Search This Blog

Showing posts with label Internet of Things. Show all posts

Interview with Waylay: Power of Automation to Everyone?

 

On 8th January, E-Hacking News conducted an interesting interview with Waylay. The guest speaker for the interview was Mr. Veselin Pizurica, CTO & Co-Founder, Waylay. The company helps to connect IoT solutions to IT systems, empowering them to build new applications faster and better than ever before.

Q1. Can you please tell us about “Waylay” as a company? 
Waylay is a technology company that builds automation software for the Internet of Things. Our platform is used by enterprises to develop new digital solutions with IoT, IT, and OT data in the most flexible way. We have about fifty enterprise customers from Australia, Japan, Europe to the US. We are expanding to the US with a physical presence because we’ll like to get better support for our US customers. Today we are more focused on OEM technology meaning we work as an invisible layer, where other companies can buy our software that integrates our automation technology with their solutions. 

Q2. In what industries Waylay is useful for? What type of customers may be interested? 
In the context of IoT, one has two approaches – either go for a vertical approach or being a platform-neutral player where other customers create their own solutions based on automation technology. In this regard, we are the latter case. Our customers are either in the smart buildings or HVAC connected appliances or even B2C. Our technology is used mostly in manufacturing spaces, smart buildings as well as HVAC. The reason for customers being interested in Waylay is because we are a cloud-capable platform as well. We have built a unique set of interfaces that work on top of all other cloud technology in a way that the bigger automation players can replicate the same use case in different clouds. 

Q3. Do you integrate with the existing HVAC system? What if an end customer wants to integrate into your dashboard, how do they do it? Do they need to put a specific IoT controller for this? 
What we have done is to create a kind of convergence layer that integrates to other IoT clouds or IoT systems in such a way that we put in just data for a variety of different systems. In other words, we are just saying we’ll create a bridge layer that can integrate with our system. Secondly, many of these HVACs are not connected and they will never be connected. Our technology offers the opportunity to integrate with other IoT systems. We are not enforcing our connectivity on our customers; we are rather saying whatever we have already we’ll create a layer that will enable us to get data in our systems 

Q4. Do you directly work with OEM (Original Equipment Manufacturer)? If so, do you have a development kit for OEM? What are the types of OEM you work with? 
We do actually. If you have the HVAC suppliers/manufacturers they, face a couple of different problems and none of them are actually trivial. So, basically what we offer is a sort of total automation that enables experts from both sides of the story (machine learning builders and machine learning experts) to bring them on one platform to be able to do total automation. The next thing you could do is offer new services; people are actually renting machines as a service rather than actually selling them. For instance, if you like to rent a machine as a service then your absolute interest is that the machine operates with optimum settings. 

Q5. IoT awareness is so low in many countries, will Waylay contribute positively to increase awareness in the IoT space? 
There are various angles to answer this question. First, IoT is something that people have been talking about for a long time. In a B2C context, if you buy any device, one or the other way, it is connected, it’s just that people are not aware of that. In smart home automation, it is already happening. In industries, things are much more complicated as there is a lot of different technology. Now, awareness also depends on the countries, some people are more eager to try things than others. In industries, the very first problem is connectivity, it not only depends on the use case vertical but also on the country. The thing with IoT is, it’s already happening but not at the same pace (compared to other technologies). What makes our company very confident is eventually, everything will be connected, it’s just that the pace of adoption in some countries is slower than others. 

Q.6 Your blog talked about “Waylay’s Digital Twin Revolutionizes Provisioning in Industrial IoT.” Please tell us more about it. 
When we talk about Digital Twins, we are talking about the digital representations of the objects. It can mean different things to different people. “In an ideal world, all equipment would be connected. In reality, millions of legacy machines are locked out of Industry 4.0 solutions because of the prohibitive cost of retro-fitting them.” 

Q.7 How has Waylay helped to bring a change in Digital Industry? 
Our goal is to bring the power of automation to everyone. Waylay believes that automation liberates human intelligence, cuts down costs, and increases value creation.

IoT (Internet of Things) : taking the world by storm

IoT or Internet of things refers to billions of devices and machines in the world connected to the internet, sharing and collecting data.


Now, with the advancement in computing and wireless technology even something as small as a pill or as big as an aeroplane can become a part of IoT. Any device or machine that can be transformed into an IoT device is connected to the internet to communicate and transfer data and perform  functions without human involvement.

According to Gartner, a research and advisory company around 21 billion "connected things" right at this moment are working collecting data and performing tasks. They predict that by the end of 2020, the IoT market will grow 21% with 5.8 billion endpoints.

"Electricity smart metering, both residential and commercial will boost the adoption of IoT among utilities,” said Peter Middleton, senior research director at Gartner. “Physical security, where building intruder detection and indoor surveillance use cases will drive volume, will be the second-largest user of IoT endpoints in 2020.”

 Be it consumer devices, smart devices, the medical sector, government, industrial sector like automobiles, productions nearly every enterprise use IoT devices in some form.

 he utility of IoT devices is realized in this COVID-19 era where the ability to remote control devices and perform works is a great help. These millions of IoT endpoints are bridging the gap between the digital and physical worlds.

Mobilizing the World

The best example of IoT's value is the 'Medical Sector' like Kinsa's connected thermometer which sends the data to the company who uses it to flag possible COVID-19 outbreaks.

 79 percent of healthcare providers with over $100 million revenue put IoT devices in production. Gartner also predicts a 13-percent rise in medical IoT spending for the next fiscal year.

 As great are the benefits of Iot, the risks are ever-increasing. There are security risks as connecting to internet invites attack vendors that offline machines never face. Installing IoT devices are a great feat in itself with proper procurement, deployment, security, and monitoring.

But the rewards of IoT surpass the risk, they increase efficiency, provides a cutting edge technology, and most importantly the invaluable data. Ofcourse, one needs the right analytics tools and strategy that imputes building a whole analytics team and department. Experts do say, you would definitely fail in your first attempt but learn from the mistakes and get it right the next time

Three Botnets Abuse Zero-Day Vulnerabilities in LILIN's DVRs!


Not of late, LILIN recorders were found to be vulnerable. Reportedly, botnet operators were behind the zero-day vulnerabilities that were exploited in the Digital Video Recorders (DVRs ) that the vendor is well known for.

Sources mention that the exploitation of the zero-day vulnerabilities had been a continuous thing for almost half a year and the vendor was unaware. Nevertheless, they rolled out a patch in February 2020.

Digital Video Recorders are electronic devices that collect video feeds from local CCTV/IP cameras systems and store them on different mass storage devices like SD cards, USB flash drives, disk drives, etc.

DVRs are a huge deal today given they are a major element for the security cameras that are used almost everywhere in these times.

With CCTV cameras raging, attacks especially designed for them have also risen equally. Malware botnets and other hacker operations have been targeting these widely used DVRs for quite some time now.

Per sources, the non-revised and out of date firmware stands to be the reason for these devices being hacked. Especially, the DVRs with default credentials are exploited to kick off DDoS and other IoT attacks.
Sources mention that security researchers found LILIN’s DVRs too were being exploited for almost half a year, since August last year by three botnets.


The vulnerability in the “NTPUpdate”, sources mention, allows attackers to inject and control the system’s commands. Via one of the ‘hardcoded credentials’ (root/icatch99 & report/8Jg0SR8K50) the attacker stands a chance to retrieve and alter a DVR’s config file, and later control commands on the device after the File Transfer Protocol (FTP) server configuration is regularly matched.

Per sources, the first botnet behind the zero-day vulnerability was the “Chalubo botnet” with a motive of exploiting the NTPUdate of the LILIN DVRs. The other two were employed by the “FBot botnet”

Reportedly, a couple of weeks after the previous attacks of the FBot, the Moobot botnet also tried its luck and succeeded on the second zero-day vulnerability.

There is no knowing as to what the exact motive was behind hacking the LILIN DVRs. Nevertheless, there has been a history of DDoS attacks, re-routing traffic, and proxy networks.

As it happens there are, per sources, over 5,000 LILIN DVRs that exist today thus making it quite a hefty task to update all of them immediately. But it’s a relief to know that the first step has been taken. There’s not much to worry about now given LILIN has released a firmware update along with solutions for mitigation.