5G Technology World

  • 5G Technology and Engineering
  • FAQs
  • Apps
  • Devices
  • IoT
  • RF
  • Radar
  • Wireless Design
  • Learn
    • 5G Videos
    • Ebooks
    • EE Training Days
    • FAQs
    • Learning Center
    • Tech Toolboxes
    • Webinars/Digital Events
  • Handbooks
    • 2024
    • 2023
    • 2022
    • 2021
  • Resources
    • Design Guide Library
    • EE World Digital Issues
    • Engineering Diversity & Inclusion
    • Engineering Training Days
    • LEAP Awards
  • Advertise
  • Subscribe

The Residential Gateway: A Threat and an Opportunity

By Yossi Atias, general manager, BullGuard | October 22, 2018

When people think of Internet of Things (IoT) vulnerabilities, one of the most infamous security breaches usually takes center stage: the Mirai botnet. This destructive botnet facilitated the largest DDoS attack on record against Dyn Inc., one of the largest managed DNS providers in the world. 

Once infected by the Mirai malware, devices continuously searched the internet for other vulnerable devices and then used default credentials to rope those other devices into the botnet.

This was enabled by many users ignoring, forgetting or simply being ignorant of the need to change default credentials. Further, when the Mirai code was publicly released it spawned a flurry of botnets that also used default credentials in their attack.

Many More Attacks On the Horizon

However, Mirai only foreshadows what is to come as smart connected devices in the home become increasingly ubiquitous. U.K. consumer champion Which? estimates that the average U.K. home owns 10 connected devices, which is predicted to climb to 15 by 2020.

In the U.S., the current home has on average 13 connected devices. By 2021, 55 percent of all homes in the U.S. are expected to be smart homes, according to a study by Berg Insight.

The same survey said more than 31 million smart home systems were in use in North America during 2016. These figures reflect many industry analysts’ forecasts, predicting an enormous growth surge in smart connected devices in the coming years.

Easy Route for Cybercriminals

The dangers from insecure smart devices are well documented. As smart connectivity becomes ubiquitous in all manner of household devices, from kettles and coffee machines to web cameras, smart meters, thermostats, light bulbs, ovens, washing machines, and door locks, it’s easy to see the physical implications for breached devices. Without overstating it, in certain circumstances fires could be started, gas made to leak, and people locked in their homes or their homes physically burglarized.

Compromised smart devices also provide an easy route for cyber criminals to get their hands on personal details and plant malware on home networks. Many firmware update functions in IoT home devices have already been shown to be exploitable in ways that allow attackers to upload modified, possibly back-doored or malicious, versions of the firmware.

Within this context the residential gateway presents an ideal opportunity for Communications Service Providers (CSPs) to deploy advanced cybersecurity across their network while retaining a balance between cloud-based and network-edge security.

Leveraging WiFi Mesh Networks

Taking a step back from devices, let’s look at WiFi mesh networking, which is relatively new in the consumer space. WiFi mesh networks have recently advanced significantly in terms of hardware, and changes in radio and spectrum requirements. Even more helpful, lower costs and higher availability are making them truly practical for the consumer.

As a result, many different systems are coming to market with a lot of potential. Of course with the sudden increase in WiFi mesh networks, stability and security must be considered. The good news is these networks are generally easy to configure and provide standard security features. What’s more, when an update or patch is required it can be shared easily over the network, without much intervention by the user.

However, as smart devices connect to the mesh network they can function both as users and routers themselves, which opens the door to a plethora of security issues. Hackers can take advantage of multiple points of access and can easily create ‘zombie’ computers or nodes, which can then deny service or monitor data and steal private information.

As a result, it’s critical home users of WiFi mesh networks do their homework and ensure they understand how best to use the advanced security options available, to ensure every device in the network is protected from would-be hackers. Unfortunately, this is often too complex or time consuming for most consumers.

Consumers Can’t Protect Devices

If security vulnerabilities are identified in smart home devices, fixing the vulnerability and ensuring successful updates to all affected internet-connected devices may not be an easy task for individuals. 

Entrusting a user to periodically check for, and install, updates on their IoT light bulbs, for instance, is not feasible, so some level of periodic automatic checking and update mechanism is required.

But how would a user be notified? For instance, updating the firmware on smart light bulbs would probably require the lights to be turned off for a period of time. Should this happen automatically, or should the occupants be informed. If so, how? Would this be by email, an SMS message or a phone call? And what if each device operated differently?

If malicious versions of firmware are uploaded, how would a user know their smart device has been compromised? In such an instance it could easily be used to take part in a global DDoS attack against critical internet systems or insinuate malware onto computers connected to the home network.

Lucrative opportunity for CSPs

Luckily, CSPs have the answer. They can provide the required levels of protection as a service through the residential gateway or over the WiFi mesh network. Many CSPs are already in the home with internet and telephone services, and are known and trusted brands. In addition, the technology to enable a sweeping blanket of protection across the smart home and all installed devices is already here.

This level of protection starts at the residential gateway and extends into the cloud. For instance, at the network edge, automatic device discovery can be initiated with the purpose of finding all devices on a home WiFi network and assigning them to appropriate security groups. This ensures each device has a specific profile to enforce security and privacy policies. It should also include a firewall to keep the WiFi network and connected devices secure against malicious activity and hacking attempts.

An added layer includes an enterprise-grade intrusion detection and prevention system that operates, and is constantly updated, in the cloud with the latest threat detection signatures. It can also be specifically tailored to meet IoT-related vulnerabilities and threats.

A secure web proxy is also essential, designed to interact with other components and enable secure and private web access to all connected devices on the WiFi mesh network. Finally, a smart vulnerability scanner is also central to protection in order to scan networks and connected devices, detecting potential risks and vulnerabilities. This ensures the security profile of each device is updated and that protection is constantly enhanced.

Advanced Technologies

Central to this approach is the use of cloud-based machine learning and artificial intelligence (AI) to enable sophisticated device analysis and the detection of device behavioral patterns. This takes advantage of sophisticated algorithms to drive anomaly detection and behavioral analysis.

Because it is based in the cloud, when malicious or unusual behavior is detected and determined to be a threat, the ‘signatures’ can be applied to all other smart homes in the network. As such, a deep knowledge base of malicious activity continually grows to enable ongoing ‘smart’ protection of smart homes.

In summary, an intelligent residential gateway combined with AI-driven cloud security can be used to deliver multi-layered protection, which consists of threat detection, alerts, and notifications; secure automatic updates for both devices and policies; and a platform designed for high availability and scalability.

Drawing On Existing Expertise

This approach also meets CSP/ISP needs for flexible capacity growth with minimal initial investment. As a matter of course, service, user, and account management is factored into the service. This is relatively easy for CSPs and ISPs to incorporate. After all, it is second nature for service providers to manage multiple subscription models concurrently, to provision hardware and management, bundle services and hardware, and collate, analyze, and store big data.

As yet there is no common cybersecurity solution that protects smart home devices. Rather, there is a fractured approach with emphasis on different security components such as securing web proxies or delivering smart firewalls.

This results in tens of millions of people being vulnerable to exploits. Hackers can compromise smart home devices such as home alarm systems, door locks, thermostats, or baby monitors. In fact, this is already happening.

The approach outlined above enables service providers to leverage their existing broadband services to offer enterprise-grade cybersecurity directly to subscribers; quickly roll out highly advanced IoT security services; generate new, immediate revenue streams; and strengthen customer retention.

It also ensures smart home users won’t find their identities and private information compromised, have their devices roped into the next large-scale Mirai botnet, or be exploited in some other way.

Related Articles Read More >

TXCO operates at 1.2 V
Click board and module add LTE to IoT devices
5G development in 2025: halftime or still first quarter?
IoT wireless module receives approval from two US cellular carriers

Featured Contributions

  • Overcome Open RAN test and certification challenges
  • Wireless engineers need AI to build networks
  • Why AI chips need PCIe 7.0 IP interconnects
  • circuit board timing How timing and synchronization improve 5G spectrum efficiency
  • Wi-Fi 7 and 5G for FWA need testing
More Featured Contributions

EE TECH TOOLBOX

“ee
Tech Toolbox: Internet of Things
Explore practical strategies for minimizing attack surfaces, managing memory efficiently, and securing firmware. Download now to ensure your IoT implementations remain secure, efficient, and future-ready.

EE LEARNING CENTER

EE Learning Center
“5g
EXPAND YOUR KNOWLEDGE AND STAY CONNECTED
Get the latest info on technologies, tools and strategies for EE professionals.

Engineering Training Days

engineering
“bills
5G Technology World
  • Enews Signup
  • EE World Online
  • DesignFast
  • EDABoard Forums
  • Electro-Tech-Online Forums
  • Microcontroller Tips
  • Analogic Tips
  • Connector Tips
  • Engineer’s Garage
  • EV Engineering
  • Power Electronic Tips
  • Sensor Tips
  • Test and Measurement Tips
  • About Us
  • Contact Us
  • Advertise

Copyright © 2025 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy

Search 5G Technology World