Monthly Digest. 2024 / 07
Read the announcement https://sponsr.ru/overkill_security/59140/Monthly_Digest_2024__07_Announcement/
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
Check out PDF at the end of post
The paper titled «LSTM-based Stacked Generalization Model for Optimized Phishing» discusses the escalating reliance on revolutionary online web services, which has introduced heightened security risks, with persistent challenges posed by phishing attacks.
Phishing, a deceptive method through social and technical engineering, poses a severe threat to online security, aiming to obtain illicit user identities, personal account details, and bank credentials. It’s a primary concern within criminal activity, with phishers pursuing objectives such as selling stolen identities, extracting cash, exploiting vulnerabilities, or deriving financial gains.
The study aims to advance phishing detection with operating without prior phishing-specific feature knowledge. The model leverages the capabilities of Long Short-Term Memory (LSTM) networks, a type of recurrent neural network that is capable of learning order dependence in sequence prediction problems. It leverages the learning of URLs and character-level TF-IDF features symmetrically, enhancing its ability to combat emerging phishing threats.
The document titled «cyber actors adapt tactics for initial cloud access» released by the National Security Agency (NSA) warns of use of cyber actors have adapted their tactics to gain initial access to cloud services, as opposed to exploiting on-premise network vulnerabilities.
This shift is in response to organizations modernizing their systems and moving to cloud-based infrastructure. The high-profile cyber campaigns like the SolarWinds supply chain compromise are now expanding to sectors such as aviation, education, law enforcement, local and state councils, government financial departments, and military organizations.
The stark reality is that to breach cloud-hosted networks, these actors need only to authenticate with the cloud provider, and if they succeed, the defenses are breached. The document highlights a particularly disconcerting aspect of cloud environments: the reduced network exposure compared to on-premises systems paradoxically makes initial access a more significant linchpin.
· Adaptation to Cloud Services: Cyber actors have shifted their focus from exploiting on-premises network vulnerabilities to directly targeting cloud services. This change is a response to the modernization of systems and the migration of organizational infrastructure to the cloud.
· Authentication as a Key Step: To compromise cloud-hosted networks, cyber actors must first successfully authenticate with the cloud provider. Preventing this initial access is crucial for stopping from compromising the target.
· Expansion of Targeting: Cyber actors have broadened their targeting to include sectors such as aviation, education, law enforcement, local and state councils, government financial departments, and military organizations. This expansion indicates a strategic diversification of targets for intelligence gathering.
· Use of Service and Dormant Accounts: it highlights that cyber actors have been observed using brute force attacks to access service and dormant accounts over the last 12 months. This tactic allows to gain initial access to cloud environments.
· Sophistication of cyber actors: The cyber actors can execute global supply chain compromises, such as the 2020 SolarWinds incident.
· Defense through Cybersecurity Fundamentals: The advisory emphasizes that a strong baseline of cybersecurity fundamentals can defend against cyber actors. For organizations that have transitioned to cloud infrastructure, protecting against TTPs for initial access is presented as a first line of defense.
Routers to Facilitate Cyber Operations» released by the Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners warns of use of compromised Ubiquiti EdgeRouters to facilitate malicious cyber operations worldwide.
The popularity of Ubiquiti EdgeRouters is attributed to their user-friendly, Linux-based operating system, default credentials, and limited firewall protections. The routers are often shipped with insecure default configurations and do not automatically update firmware unless configured by the user.
The compromised EdgeRouters have been used by APT28 to harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear-phishing landing pages and custom tools. APT28 accessed the routers using default credentials and trojanized OpenSSH server processes. With root access to the compromised routers, the actors had unfettered access to the Linux-based operating systems to install tooling and obfuscate their identity.
APT28 also deployed custom Python scripts on the compromised routers to collect and validate stolen webmail account credentials obtained through cross-site scripting and browser-in-the-browser spear-phishing campaigns. Additionally, they exploited a critical zero-day elevation-of-privilege vulnerability in Microsoft Outlook (CVE-2023-23397) to collect NTLMv2 digests from targeted Outlook accounts and used publicly available tools to assist with NTLM relay attacks
The exploitation of insecure SOHO routers by malicious cyber actors, particularly state-sponsored groups, poses a significant threat to individual users and critical infrastructure. Manufacturers are urged to adopt secure by design principles and transparency practices to mitigate these risks, while users and network defenders are advised to implement best practices for router security and remain vigilant against potential threats.
The root causes of insecure SOHO routers are multifaceted, involving both technical vulnerabilities and lapses in secure design and development practices by manufacturers, as well as negligence on the part of users in maintaining router security.
· Widespread Vulnerabilities: A significant number of vulnerabilities, totaling 226, have been identified in popular SOHO router brands. These vulnerabilities range in severity but collectively pose a substantial security risk.
· Outdated Components: Core components such as the Linux kernel and additional services like VPN in these routers are outdated. This makes them susceptible to known exploits for vulnerabilities that have long since been made public.
· Insecure Default Settings: Many routers come with easy-to-guess default passwords and use unencrypted connections. This can be easily exploited by attackers.
· Lack of Secure Design and Development: SOHO routers often lack basic security features due to insecure design and development practices. This includes the absence of automatic update capabilities and the presence of exploitable defects, particularly in web management interfaces.
· Exposure of Management Interfaces: Manufacturers frequently create devices with management interfaces exposed to the public internet by default, often without notifying the customers of this frequently unsafe configuration.
· Lack of Transparency and Accountability: There is a need for manufacturers to embrace transparency by disclosing product vulnerabilities through the CVE program and accurately classifying these vulnerabilities using the Common Weakness Enumeration (CWE) system
· Neglect of Security in Favor of Convenience and Features: Manufacturers prioritize ease of use and a wide variety of features over security, leading to routers that are «secure enough» right out of the box without considering the potential for exploitation.
· User Negligence: Many users, including IT professionals, do not follow basic security practices such as changing default passwords or updating firmware, leaving routers exposed to attacks.
· Complexity in Identifying Vulnerable Devices: Identifying specific vulnerable devices is complex due to legal and technical issues, complicating the process of mitigating these vulnerabilities.
The paper «Detection of Energy Consumption Cyber Attacks on Smart Devices» emphasizes the rapid integration of IoT technology into smart homes, highlighting the associated security challenges due to resource constraints and unreliable networks.
· Energy Efficiency: it emphasizes the significance of energy efficiency in IoT systems, particularly in smart home environments for comfort, convenience, and security.
· Vulnerability: it discusses the vulnerability of IoT devices to cyberattacks and physical attacks due to their resource constraints. It underscores the necessity of securing these devices to ensure their effective deployment in real-world scenarios.
· Proposed Detection Framework: The authors propose a detection framework based on analyzing the energy consumption of smart devices. This framework aims to classify the attack status of monitored devices by examining their energy consumption patterns.
· Two-Stage Approach: The methodology involves a two-stage approach. The first stage uses a short time window for rough attack detection, while the second stage involves more detailed analysis.
· Lightweight Algorithm: The paper introduces a lightweight algorithm designed to detect energy consumption attacks on smart home devices. This algorithm is tailored to the limited resources of IoT devices and considers three different protocols: TCP, UDP, and MQTT.
· Packet Reception Rate Analysis: The detection technique relies on analyzing the packet reception rate of smart devices to identify abnormal behavior indicative of energy consumption attacks.
These benefits and drawbacks provide a balanced view of the proposed detection framework’s capabilities and limitations, highlighting its potential for improving smart home security.
· Lightweight Detection Algorithm: The proposed algorithm is designed to be lightweight, making it suitable for resource constrained IoT devices. This ensures that the detection mechanism does not overly burden the devices it aims to protect.
· Protocol Versatility: The algorithm considers multiple communication protocols (TCP, UDP, MQTT), enhancing its applicability across various types of smart devices and network configurations.
· Two-Stage Detection Approach: The use of a two-stage detection approach (short and long-time windows) improves the accuracy of detecting energy consumption attacks while minimizing false positives. This method allows for both quick initial detection and detailed analysis.
· Real-Time Alerts: The framework promptly alerts administrators upon detecting an attack, enabling quick response and mitigation of potential threats.
· Effective Anomaly Detection: By measuring packet reception rates and analyzing energy consumption patterns, the algorithm effectively identifies deviations from normal behavior, which are indicative of cyberattacks.
· Limited Attack Scenarios: The experimental setup has tested only specific types of attacks, which limit the generalizability of the results to other potential attack vectors not covered in the study.
· Scalability Concerns: While the algorithm is designed to be lightweight, its scalability in larger, more complex smart home environments with numerous devices and varied network conditions may require further validation.
· Dependency on Baseline Data: The effectiveness of the detection mechanism relies on accurate baseline measurements of packet reception rates and energy consumption. Any changes in the normal operating conditions of the devices could affect the baseline, potentially leading to false positives or negatives.
· Resource Constraints: Despite being lightweight, the algorithm still requires computational resources, which might be a challenge for extremely resource-limited devices. Continuous monitoring and analysis could also impact the battery life and performance of these devices.
The paper «MediHunt: A Network Forensics Framework for Medical IoT Devices» addresses the need for robust network forensics in Medical Internet of Things (MIoT) environments, particularly focusing on MQTT (Message Queuing Telemetry Transport) networks. These networks are commonly used in smart hospital environments for their lightweight communication protocol. It highlights the challenges in securing MIoT devices, which are often resource-constrained and have limited computational power. The lack of publicly available flow-based MQTT-specific datasets for training attack detection systems is mentioned as a significant challenge.
The paper presents MediHunt as an automatic network forensics solution designed for real-time detection of network flow-based traffic attacks in MQTT networks. It aims to provide a comprehensive solution for data collection, analysis, attack detection, presentation, and preservation of evidence. It is designed to detect a variety of TCP/IP layers and application layer attacks on MQTT networks. It leverages machine learning models to enhance the detection capabilities and is suitable for deployment on resource constrained MIoT devices.
Unlike many network forensics frameworks, MediHunt is specifically designed for the MIoT domain. This specialization allows it to address the unique challenges and requirements of medical IoT devices, such as resource constraints and the need for real-time attack detection.
· Real-time Attack Detection: MediHunt is designed to detect network flow-based traffic attacks in real-time, which is crucial for mitigating potential damage and ensuring the security of MIoT environments.
· Comprehensive Forensic Capabilities: The framework provides a complete solution for data collection, analysis, attack detection, presentation, and preservation of evidence. This makes it a robust tool for network forensics in MIoT environments.
· Machine Learning Integration: By leveraging machine learning models, MediHunt enhances its detection capabilities. The use of a custom dataset that includes flow data for both TCP/IP layer and application layer attacks allows for more accurate and effective detection of a wide range of cyber-attacks.
· High Performance: The framework has demonstrated high performance, with F1 scores and detection accuracy exceeding 0.99 and indicates that it is highly reliable in detecting attacks on MQTT networks.
· Resource Efficiency: Despite its comprehensive capabilities, MediHunt is designed to be resource-efficient, making it suitable for deployment on resource-constrained MIoT devices like Raspberry Pi.
· Dataset Limitations: While MediHunt uses a custom dataset for training its machine learning models, the creation and maintenance of such datasets can be challenging. The dataset needs to be regularly updated to cover new and emerging attack scenarios.
· Resource Constraints: Although MediHunt is designed to be resource-efficient, the inherent limitations of MIoT devices, such as limited computational power and memory, can still pose challenges. Ensuring that the framework runs smoothly on these devices without impacting their primary functions can be difficult.
· Complexity of Implementation: Implementing and maintaining a machine learning-based network forensics framework can be complex. It requires expertise in cybersecurity and machine learning, which may not be readily available in all healthcare settings.
· Dependence on Machine Learning Models: The effectiveness of MediHunt heavily relies on the accuracy and robustness of its machine learning models. These models need to be trained on high-quality data and regularly updated to remain effective against new types of attacks.
· Scalability Issues: While the framework is suitable for small-scale deployments on devices like Raspberry Pi, scaling it up to larger, more complex MIoT environments may present additional challenges. Ensuring consistent performance and reliability across a larger network of devices can be difficult
The Blackjack hacking group, purportedly linked to Ukrainian intelligence services, has claimed responsibility for a cyberattack that allegedly compromised emergency detection and response capabilities in Moscow and its surrounding areas. This group has been associated with previous cyberattacks targeting internet providers and military infrastructure. Their most recent claim involves an attack on Moscollector, a company responsible for constructing and monitoring underground water, sewage, and communications infrastructure.
Regarding the infection methods, the Fuxnet malware appears to have been designed to target sensor-gateways and potentially disable them, as well as to fuzz sensors, which could lead to their malfunction or destruction.
· Unverified Claims: Team82 and Claroty have not been able to confirm the claims made by the Blackjack group regarding the impact of their cyberattack on the government’s emergency response capabilities or the extent of the damage caused by the Fuxnet malware.
· Discrepancy in Reported Impact: The Blackjack group initially claimed to have targeted 2,659 sensor-gateways, with about 1,700 being successfully attacked. However, Team82's analysis of the data leaked by Blackjack suggests that only a little more than 500 sensor gateways were actually impacted by the malware. The claim of having destroyed 87,000 sensors was also clarified by Blackjack, stating that they disabled the sensors by destroying the gateways and using M-Bus fuzzing, rather than physically destroying the sensors.
· M-Bus Fuzzing: The Blackjack group utilized a dedicated M-Bus fuzzer within the Fuxnet malware’s code to fuzz the sensors. This technique was aimed at disabling the sensors, but the exact number of sensors that were «fried» or permanently damaged as a result of this fuzzing is unknown due to the network being taken down and access to the sensor-gateways being disabled.
· Lack of Direct Evidence: Direct evidence to confirm the extent of the damage or the impact on emergency detection and response capabilities is lacking (including targeted Moscollector).
· Clarification from Blackjack: Following the publication of Team82's initial analysis, the Blackjack group reached out to provide updates and clarifications, particularly challenging the contention that only around 500 sensor-gateways had been impacted. They emphasized that the JSON files made public were only a sample of the full extent of their activity.
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading!
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading!
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
Check out PDF at the end of post
Maritime cyber-security is an increasingly important area of concern for the maritime industry, as emerging technologies such as the Internet of Things (IoT), digital twins, 5G, and Artificial Intelligence (AI) are becoming more prevalent in the sector. The convergence and digitization of Information Technology (IT) and Operational Technology (OT) have driven the transformation of digital supply routes and maritime operations, expanding cyber-threat surfaces.
· Increased marine traffic and larger ships with more capacity have led to challenges in maneuvering in existing channels and seaports, lowering safety margins during cyber-incidents. Today’s ships are also more heavily instrumented, increasing the threat surface for cyber-attacks.
· The US Coast Guard reported a 68% increase in marine cyber-incidents, and recent studies show that cyber risks within marine and maritime technology are present and growing as new solutions are adopted.
· While digitization in shipping offers productivity gains, physical safety, lower carbon footprints, higher efficiency, lower costs, and flexibility, there are vulnerabilities in large CPS sensor networks and communication systems.
· A survey of mariners found that 64% of respondents believed that a port had already experienced significant physical damage caused by a cyber security incident, and 56% thought a merchant vessel had already experienced significant physical damage caused by a cyber security incident.
· Emerging Technologies: The maritime sector is adopting new technologies across offices, ships, seaports, offshore structures, and more. These technologies include the Internet of Things (IoT), digital twins, 5G, and Artificial Intelligence (AI).
· Supply Chain Digitization: Supply chains are also using more Information Technology (IT), introducing digital vulnerabilities. The convergence of IT and Operational Technology (OT) is transforming digital supply routes and maritime operations, expanding cyber-threat surfaces.
· Cyber Threats: Nation-state actors and organized crime have the resources and motivation to trigger a cyber-attack on Critical National Infrastructure (CNI), such as large-scale Cyber-Physical Systems, which include maritime operations.
· Cyber-Physical Systems: The integration of physical processes with software and communication networks, known as Cyber-Physical Systems, is a significant part of the maritime sector’s digital transformation. However, it also introduces new cybersecurity challenges.
· Impact of Cyber-Attacks: Cyber-attacks on maritime infrastructure can have significant economic impacts, affecting not only the targeted seaport but also the broader global maritime ecosystem and supply chains.
The document «Choosing Secure and Verifiable Technologies» provides comprehensive guidance for organizations on procuring digital products and services with a focus on security from the design phase through the lifecycle of the technology. It emphasizes the critical importance of selecting technologies that are inherently secure to protect user privacy and data against the increasing number of cyber threats. It outlines the responsibility of customers to evaluate the security, suitability, and associated risks of digital products and services. It advocates for a shift towards products and services that are secure-by-design and secure-by-default, highlighting the benefits of an approach, including enhanced resilience, reduced risks, and lower costs related to patching and incident response.
· Organizations that procure and leverage digital products and services: This encompasses a wide range of entities known as procuring organizations, purchasers, consumers, and customers. These organizations are the main focus of the guidance provided in the document, aiming to enhance their decision-making process in procuring digital technologies.
· Manufacturers of digital products and services: The document also addresses the manufacturers of digital technologies, providing them with insights into secure-by-design considerations. This is intended to guide manufacturers in developing technologies that meet the security expectations of their customers.
· Organization Executives and Senior Managers: Leaders who play a crucial role in decision-making and strategy formulation for their organizations.
· Cyber Security Personnel and Security Policy Personnel: Individuals responsible for ensuring the security of digital technologies within their organizations.
· Product Development Teams: Those involved in the creation and development of digital products and services, ensuring these offerings are secure by design.
· Risk Advisers and Procurement Specialists: Professionals who advise on risk management and specialize in the procurement process, ensuring that digital technologies procured do not pose undue risks to the organization.
The Europol Cybercrime Training Competency Framework 2024 encompasses a wide range of documents related to cybercrime training, competency frameworks, strategies, and legislation. These materials (as compilation by Europol) collectively aim to enhance the capabilities of law enforcement, judiciary, and other stakeholders in combating cybercrime effectively.
· Purpose of the Framework: The framework aims to identify the required skill sets for key actors involved in combating cybercrime.
· Development Process: The framework was developed following a multi-stakeholder consultation process. This included contributions from various European bodies such as CEPOL, ECTEG, Eurojust, EJCN, and EUCTF.
· Strategic Context: The renewed framework is part of the European Commission’s action plan aimed at enhancing the capacity and capabilities of law enforcement authorities in digital investigations.
· Functional Competences: The framework identifies the essential functional competences required by law enforcement authorities to effectively combat cybercrime. It emphasizes the specific skills needed for cybercrime investigations and handling digital evidence, rather than general law enforcement skills.
· Strategic Capacity Building: The framework is intended as a tool for strategic capacity building within law enforcement and judicial institutions. It aims to enhance the competencies that are crucial for the effective handling of cybercrime cases.
· Role Descriptions: Detailed descriptions of the main functions and skill sets for various roles are provided throughout the framework. These roles include heads of cybercrime units, team leaders, general criminal investigators, cybercrime analysts, and specialized experts among others. Each role is tailored to address specific aspects of cybercrime and digital evidence handling.
· Skill Sets and Levels: The framework outlines specific skill sets required for each role and the desired levels of proficiency. These skill sets include digital forensics, network investigation, programming, and cybercrime legislation, among others. The framework emphasizes the importance of having tailored skills that are directly applicable to the challenges of cybercrime.
Message brokers are essential components in modern distributed systems, enabling seamless communication between applications, services, and devices. They act as intermediaries that validate, store, route, and deliver messages, ensuring reliable and efficient data exchange across diverse platforms and programming languages. This functionality is crucial for maintaining the decoupling of processes and services, which enhances system scalability, performance, and fault tolerance.
Major players in this market include Kinesis, Cisco IoT, Solace, RabbitMQ, Apache Kafka, ApacheMQ, IBM MQ, Microsoft Azure Service Bus, and Google Cloud IoT, each offering unique capabilities and serving a wide range of industries from financial services to healthcare and smart cities.
· Market Share: The percentage each broker holds in the queueing, messaging, and processing category.
· Number of Users: The total number of companies or devices using the broker.
· Corporate Users: The number of enterprise customers using the broker.
· Revenue Distribution: The distribution of companies using the broker based on their revenue.
· Geographical Coverage: The percentage of users based in different regions.
In April, the U.S. National Science Foundation (NSF) announced that it would not support any new field research this season due to delays in upgrading the McMurdo Station. The NSF and the U.S. Coast Guard also announced cuts that will jeopardize the U.S.'s scientific and geopolitical interests in the region for decades to come. Specifically, in April, the NSF announced that it would not renew the lease of one of its two Antarctic research vessels, the Laurence M. Gould. Prior to this, in October 2023, the NSF announced that it would operate only one research vessel in the coming decades.
Additionally, in March, the U.S. Coast Guard announced that it needed to «reassess baseline metrics» for its long-delayed Polar Security Cutter program, a vital program for U.S. national interests at both poles. Decisions made today will have serious consequences for U.S. activities in Antarctica well beyond 2050.
The State Department has refrained from announcing U.S. foreign policy interests in the Antarctic region, and the White House appears satisfied with an outdated and inconsistent national strategy for Antarctica from the last century. The U.S. Congress has also not responded to scientists' calls.
As a result, on April 1, the NSF’s Office of Polar Programs announced that it is putting new fieldwork proposals on hold for the next two seasons and will not be soliciting new fieldwork proposals in Antarctica.
Ships capable of operating in polar seas are becoming increasingly in demand and difficult to build. Facing significant challenges in the ice-class ship and vessel project, the U.S. Coast Guard announced in March that it would «shift baseline timelines» for developing new icebreaker projects.
The outcome of these seemingly independent decisions will be a reduction in the U.S. physical presence in Antarctica. This will have negative consequences not only for American scientists but also for U.S. geopolitics in the region, especially considering Russia’s total superiority in icebreaker vessels and China’s catching up.
The U.S. has missed the most important aspects: adequate and regular funding for Antarctic scientific research, a new national strategy for Antarctica (the current strategy was published in June 1994), and lawmakers' understanding of the importance of U.S. interests and decisions in Antarctica. The inability to fund the operational and logistical support necessary for U.S. scientific research and geopolitical influence effectively means the dominance of Russia and China in the Antarctic region, as no other country, including traditional Antarctic stakeholders like Chile, Australia, and Sweden, can surpass the existing and growing scientific potential of Russia and China.
Humanoid robots are advanced machines designed to mimic human form and behavior, equipped with articulated limbs, advanced sensors, and often the ability to interact socially. These robots are increasingly being utilized across various sectors, including healthcare, education, industry, and services, due to their adaptability to human environments and their ability to perform tasks that require human-like dexterity and interaction.
In healthcare, humanoid robots assist with clinical tasks, provide emotional support, and aid in-patient rehabilitation. In education, they serve as interactive companions and personal tutors, enhancing learning experiences and promoting social integration for children with special needs. The industrial sector benefits from humanoid robots through automation of repetitive and hazardous tasks, improving efficiency and safety. Additionally, in service industries, these robots handle customer assistance, guide visitors, and perform maintenance tasks, showcasing their versatility and potential to transform various aspects of daily life.
The humanoid robot market is poised for substantial growth, with projections indicating a multi-billion-dollar market by 2035. Key drivers include advancements in AI, cost reductions, and increasing demand for automation in hazardous and manufacturing roles.
· Goldman Sachs Report (January 2024):
o Total Addressable Market (TAM): The TAM for humanoid robots is expected to reach $38 billion by 2035, up from an initial forecast of $6 billion. This increase is driven by a fourfold rise in shipment estimates to 1.4 million units.
o Shipment Estimates: The base case scenario predicts a 53% compound annual growth rate (CAGR) from 2025 to 2035, with shipments reaching 1.4 million units by 2035. The bull case scenario anticipates shipments hitting 1 million units by 2031, four years ahead of previous expectations.
o Cost Reductions: The Bill of Materials (BOM) cost for high-spec robots has decreased by 40% to $150,000 per unit in 2023, down from $250,000 the previous year, due to cheaper components and a broader domestic supply chain.
· Data Bridge Market Research: The global humanoid robot market is expected to grow from $2.46 billion in 2023 to $55.80 billion by 2031, with a CAGR of 48,5% during the forecast period.
· SkyQuestt: The market is projected to grow from $1.48 billion in 2019 to $34.96 billion by 2031, with a CAGR of 42,1%.
· GlobeNewswire: The global market for humanoid robots, valued at approximately $1.3 billion in 2022, is anticipated to expand to $6.3 billion by 2030, with a CAGR of 22,3%.
· The Business Research Company: The market is expected to grow from $2.44 billion in 2023 to $3.7 billion in 2024, with a CAGR of 51,6%. By 2028, the market is projected to reach $19.69 billion, with a CAGR of 51,9%.
· Grand View Research: Market Size: The global humanoid robot market was estimated at $1.11 billion in 2022 and is expected to grow at a CAGR of 21,1% from 2023 to 2030.
· Goldman Sachs (February 2024): In a blue-sky scenario, the market could reach up to $154 billion by 2035, comparable to the global electric vehicle market and one-third of the global smartphone market as of 2021.
· Macquarie Research: Under a neutral assumption, the global humanoid robot market is expected to reach $107.1 billion by 2035, with a CAGR of 71% from 2025 to 2035.
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading
Welcome to the next edition of our Monthly Digest, your one-stop resource for staying informed on the most recent developments, insights, and best practices in the ever-evolving field of security. In this issue, we have curated a diverse collection of articles, news, and research findings tailored to both professionals and casual enthusiasts. Our digest aims to make our content is both engaging and accessible. Happy reading