3 min read

IoT Security – A Sneak Peek into the Smart Home

Bogdan BOTEZATU

June 03, 2019

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
IoT Security – A Sneak Peek into the Smart Home

The tremendous popularity of Internet-connected devices in the past few years has transformed the way we interact with the world, and the way we look at cyber-security. The game-changing potential of automation in every aspect of our lives has many times been overshadowed by news of record-breaking DDoS attacks, increasingly larger botnets of compromised devices, and other associated risks.

When we started working on Bitdefender BOX, the world’s first IoT security appliance, we saw this coming, and we made a mission out of keeping the smart home safe. In the last year alone, Bitdefender researchers have analyzed more than 1 million security incidents in smart homes that were reported via Bitdefender BOX.

Key findings in the smart home

The average smart home in the United States has 10 to 14 internet-connected “things”. The most common are routers (31%), NAS devices (25%) and smart TVs (9%). Virtual reality headsets and smart beds are still rare in users’ homes.

Our telemetry reveals that 78% of households harbor at least one vulnerable device, and the average household has two vulnerable devices connected. While the number might sound trivial, these vulnerabilities can have a devastating impact on users’ privacy. For instance, more than 70% of Bitdefender BOX users have been prompted that their devices were sending private information and credentials in an unsafe manner (usually via plain HTTP) without their knowledge. By default, Bitdefender BOX blocks transmission of sensitive information in clear text and notifies the user about this risky behavior.

Another interesting fact uncovered in the Bitdefender study is that 98 percent of reported incidents are caused by known and unfixed issues that are publicly documented. Basic authentication, default or weak passwords, or unknown vulnerabilities account for a combined 2 percent of the incidents.

Attackers can leverage these vulnerabilities in a variety of ways. Bitdefender BOX reveals that 37% of the flaws encountered can result in denial of service, while 12% can be used to exfiltrate information from the device. Almost 8 percent of the vulnerable devices in smart homes can be hijacked via code execution, according to the data provided by Bitdefender BOX.

Deceptive technologies

In addition to combining threat intelligence from more than 500 million endpoints, Bitdefender operates a vast network of honeypot devices to stay up to date with the latest attacks against IoT infrastructure. These devices emulate vulnerable IoT gadgets and record the tactics or techniques hackers use to break into devices and enroll them into botnets.

Information aggregated from Bitdefender’s Deceptive Technologies reveals that automated attacks can compromise a vulnerable IoT device in less than 2 minutes on average. By using bruteforce or dictionary attacks, hackers can accelerate the time to compromise from minutes to seconds.

Bitdefender records and analyzes over 1.7 million live attacks across the IoT honeypot network every month.

Machine learning to the rescue

While vulnerability assessment and antimalware protection are fundamental technologies that shield devices and users from exposure, artificial intelligence plays a key role in spotting the tell-tale signs of misbehavior at the network level.

Because it’s familiar with the regular behavior of IoT devices, Bitdefender BOX can detect a wide range of anomalous behaviors. The most frequently encountered anomalies in devices that go rogue are related to the domains devices are attempting to contact (29.21%), outgoing ports (3.86%), bruteforce attacks (2.75%) and suspicious TOR activity (0.45%).

Making your home a safer place

Whether we want it or not, the Internet of things is here to stay. The existing multitude of connected objects might already look overwhelming to the average user, but it is just the bottom layer of an industry expected to reach US$4,300 billion by 2024.

The Internet of Things offers a wealth of opportunities for the smart home, provided that the security aspect has been taken into account. In 2015, Bitdefender has revolutionized IoT cybersecurity by developing Bitdefender Box, the industry’s first smart home security solution for all connected devices. The Bitdefender IoT Security Platform is also available for network operators and router manufacturers and is currently included in  an increasingly large family of Netgear routers.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Common Credentials Criminals Use in IoT Dictionary Attacks Revealed Common Credentials Criminals Use in IoT Dictionary Attacks Revealed
Silviu STAHIE

November 30, 2021

3 min read
Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown
Filip TRUȚĂ

November 29, 2021

2 min read
Social media firms will be forced to unmask online trolls, says Australia Social media firms will be forced to unmask online trolls, says Australia
Graham CLULEY

November 29, 2021

2 min read