When people think of Internet of Things (IoT) vulnerabilities, one of the most infamous security breaches usually takes center stage: the Mirai botnet. This destructive botnet facilitated the largest DDoS attack on record against Dyn Inc., one of the largest managed DNS providers in the world.
Once infected by the Mirai malware, devices continuously searched the internet for other vulnerable devices and then used default credentials to rope those other devices into the botnet.
This was enabled by many users ignoring, forgetting or simply being ignorant of the need to change default credentials. Further, when the Mirai code was publicly released it spawned a flurry of botnets that also used default credentials in their attack.
Many More Attacks On the Horizon
However, Mirai only foreshadows what is to come as smart connected devices in the home become increasingly ubiquitous. U.K. consumer champion Which? estimates that the average U.K. home owns 10 connected devices, which is predicted to climb to 15 by 2020.
In the U.S., the current home has on average 13 connected devices. By 2021, 55 percent of all homes in the U.S. are expected to be smart homes, according to a study by Berg Insight.
The same survey said more than 31 million smart home systems were in use in North America during 2016. These figures reflect many industry analysts’ forecasts, predicting an enormous growth surge in smart connected devices in the coming years.
Easy Route for Cybercriminals
The dangers from insecure smart devices are well documented. As smart connectivity becomes ubiquitous in all manner of household devices, from kettles and coffee machines to web cameras, smart meters, thermostats, light bulbs, ovens, washing machines, and door locks, it’s easy to see the physical implications for breached devices. Without overstating it, in certain circumstances fires could be started, gas made to leak, and people locked in their homes or their homes physically burglarized.
Compromised smart devices also provide an easy route for cyber criminals to get their hands on personal details and plant malware on home networks. Many firmware update functions in IoT home devices have already been shown to be exploitable in ways that allow attackers to upload modified, possibly back-doored or malicious, versions of the firmware.
Within this context the residential gateway presents an ideal opportunity for Communications Service Providers (CSPs) to deploy advanced cybersecurity across their network while retaining a balance between cloud-based and network-edge security.
Leveraging WiFi Mesh Networks
Taking a step back from devices, let’s look at WiFi mesh networking, which is relatively new in the consumer space. WiFi mesh networks have recently advanced significantly in terms of hardware, and changes in radio and spectrum requirements. Even more helpful, lower costs and higher availability are making them truly practical for the consumer.
As a result, many different systems are coming to market with a lot of potential. Of course with the sudden increase in WiFi mesh networks, stability and security must be considered. The good news is these networks are generally easy to configure and provide standard security features. What’s more, when an update or patch is required it can be shared easily over the network, without much intervention by the user.
However, as smart devices connect to the mesh network they can function both as users and routers themselves, which opens the door to a plethora of security issues. Hackers can take advantage of multiple points of access and can easily create ‘zombie’ computers or nodes, which can then deny service or monitor data and steal private information.
As a result, it’s critical home users of WiFi mesh networks do their homework and ensure they understand how best to use the advanced security options available, to ensure every device in the network is protected from would-be hackers. Unfortunately, this is often too complex or time consuming for most consumers.
Consumers Can’t Protect Devices
If security vulnerabilities are identified in smart home devices, fixing the vulnerability and ensuring successful updates to all affected internet-connected devices may not be an easy task for individuals.
Entrusting a user to periodically check for, and install, updates on their IoT light bulbs, for instance, is not feasible, so some level of periodic automatic checking and update mechanism is required.
But how would a user be notified? For instance, updating the firmware on smart light bulbs would probably require the lights to be turned off for a period of time. Should this happen automatically, or should the occupants be informed. If so, how? Would this be by email, an SMS message or a phone call? And what if each device operated differently?
If malicious versions of firmware are uploaded, how would a user know their smart device has been compromised? In such an instance it could easily be used to take part in a global DDoS attack against critical internet systems or insinuate malware onto computers connected to the home network.
Lucrative opportunity for CSPs
Luckily, CSPs have the answer. They can provide the required levels of protection as a service through the residential gateway or over the WiFi mesh network. Many CSPs are already in the home with internet and telephone services, and are known and trusted brands. In addition, the technology to enable a sweeping blanket of protection across the smart home and all installed devices is already here.
This level of protection starts at the residential gateway and extends into the cloud. For instance, at the network edge, automatic device discovery can be initiated with the purpose of finding all devices on a home WiFi network and assigning them to appropriate security groups. This ensures each device has a specific profile to enforce security and privacy policies. It should also include a firewall to keep the WiFi network and connected devices secure against malicious activity and hacking attempts.
An added layer includes an enterprise-grade intrusion detection and prevention system that operates, and is constantly updated, in the cloud with the latest threat detection signatures. It can also be specifically tailored to meet IoT-related vulnerabilities and threats.
A secure web proxy is also essential, designed to interact with other components and enable secure and private web access to all connected devices on the WiFi mesh network. Finally, a smart vulnerability scanner is also central to protection in order to scan networks and connected devices, detecting potential risks and vulnerabilities. This ensures the security profile of each device is updated and that protection is constantly enhanced.
Central to this approach is the use of cloud-based machine learning and artificial intelligence (AI) to enable sophisticated device analysis and the detection of device behavioral patterns. This takes advantage of sophisticated algorithms to drive anomaly detection and behavioral analysis.
Because it is based in the cloud, when malicious or unusual behavior is detected and determined to be a threat, the ‘signatures’ can be applied to all other smart homes in the network. As such, a deep knowledge base of malicious activity continually grows to enable ongoing ‘smart’ protection of smart homes.
In summary, an intelligent residential gateway combined with AI-driven cloud security can be used to deliver multi-layered protection, which consists of threat detection, alerts, and notifications; secure automatic updates for both devices and policies; and a platform designed for high availability and scalability.
Drawing On Existing Expertise
This approach also meets CSP/ISP needs for flexible capacity growth with minimal initial investment. As a matter of course, service, user, and account management is factored into the service. This is relatively easy for CSPs and ISPs to incorporate. After all, it is second nature for service providers to manage multiple subscription models concurrently, to provision hardware and management, bundle services and hardware, and collate, analyze, and store big data.
As yet there is no common cybersecurity solution that protects smart home devices. Rather, there is a fractured approach with emphasis on different security components such as securing web proxies or delivering smart firewalls.
This results in tens of millions of people being vulnerable to exploits. Hackers can compromise smart home devices such as home alarm systems, door locks, thermostats, or baby monitors. In fact, this is already happening.
The approach outlined above enables service providers to leverage their existing broadband services to offer enterprise-grade cybersecurity directly to subscribers; quickly roll out highly advanced IoT security services; generate new, immediate revenue streams; and strengthen customer retention.
It also ensures smart home users won’t find their identities and private information compromised, have their devices roped into the next large-scale Mirai botnet, or be exploited in some other way.