to mitigate the damages of these hoaxes. 

One of the thousands of examples can be found in one of the existing pandemic tracking systems, called coronatracker.com. This is used as the basis for different typosquatting-type mutations, as we can see below:

To summarise the analysis, only the second domain detected will be taken: coronatracker.info. This domain uses the technique of changing the root domain (from com to info) so that the victim, when focusing on the webpage name, does not notice any other details. In the following example below, an SMS tries to trick the user by using the domain of a bank, changing the root domain from com to one.

This image has an empty alt attribute; its file name is image-9.png

When performing the analysis of coronatracker.info by using our TheTHE tool, it can be seen how this TypoSquatting hoax hides a dedicated phishing site and that the domain was created during the first week of the pandemic, like thousands of others that have emerged. When using the IP, we see in the first image that it has already been reported in AbuseIP for being a suspicious IP. In the second, we see how the analysis with Maltiverse detects it as malicious. 

This image has an empty alt attribute; its file name is image-7.png

Using the domain, it can be seen that this has already been reported in VirusTotal and responds to 9 different IP addresses.

This image has an empty alt attribute; its file name is image-11.png

As you can see, criminals do not miss any opportunities to spread malware. This storm of events triggered by the pandemic is the perfect time to use all the mechanisms at their disposal to access personal, data and financial data, or simply to access machines to reach more victims. 

These techniques are not only applied in domains, but also in mobile applications, development software packages, e-mails, instant messaging, SMS and any other means that may be used to make victims click on the link. 

How Telefónica’s Digital Home response to COVID-19: increasing our offer of entertainment and education

Antonio Guzmán    12 May, 2020

As part of our commitment in this coronavirus crisis Telefónica has taken a series of measures and guaranteeing communications has been our priority. The Digital Home unit is committed to increase its entertainment and educational offer and has also launched new Living Apps.

Spain has an ultra-broadband communication infrastructure of extremely high capacity and quality. In a relatively short period, the country’s telecom operators have laid out fibre-optic cables reaching millions of premises – more than France, Germany, the UK and Italy combined. This has incredibly helped Telefónica to provide a state-of-the-art service to all its customers in Spain during this health crisis.

In order to facilitate home entertainment, Telefónica has increased its offer in Spain, especially children and sports content, free of charge, accessible through the Movistar+ Lite application where customers and non-customers can enjoy a month for free.

Furthermore, it has increased at no extra cost, the GB enjoyed by its customers with an additional 100 GB for two months and has just announced that over 3 million premium customers will have access to unlimited data plans for free. It has also made the Movistar Junior app available to our Fusion customers, free of charge, with special content for the youngest members of the household.

https://www.youtube.com/watch?v=7802bwgoUdw

AI powered in home experiences

Telefónica is the leading provider of home technology in Spain with 41 million accesses. We have the largest B2BC digital home platform. A platform that allows the design of new digital experiences using the capabilities of the Movistar ecosystem of devices and services. This success case study will be adapted to Brazil, Germany and the UK.

From Telefónica’s Digital Home unit we are committed to increasing our offer of entertainment and education in this time and have just launched new Living Apps available for free to over 1 million customers in Spain through Movistar+ TV such as:

GoMusic Living App for live streaming of concerts.

Jappy Living App for kids with music, or education content through videos.

StayConnected Living App where customers can do Yoga, do some exercise with Chema Martinez elite runner, play with their kids or enjoy culture activities.

https://www.youtube.com/watch?v=U8p35rrOYps

Living Apps are new forms of interactive advertising, a new brand space for innovative content which also allows conversions to purchase.

A growing ecosystem of devices & connectivity

The best connectivity is one of the pillars of our home strategy, and we see an increasing role of the home Wi-Fi as 80% of the smartphones traffic is Wi-Fi, and 54% of our digital consumers are demanding a higher reach of their Wi-Fi.

Family using their WiFi in a laptop

In Spain we are also leaders in developing AI powered devices, which are indeed helping our customers during this crisis to make the most of out their relationship with Telefónica. One example is the launch of Movistar+ Voice Remote Control with great success. I would like to remark that this device totally respects our customers privacy, the microphone is only activated when the Aura button is pressed.

The analyst firm Global Data recently published:

 “We are positive on the launch of the Telefónica Movistar+ Voice Remote Controller, this device could help get Aura into the home faster and effectively. It allows its Movistar+ TV service customers to search for content, change channels and other key content navigation tasks using the Aura natural language recognition interface.”

Global Data

Our Smart WiFi device is a gateway to control the connected devices and home and the network, and it provides peace of mind with security and family features such as parental control and identity protection. Furthermore, we have launched a second version of a home Smart WiFi app in Spain and Argentina, which will soon arrive in Brazil too. The new app includes parental control and device digital security (provided by McAfee) as well as Wi-Fi optimization and customer support capabilities.

The analyst firm OMDIA recently stated:

“For Telefonica, the Smart WiFi app is essential as it not only provides a better customer experience but also allows the operator to engage with its customers in a far more in-depth manner.”

OMDIA

As for our Movistar Home smart device, we are continuously integrating new features like the Bluetooth speaker, new TV features or content and games.

DIARIO: Our Privacy-Friendly Document Malware Detector

Innovation and Laboratory Area in ElevenPaths    11 May, 2020

Let’s imagine that a user receives an Excel file containing information that is supposed to be private or confidential. The user thinks that it could be malware, but their local antivirus has not detected it (since it has arrived in their inbox or hard drive and the antivirus has not gone off). What would happen if it were really malware? How could we check it?

If we send it to a multi-antivirus system on the web or via email to an administrator who can help us identify it, we could be disclosing confidential information if the file is legitimate. In such a case, we would be compromising confidential information in an attempt to protect our system. However, if you don’t use any security measures because you believe the document should not be shared, you could infect your system. In this context, we thought DIARIO could come into play.

About DIARIO

DIARIO is a new malware detection concept. It scans and analyses documents in a static way with no need to know the content of those files. For the analysis, it just uses the structure and formal features of the file without using any sensitive content. DIARIO extracts the features of the file and use them to create a vector impossible to attribute to a single file. This vector is employed together with standard Machine Learning techniques to detect malware.

The model used is flexible and is usually trained with the latest malware samples so that it can detect and complement beyond the traditional antivirus signatures.

This Machine Learning-based detection system is patented and has been built entirely by ElevenPaths Innovation & Labs.

There are many Machine Learning-based solutions to detect malware, but DIARIO is different from them for the following reasons:

  • It specialises in those documents where privacy is most critical: PDF and Office files.
  • Intelligent: We have trained our Machine Learning model by using the least detected samples in turn by antivirus engines. This way we can bridge the gap between traditional solutions and real malware issues. DIARIO is not intended to replace antivirus, but to complement them.
  • It has a dashboard for the analyst to validate and reinforce the system conveniently. This dashboard can be used by analysts to carry out malware research: attribution, detection, learning, analyses, research, and so on. This way we would have two user profiles: the one who wants to use the prediction service without compromising the data from the documents and the analyst who can take advantage of the database without accessing any compromising data from the documents.
  • Analyses are really fast. We just need a minimal part of the file to upload to the server and predict the attack. The server does not discard the file. Rather, the file is simply not required.

How Is It Used?

DIARIO has been working for a few months now, in the following lines you will find the formulas to use it:

  • Web: Users just need to drag the file into the scanner box in order to receive the prediction without compromising the information from the document.
  • Email Plugin: Users can conveniently send attachments without compromising their privacy. We will give further details later.
  • Analyst Dashboard: From where documents and features can be searched, analysed, or related to each other in order to develop new research and improve collective intelligence − while maintaining the confidentiality of the document. For now, this works under invitation.
  • The links containing the result and the prediction can be shared in static pages.

So you don’t trust the system? Well done, that’s why we offer the partial sending formulas.

  • API: Anyone can use DIARIO through an API. Build your own client, plug it to your repositories, and so on. FOCA has already integrated it.
  • SDK and command line toolsOn our GitHub.
  • Client for Windows, Linux, and Mac. It shows the content needed for the calculation and only the necessary is uploaded.

Efficacy

We have performed some tests that allow us to confirm that the level of detection (and false positives) is at the level of any other commercial solution. On the other hand, we have performed tests by using special types of macro malware, particularly those not detected by traditional signature systems. The full report is available on https://diario.elevenpaths.com

Bestiary of a Poorly Managed Memory (II)

David García    7 May, 2020

If we must choose a particularly damaging vulnerability, it would most likely be arbitrary code execution, and even more so if it can be exploited remotely. In the previous blog entry we introduced the issues that can be caused by a poorly managed memory. Now we are going to see concrete examples. 

Double Free: A Basic Example 

This issue occurs when we free the same block of reserved memory twice. Let’s take a look at a program that does it “properly”: 

https://empresas.blogthinkbig.com/wp-content/uploads/2020/04/image-38.png?w=640

We reserve two blocks, copy a string into them and free them as we no longer need them (note the calls for ‘free’). Let’s see the execution:

All right, now we are going to deliberately make a slip. We are going to free the block that we had already freed. This does not prove the vulnerability itself (which is more complex to exploit) but allow us to check out what happens when we get it wrong in the dynamic memory structures of the heap. 

Let’s run and see what happens: 

As we can see, the second string was not printed on the terminal, as it was in the previous program. What happened? 

By freeing a block of heap, this space has been left free. We have required another space for the variable p2 and we have been assigned another block. But remember that even though p1 has been freed, it still points to its original block, now belonging to p2

Since we are freeing p a second time, what we are actually doing is freeing memory that is using another pointer not related to the p object. The use of p2 becomes unstable since we are using a region of memory already freed. Let’s see how the memory addresses were made: 

As we can see, p2 takes the address of the block that already had p, but this one has been freed. Let’s see the same situation, but freeing the two blocks at the end of the function: 

If the situation is well managed, both point to different blocks, resources are not freed at the wrong time and everything goes as planned

Again: Manual memory management is complex, very complex. Attention must be paid to the order of operations, where resources are obtained and where we stop using them in order to free them in good condition. 

In the next entry we will talk about dangling pointers.

Don’t miss the first part of this post here:

Bestiary of a Poorly Managed Memory (I)

IoT Device Search Engines: Why Choose if We Can Use All of Them?

Nacho Brihuega    5 May, 2020

Current IoT device search portals are widely known and used by the hacker community to make queries or to get a first picture of the services enabled in a pentesting. 

Due to the current situation of confinement, many organisations had to implement in a very short time the necessary infrastructure to guarantee that their employees could telework. Quickly, making use of these search engines, a high level of services enabled for this purpose was detected − most of them RDP. At the beginning of the confinement, there were 29,657. Ten hours later it increased to 29,835, and to this day (when this post was written) there are 34,753. 

The main cities where technological activity stands out. 

Bear in mind: no to public RDP, yes to VPN. 

This means that RDP services that may be vulnerable to BlueKeep are being released (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708) because the relevant security patches have not been applied. 

What Are the Implications of This? 

Since the beginning of the lockdown, a high number of phishing campaigns or file attachments containing malware that used the COVID-19 as bait have already been detected. In the end the same actors are always behind these threats. 

To detect peaks like these or to collect information from these search engines, we should not limit ourselves to one of them, but instead use as many as we can and compare the resulting data. Some search engines are: 

https://empresas.blogthinkbig.com/wp-content/uploads/2020/04/image-18.png?resize=572%2C303

The Heisenberg Script 

As automation is a must, we have collected a couple of scripts for each of the services and unified them into one that queries each service so we can quickly have a first look. I have called this script “Heisenberg”, you can find it in my github

Below we let you some questions to understand the features of the script: 

  • What does it do? Getting open ports from Shodan, Censys, BinaryEdge and Onyphe services.
  • What is its programming language? Python3.
  • What do we need? Free API of these services.
  • Can we export the results? Yes, in .xlsx.

Having seen this, let’s move on to the use of the tool. Through the option h the help is displayed: 

As you can see, the script expects to receive the IP addresses in a .txt document via the -i parameter and the necessary APIs via the -a parameter. 

Regarding the file containing the APIs, below you can find an example of what the file would look like: 

An example as a proof of concept for its use is shown below: 

At the end of the program, the output is obtained: 

https://empresas.blogthinkbig.com/wp-content/uploads/2020/04/image-25.png?resize=574%2C534

You have the option to export the results in Excel, with the result of the ports according to each service: 

Because of the current confinement situation, we would like to take advantage of the functionalities of these services to add some additional options such as an extra column including the summary of identified ports or to develop a database connector. 

We hope you liked it. See you in the next one. 

Bestiary of a Poorly Managed Memory (I)

David García    30 April, 2020

If we must choose a particularly damaging vulnerability, it would most likely be arbitrary code execution, and even more so if it can be exploited remotely. The consequences may be fatal, as we have seen many times (Conficker for malware analysts, MS08-067 and EternalBlue for pentesters, WannaCry for everyone, etc.). 

Arbitrary code execution has been and remains one of the most loss-and-repair programming errors in the history of silicon. By the way, it is called arbitrary because actually the CPU is already executing code. The point of “arbitrary” is that it is left to the attacker to decide what code is executed, since it is the one taking control of the process. That’s what an exploitation of this type is all about: diverting the normal and determined execution of a process to a foreign agent introduced in an arbitrary way by an attacker through an exploit. 

How Exactly Does This Happen? 

There are many ways to execute code (from here we will understand arbitrary). By the way, the definition is not limited to native executables. Cross-site scripting is an injection of foreign code that, again, diverts the execution of a script to the injected code snippet. 

One of the factors in the execution of code at the native level is the one derived from memory management issues. We will review the most common types of errors, focusing on how they occur and how operating systems and programming languages are evolving to mitigate the effect of these failures when they are maliciously exploited. 

Going back in time, not all languages had a manual management of the use of the memory. In fact, John McCarthy, one of the fathers of Artificial Intelligence and creator of LISP, coined the concept of automatic garbage collection (memory freed during the execution of a process) in the sixties. 

However, even though the garbage collectors made life easier for programmers (detaching themselves from manual management), it was an overload on resource consumption that some systems could not afford. To get an idea, it would be as if the real-time flight tracking of an airport control tower stopped for a few seconds to eliminate the freed memory. 

That’s why languages like C or C++ keep a huge weight when programming system applications. They are languages without garbage collector (although it is possible to make use of them through libraries), so the programmer is fully responsible for the management of the memory. And of course, we all know what happens when you leave the work of a machine in the hands of a human. On the contrary, freeing the resources consumed by a collector means an enormous increase in the performance and response of the program − and this is translated into a lower cost in terms of hardware. 

Is It So Difficult to Manage the Memory Manually? 

Of course, it is a very open question and the answer will depend on our level of familiarity with this type of programming and on the facilities given by the language − added to the use of external tools and technology implemented in the compiler. 

Let’s see an example: imagine that we want to associate a text string to a variable. A trivial operation in languages with automatic memory management, for example in Python (the following is an example of code, we are not going to bother with its correction): 

def asociar_cadena(cadena): 
    mi_cadena = input()  
    # … 
    # procesamos mi_cadena 
    # … 
    return mi_cadena 

Well, this in C language has some interesting points. First of all, we don’t know the length of the string. That amount does not come “by default” with the string, it must be found or added as a parameter to the function. Secondly, since we do not know its length, we do not know either what memory we are going to need to save it. Thirdly: Who is in charge of warning us when we do not need that memory anymore? 

Let’s look at a code snippet (there are multiple ways to implement this, safer and better, but this one will allow us to illustrate what we mean, for example, using strdup, “%ms”, etc.): 

https://empresas.blogthinkbig.com/wp-content/uploads/2020/04/image-27.png?w=640

As we can see, we haven’t even started to manipulate the string when we already have to write code to detect the end of a string, reserve memory, watch the limits of the array in the stack, etc. 

However, the important thing is to look at line 28, that “free” function used to tell the system to free the piece of memory we had reserved in the “read” function. Here the situation is clear: we no longer use that memory, so we return it. 

In an example of code, it is easy to make use of the memory but what if we continue to use that reserved memory 200 lines of code later? What if we have to pass that pointer through several functions? How is it clear who is in charge of the memory, the function called or who is calling that function? 

In the subsequent blog entries, we will review some scenarios that turn into vulnerabilities because of this type of oversight: double free, use of uninitialized memory, memory leaks and dangling pointers.

DataCOVID-19: Fighting the Coronavirus by Using the Approximate Location Data of Your Smartphone

Gonzalo Álvarez Marañón    28 April, 2020

#StayHome: is the call from governments, companies and individuals to all citizens to contribute to end the pandemic. However, since not everyone stays at home all the time, many questions arise: Do social distance measures increase or decrease population flow between territories? Are there areas with a greater crowding or inflow than others? What is the concentration of population in the different areas in relation to their health capacity? 

In order to answer these questions, the Spanish Government has launched a study intended to measure the daily variation of population flows moving at the municipal or provincial level during the health crisis. It has been called DataCOVID-19. The power of Big Data is thus placed at the service of public health: 

To analyse large volumes of information and extract useful conclusions, thus gaining in efficiency in evidence-based decision-making that is better coordinated and adapted to each region.

The Government Doesn’t Want to Track You Down and Fine You if You Don’t Comply with the Confinement 

For many years, companies have been using Big Data and Business Intelligence for data-driven decision making. For example, LUCA (Telefónica’s Data Unit) has developed the Smart Steps platform. This platform analyses anonymised data on access to its network and generates aggregated insights on the global trends of groups of people, thus helping organisations to optimise their value proposal. 

It is therefore not only not surprising at all, but to be welcomed, that the Spanish State also decides to use these powerful tools to make effective decisions based on data, without any risk to our freedom. This advanced use of data was precisely proposed by the Government last 27 March through the Spanish Orden SND/297/2020

To entrust the Secretary of State for Digitalisation and Artificial Intelligence of the Ministry of Economic Affairs and Digital Transformation, following the model undertaken by the National Institute of Statistics in its mobility study and through data crossing of mobile operators, in an aggregated and anonymised way, the analysis of the mobility of people in the previous days and during the confinement.

However, some people interpreted this paragraph as an individual and personalised tracking of each and every citizen to monitor whether or not they were complying with the confinement and fine them accordingly. As expected, the hoaxes flooded the social networks with Orwellian messages: loss of freedom, violation of the right to privacy, espionage by the state in collusion with telephone operators, and much more. 

Although it is now, in the middle of this coronavirus crisis, that this study has caused such a stir, actually this controversy comes from before. As explained by the Spanish Statistical Institute (INE) in a statement in October 2019 in relation to another controversial study of mobility on holiday travel: 

Operators will not provide individual data on telephone numbers, nor on the owners of the lines, so in no case will the INE be able to track the location of any terminal.

How Then Can the INE Know Everything About the Movement of the Population as a Whole? 

Surely you already knew that mobile phones communicate via antennas located in cells. Each antenna provides service to all terminals falling within its coverage area at any given time. In very populated areas, operators locate many and very close cells to provide service to the large number of subscribers covered by each one, at distances as small as 400 m, while in unpopulated areas the antennas can be up to 8 km away. 

As a mobile phone user moves around, they switch from one cell to another. To make the mobile phone work, your operator needs to know at all times which cell you are in to get you incoming calls or allow you to call. The cells of the cellular network cover areas that usually range from 800 to 8000 m2, so it is not possible to locate a user with total accuracy, as a GPS does. The location known by the operator is always approximate, with a usual error between 400 and 8,000 m. Based on this error, it is possible to find out the neighbourhood where a terminal is located, but it is not possible to determine if it is inside a house, in the park or in the supermarket. 

Therefore, the operators provide the INE with anonymised and approximate location data, without any personal data. The approximate location data of the three major operators provides a sample of more than 40 million mobile phones throughout Spain, dividing the entire national territory into some 3,200 mobility areas. The location data are not extracted from the mobile terminals but are taken from the mobile network and assigned at census district level (the minimum geographical unit used). 

In addition, operators also prevent subsequent re-identification of terminals through various extra privacy protection measures: establishing very large areas in sparsely populated areas, excluding areas with less than 5000 subscribers, and so on. The study will continue as long as the health crisis lasts and until normalcy is restored. 

After these operations, the INE only receives aggregated information that allows it to draw general conclusions. For example, that 3.5% of the inhabitants of a given neighbourhood go to work every day, compared to 17.9% in another neighbourhood. In summary, based on the data provided by the operators, neither the INE nor the State has any way of determining whether or not you stay at home. 

Does This Study Comply with Data Protection Regulations? 

The answer is a resounding “Yes”. As no personal data or any other type of data identifying users is used or provided, no cross-checking with other data sources − such as those referring to the health of individuals or their home address − is possible

In case you have still any questions about whether even so it complies with the law, the truth is that the anonymisation of data for statistical or research purposes is a legal processing under the current legal framework, both in terms of data protection and telecommunications services. And we can’t forget the 4th whereas of the GDPR

The processing of personal data should be designed to serve mankind. 

And then, the 46th whereas foresees that some types of processing may serve: 

Both important grounds of public interest and the vital interests of the data subject as for instance when processing is necessary for humanitarian purposes, including for monitoring epidemics and their spread or in situations of humanitarian emergencies. 

In short: There is no reason for alarm. DataCOVID-19 does not conflict with the General Data Protection Regulation (GDPR). On the contrary, it follows the guidelines set by the Spanish Data Protection Agency. 

Technologies at the Service of Health and the Preservation of Life 

The Big Data and the approximate location of mobiles are two more technological weapons of the State in its fight against the pandemic, while guaranteeing the right to privacy. Thanks to this information, health agencies will be able to analyse the effects of confinement, make forecasts about the evolution of the pandemic, better understand the use of health facilities, and draw other useful conclusions in the fight against the coronavirus. With everyone’s cooperation, we will make this possible. 

#WeWillGetThroughThisTogether 

How process automation can help your business

AI of Things    27 April, 2020

The automation of processes within production systems makes use of machines to reduce human work, supported by technological trends such as IoT, Artificial Intelligence, Big Data, etc, which support the digital transformation of companies.

In this article discover 5 advantages of process automation for companies.

Benefits of process automation

1. Improvement of the production process

Process automation helps to shorten production cycles, since less time is required to coordinate processes.

So, by implementing automation, a team’s workload will thus be reduced. As a result, you will reduce the labour costs and time invested.

2. Optimal control

One of the latest technologies related to process automation is IoT, the Internet of Things, a technology that allows you, among other things, to control objects remotely.

For example, thanks to IoT, you can monitor machinery from a distant location so in the event of a malfunction, instructions can be sent to the machine without having to be present. This allows you to solve problems in real time, due to the immediate transmission of information, improving decision making via a digital platform.

3. Improved customer service

One of the most modern applications of process automation, associated with digital marketing, is the implementation of chatbots which uses Natural language processing. As its name indicates, it consists of a chat robot, acting as a virtual assistant programmed to maintain an online conversation with the visitors of a page.

The chatbots are loaded with a battery of frequently asked questions and answers related to the company. This tool can also ask them questions to find out what they need so that you can offer your services in a timely and personalised manner.

Finally, your visitors can leave their contact details to be contacted later by a representative to help make a sale. In this way, chatbots also become a good tool for collecting data from quality sources.

4. Optimization of teamwork

Another form of process automation that is becoming fundamental in work teams is task control platforms.

These platforms are usually designed to operate on a variety of devices. All you need to do is create an enterprise account and add your team members.

These tools usually have their platforms  (preferred space for desktop users) and in applications (ideal for those who connect from mobile devices). The advantage is that all the information will be uploaded to a cloud, making it available to all your collaborators.

Thus, control platforms help you to fragment projects into tasks for each member of the team. From these you can assign managers, control the status of the work and follow the deadlines.

5. Database management

In the digital age, most competitive companies have already introduced this technology. The best and safest approach is for organisations to have a digital database system in the cloud.

Big Data strategies allows companies to upload important information of your company, such as customer databases, information about your employees, accounting files, performance reports, legal documents, advertising assets, and other relevant information to one single online repository.

This information is not only stored, but also accessible by relevant personnel. In this case, process automation allows you to connect the relevant information for each area of the company and thus be able to view, modify and update it in real time. Process automation, then, allows employees to access updated information immediately, without the need to communicate it one by one.

To keep up to date with Telefónica’s Internet of Things area visit our webpage or follow us on TwitterLinkedIn and YouTube.

What is IoT: Solutions and future applications

Olivia Brookhouse    23 April, 2020

Are you interested in finding out what is the Internet of Things (IoT)? It is an ever-growing technology which opens doors to new opportunities in multiple sectors ranging from retail, industry, utilities, public administration, transport and tourism; to the transformation of entire cities into smart cities. It can also help you identify, create, and innovate business opportunities and lines of business. The Internet of Things is a digital transformation facilitator that offers infinite possibilities to companies.

To get an idea about its popularity, 90% of the users of IoT are convinced of its importance. Once a user experiences the advantages of connected things thanks to IoT, they are hooked to it’s benefits. For this reason, we have seen an increase in the number of people buying and using IoT solutions.

Thanks to the emergence of increasingly sophisticated connected devices, we are now at the full start and development of a new era of business productivity. Experts predict that more than half of all new businesses will have incorporated the Internet of Things (IoT) by 2020, making them more automated and saving millions, bringing greater process productivity through their implementation. However, with these high expectations, many business leaders are asking the question:

What is IoT and how can it realistically and practically help my business work smarter?

What is IoT or the Internet of Things?

The term Internet of Things was first coined in 1999. However, the first example of its application was in the early 1980s. Amazingly, it was a Coca Cola vending machine that first implemented an IoT device. Located at Carnegie Mellon University, the vending machine was connected to the web by a team o programmers, who were then able to obtain consumption data for the products. Via the connection, they could check the availibity of the stock of drinks and the temperature of the cans by means of sensors that measured their degree of refrigeration.

In its most general sense, the purpose of the Internet of Things is to use the devices as a tool to make us more efficient. To achieve this, there are 4 essential components that helps us gain a better understanding of what has happened and predict what will happen.

The core of IoT

  • Sensors capture real world data (such as: temperature, movement, location…)
  • Connectivity sends sensor data to platforms where it can be processed.
  • Service platforms converts data into information and actions
  • Data analysis generates a better understanding and decision making process

Today, there are billions of devices around the world connected to the Internet that constantly collect and share data. Thanks to wireless networks and smaller, more powerful processors, it is now possible to connect almost any device. In Industry connected factories make use of the connection of devices and machinery which can be applied to any location, such as airports. Other use cases include the connection of production plants and the use of robots to improve production lines.

Changes in company processes thanks to IoT

Impeccable production, maintenance, customer satisfaction, among others, are the pillars of business efficiency. IoT devices allow companies to create new business opportunities and introduce new ways of interacting with their customers. This helps them improve the workflow, production and much more.

Another aspect that stands out in the use of this technology is associated with savings. Many companies have already begun to use IoT solutions to increase sustainability, with: energy monitoring, intelligent lighting, intelligent charging of electric vehicles and inside climate control. But the benefits don’t stop there. With the same network connection, the system can integrate other IoT devices and applications. Examples include: asset tracking and monitoring, air quality measurement, proximity detection and machine optimisation.

Connection of IoT devices in everyday life

Let’s imagine that an alarm clock wakes us up at 6 a.m. and is able to tell your coffee maker to turn on and start making coffee. Now imagine that your printer knows it is running out of paper and automatically orders more. Imagine if your watch could tell you when you’ve been most productive while at work. The uses and benefits of IoT for personal use are also endless, generating Big Data that deserves to be analyzed.

The application of IoT in everyday tasks is infinite. Another great example can be found in the so-called smart cities. In which tasks such as waste management services, intelligent irrigation, pollution control, etc. are already carried out. It is likely that you are surrounded by these devices and do not know it yet. Check inside this list and list how many there are in your environment.

  • Houses with automation systems. Devices linked to safety and energy saving.
  • Smart bands, smartwatch or fitness bands.
  • GPS trackers.
  • Smart smoke alarms.
  • Smart locks.
  • Smart door bells .

Future of the Internet of Things

While some countries are still wondering what IoT is, it will soon dominate the world. The consulting firm Gartner predicted that the automotive and business IoT market will grow at a rate of 5.8 billion units by 2020. This will mark a 21% increase over last year (Goasduff, 2019). Soon everything that can be connected will be connected, forming a comprehensive digital system in which all devices communicate with people and with each other.

Imagine how in the future a car interconnected through devices such as Movistar Car will know your work schedule and notify your colleagues about a delay in the meeting if you get stuck in a traffic jam. Our interconnected future will undoubtedly bring much value and great opportunities for everyone.

Households also embrace this technology in an immersive way. We are at a time when technology is very much present in our lives. As users, we must make use of all its advantages and take advantage of their benefits. If you are still wondering what is IoT? It is the technological solution becoming ever more present in companies, as well as in the lives of users.

IoT implementation success stories

Uber

To connect users with drivers, Uber developed algorithms that use data from sensors and smartphones. In this way, they were able to monitor traffic and travel conditions in real time. This data not only allows the company to adjust its prices according to demand. They also help to manage driver demand. When drivers see that demand is high, they go out and offer their driving services to meet it; conversely, they will stay home when the data tells them that demand is low.

Rolls Royce

The company’s manufacturing systems are connected via an IoT network environment. At its Singapore factory, Rolls Royce generates half a terabyte of manufacturing data for every turbine blade it produces. This data is used for quality control, which is a critical area for the company’s success.

Coca Cola

As a true pioneer, Coca Cola started implementing IoT almost 4 decades ago. Today the company uses IoT very efficiently on its vending machines to obtain real-time data including: location and availability of the cooler in the store, temperature, stock level, product placement, customer behaviour and trends. In this way, it analyses purchasing behaviour, which allows it to reinvent loyalty strategies and track consumption peaks. All this has applications in strategies to improve targeted marketing and customer satisfaction.

Final thoughts on IoT

The future of IoT is already here. With technological improvement our lives are changing and becoming easier and more efficient. Although this is only just beginning. We will continue to see its influence on our cities, our work and our home lives. Once we experience the benefits of IoT we will wonder how we lived without them. You can stop wondering what IoT is and start enjoying all its benefits.

To keep up to date with Telefónica’s Internet of Things area, visit our web site or follow us on TwitterLinkedIn YouTube.

Do You Dare to Develop a TheTHE Plugin? #EquinoxRoom111 Contest

Innovation and Laboratory Area in ElevenPaths    21 April, 2020

A given IOC comes to your hands, for instance a hash, URL, IP or suspicious domain. You need to find out some basic information: Is it malware? Is it in any repository? Since when? Whois? Country of origin? Is it in pastebin?

You start to open tabs, enter passwords in the different services and launch queries. Hopefully, you have an API shared with a co-worker and, after checking several systems, you open a TXT file to recopy the data to the intelligence platform. Your co-worker, who you share those APIs and passwords with but who is on your computer elsewhere in the world, does the same because the same IOC has also reached their hands. This is over with TheTHE.

The higher number of plugins, the better. It doesn’t matter if an APIKey or a password is required, anything is possible. So we encourage you to participate in this contest.

How Do I Participate?

The challenge is to develop a plugin for TheTHE that is not already done. You can see the whole list through the following link https://thethe.e-paths.com, along with the link to the tool, how to install it, etc.

Some ready-made plugins are: abuseipdb, DIARIO, emailrep, geoip, haveibeenpwned, hunterio, maltiverse, metagoofil, pastebin, phishtank, robtex, sherlock, shodan, tacyt, urlscan, verifymail, virustotal, whois, etc.

How Should I Do It?

If you wish to take part, you must be familiar with Python and Vue. The detailed instructions to develop a plugin can be found here: https://github.com/ElevenPaths/thethe/wiki/How-to-create-a-Plugin-(backend)

What Is Evaluated?

The features of the plugin that will be evaluated are its originality, how well it is programmed, its usefulness, etc. Everything related to IoCs and Threat Intelligence is valid, whether accessible by API or command line tools. Some ideas: AlienVault, CrowdStrike, Team-Cymru, MalwareCheck, blockchain.info, ThreatGrid, etc.

Please note that if a paid APIKey is required, we may not be able to evaluate the plugin.

Where Do I Send It? What Is the Deadline?

You can send your solutions to [email protected] until May 15, 2020 at 12am (Spanish time). You will receive a confirmation of receipt of the plugin. We will announce the winner by the end of May.

What Is the Prize?

The prize is an Amazon Gift Card worth 111 euros. Even if you don’t win, we will publish your plugin explicitly mentioning you on our TheTHE Github.