Bad actors are increasingly targeting connected devices, and network providers are fighting back. But when it comes to protecting the IoT, a one-size-fits-all approach simply doesn’t fit. The security measures that protect IoT devices in business settings don’t readily translate to devices in consumers’ homes, says Marcio Avillez, SVP of networks at CUJO AI. In the latest Intelligence of Things Tracker, Avillez makes a case for taking a device-specific approach in thwarting threats to smart homes.
Consumers often find the promise of greater convenience to be a convincing reason to buy connected devices. Unfortunately, reports of breached connected devices are all too frequent, and consumers may find they are introducing not just connectivity, but also bad actors, into their homes.
IoT-related breaches are innumerable. In 2017, the FBI warned consumers against purchasing IoT-connected toys, stating that such devices could be hacked and used to record and spy on children. Later the same year, researchers at a security firm in Tel Aviv found a weakness in an LG-manufactured connected vacuum that could allow malicious actors to watch people in their homes through the vacuum’s camera. Stories of good tech falling to bad actors have only continued to come out as IoT presence in homes increases.
Marcio Avillez, senior vice president of networks for software solutions provider CUJO AI, believes that protecting smart home devices presents a unique challenge.
“On a computer or laptop, or tablet or even mobile phone, you can put software on it — an endpoint solution that can protect it,” Avillez said. “But when you look at all these devices people are bringing into their homes in increasing quantities — cameras, thermostats — you’re not able to add to them. [And] the threats that those enable are very different than the threats you get with a computer.”
While cybercriminals are more likely to get the most bang for their buck by accessing large organizations with troves of valuable data, there are several reasons that draw them to exploit security flaws in home devices, Avillez said. Among the most common are gaining remote access for spying, commandeering the device for bitcoin mining and using the device to launch part of a DDoS attack.
But change may be on the way. According to Avillez, artificial intelligence (AI) and machine learning (ML) could provide a cure for at least some of what ails the connected home space.
Home Is Where the Hacking Is?
There are several reasons why many security solutions that work effectively in other sectors fall short of protecting smart home devices, Avillez said.
The inability to add security software to most connected appliances means an approach that works well for devices like laptops or mobile phones won’t work for IoT-enabled tech.
Turning to businesses for security models also falls short, he explained, making matters even more complicated. Enterprises hoping to ensure a secure network typically use a firewall box equipped with powerful computational abilities to decrypt and examine network packets, which will be flagged for further examination by the company’s system operator if suspicious behaviors are detected.
Protecting consumers is more complex, however, because network operators serving residential customers cannot simply use the same approach that works for businesses. For example, while enterprises’ firewall boxes tend to have robust computational power, regular customers avoid such high-quality boxes due to their high price tags. Instead, they equip their residences with cheaper routers that have less power.
Network operators may also be tasked with protecting the broadband networks of as many
as 20 million homes, Avillez said. That’s often too much analysis work for a systems operator team to handle.
“The industry has developed very good solutions to protect organizations and enterprises against cyber threats … [but the home] is a completely different environment,” Avillez said. “The whole premise of being able to rely on a super-powerful computer at the edge of the network, know what ‘bad’ looks like and have people make decisions about remediation just does not scale when you start talking about protecting 10, 15, 20 million broadband homes.”
(Behavior) Knowledge Is Power
There are solutions to these consumer complications, however – and, according to Avillez, they may lie in leveraging data, and AI and ML platforms for threat analysis and response. Because consumers typically have less powerful routers than enterprises, Avillez believes that making security solutions more effective means using cloud-based services to increase the computational capacity that can be used for detecting threats. With network providers trying to protect millions of homes, AI-enabled solutions may be better suited than humans to deal with the increased workload.
To detect threats, AI-enabled cloud-based platforms need to identify specific home devices, analyze their network activity and identify when behavior is abnormal for a particular device. For instance, these platforms must be able to recognize if a Nest device suddenly starts interacting with an unusual IP address, or communicating at a more rapid rate than is normal. That line of problematic communication can then be blocked without taking the device offline, helping to shut down threats as they appear.
“You’re looking for [instances like], ‘I have this one Nest thermostat here in this one home that’s behaving differently from the 10,000 other Nest devices I’ve seen,’” he said. “That’s a good indication that the device has been compromised.”
To support this threat detection strategy, the system must quickly amass data in order to establish what activity is normal for that device, and to which vulnerabilities it is most likely to be exposed. This is assisted by the fact that these home devices tend to have very specific purposes, enabling the system to more easily gain an understanding of what typical behavior looks like, Avillez said.
For security companies using such a strategy, staying ahead of intruders requires keeping up-to-date on new devices that come to market and preparing their ML platform to understand each one.
Regarding Remote Access
Sometimes, IoT security solutions even turn to the consumers for help.
Instances of remote access are becoming increasingly important to monitor. When this activity is detected, users are alerted via app-based notifications and asked to confirm whether the activity appears legitimate or not.
A U.S.-based homeowner, for example, might install a connected camera to allow him to check in on his second home. Then, when the AI platform detects that someone from Argentina is accessing the home’s smart camera, it will notify the user. He can then either confirm in-app that this is a strange occurrence and likely an act of spying or, if he believes there’s a legitimate reason — for instance, if he has family in Argentina who may be checking in — he can let it pass, Avillez said.
As more consumer IoT solutions roll out, residences will likely become more connected than ever before. Of course, if consumers decide that adopting the latest technological conveniences is too dangerous, that IoT expansion could grind to a halt, upsetting business for manufacturers and retailers. Enabling consumer IoT to advance safely means tailoring a security approach that is unique to the characteristics of different home devices.
That often means taking a smart, AI-powered approach to identifying and thwarting threats, to keep the home – and the tech inside – safe and sound.