The reality is that home networks of the average, uninformed users are rarely well protected. This is not surprising given that we have seen clear examples of even large corporations failing to identify and patch known vulnerabilities in their corporate networks.
A recent example that underscores the risk is the PIR Russian bank hack that resulted in $1 M loss that was attributed to their use of an outdated router with known vulnerabilities which were not remedied.
Another example is the DDoS attack on Dyn where a huge botnet of infected IoT devices disrupted websites such as Okta, CNN, Pinterest, Reddit, and Twitter. Currently, the average DDoS attack costs business more than $2.5 M and can damage a brand’s reputation severely.
On the surface, impacts of these DDoS attacks may seem to be no more than an annoyance to consumers who may not be able to access these services when the attack is ongoing. However, the more likely reality is that the home networks where these infected IoT devices reside also saw their service performance impacted by a large amount of traffic generated by the infected devices.
For most residential broadband users, this is not just slightly annoying. It impacts their use of their service as well as their perception of their network service provider, whom they likely ascribe the problem to.
Network service providers are also at risk beyond the impacts of negative PR resulting from these attacks. Most broadband customers’ first inclination, when faced with slow or unresponsive service, is to interact with their service provider to try and resolve the issue.
This translates into real support costs that will not be recovered and that, in almost all cases, are also unlikely to result in addressing the problem for the customer. The net result is a lot of support resources consumed in an effort that is unlikely to affect the carrier’s NPS amongst the impacted customers positively.
Defining the IoT and Its Weak Spots
There is a growing number of smart devices in each network - at home, or at a company - but they are not all considered to be a part of the IoT. IoT devices are connected to their cloud and from the cloud are managed over the end user’s smartphone.
Typically this means that those “smart” devices are rather dumb - they mostly contain a mechanical sensor and simple logic parts. This makes them price-competitive as they are rather cheap to produce and the main activities are done in the cloud. This is also the preferred way for companies to protect their IP from copycats.
Technically this means that there is a lot of network communication being produced by the IoT devices.
So, IoT devices are often left on the edge of the network, forgotten. Much like a rotten door somewhere on the furthest side of a big house, they become an easy entry point for hackers. Following best security practices can reduce the risk, but it is not enough to protect the network from hackers trying to compromise these devices.
Fierce market competition and pressure to be the first to the market often has an impact too: devices have a significantly smaller technical capacity to contain modern security components, often are based on older and leaner software kernels, have no update features. Not to speak of the rapid development and production cycles that rarely allow for extensive testing and can result in bugs which make them even more vulnerable to hacker attempts.
There are quite a few known weaknesses that IoT devices possess. Their software and firmware is often outdated, due both to updates that are the opposite of user-friendly and the sheer lack of consumer knowledge the importance of these updates. Sometimes, updates are simply not possible as a significant number of these devices may no longer be supported by their manufacturers.
Yet another problem is that they have limited CPUs and memory and are not powerful enough to support any kind of antivirus, firewall software or another form of traditional security solutions. This leads to an increase in the risk of malware infections, remote attacks, and recruitment of unsecured IoT devices into botnet groups that then help take down or disrupt internet services.
This happens both due to pushing the cheapest technical parts possible that are simply unable to support better protocols, as well as a high time-to-market pressure.
And then, we circle back on two details which common sense should help fix, but often does not. Internet of Things devices tend to have weak passwords (however, that is rarely the fault of their owner, as most of these devices do not offer the possibility to change them). Another is social engineering that still remains one of the easiest ways to gain entry into a network.
Employing AI to Patch IoT Security Issues
While common sense and sufficient training may reduce the social engineering risk, even professional security teams that stay on top of network “hygiene” need additional help. Due to the very nature of IoT devices, and can point out specific security measures that each endpoint needs.
Device identification powered by AI allows for devices to be identified and put into granular device types. These detailed device categorizations allow for building precise patterns of device behavior on the network.
Once a statistically significant number of the same exact device are seen, a pattern can be established to characterize the “normal” behavior of such a device, therefore making it easy to notice abnormal behavior that are likely a result of remote access attempts, malware infections, or even if it is being recruited to a botnet group.
Also, securing IoT devices requires a solution that can make up for the inability to install AV agent on the typical IoT device. Yet it is possible to protect the home network at its entry door. Smart firewalls are able to identify and profile LAN devices; later on, they inspect front door netflows identify and block suspicious activity. If the entire network is difficult to penetrate, then protection even for legacy IoT devices can be ensured.
AI-based security solutions are currently the most reliable choice in order to prevent IoT hacks. Although hackers are evolving all the time, Artificial Intelligence has the best capabilities to keep up with the ever-changing threat landscape.
In order to protect an average user, these solutions are best implemented uniformly using a broadband network operator’s infrastructure and resources. Providing a network-based solution allows for deployment of a protective umbrella over all the IoT devices in a broadband home.
This approach can work well for both parties as the operator can provide more value and thus differentiate their services from the competition, reduce support costs while providing a better user experience.
It is safe to say that current smart homes are very different from what the sci-fi movies and books would have had us imagine. Instead of a seamless, easy, and accessible-to-everyone systems, we now live with increasingly a convenient, but insecure smart devices.
However, advancing and improving our technology can help us get closer to the future that is seamless, secure, and offers control. Artificial Intelligence is key to unlocking the true potential of new inventions and introducing them in a way that is reliable and appropriate.
About CUJO AI:
CUJO AI is a nextgen artificial intelligence company that provides cybersecurity and device management solutions for network operators worldwide.
We personalize and secure connected experiences. CUJO AI platform solutions are delivered as a SaaS for all home network devices. It analyzes vast amounts of local network data and then uses proprietary machine learning algorithms to power the features.
CUJO AI platform includes:
- Advanced Device Identification
- AI Security
- Digital Parenting solutions
- Recognized as a Technology Pioneer 2018 by the World Economic Forum
- Listed as a “Vendor to Watch” and a “Cool Vendor in IoT Security” by an acclaimed research company Gartner.
- Official Member of Forbes Los Angeles Business Council.
In May 2018, the company has closed a strategic Series B round, led by Charter Communications, valuing the company in excess of $100M. For more information about CUJO AI, please visit https://www.cujo.com/