Bitdefender BOX Technology Teardown – Vulnerability Assessment
We know technology can sound overwhelming, particularly when it comes to cybersecurity. So we strive to make it accessible and controllable at the press of a button. This article – part of a series – aims to explain several of the innovative Bitdefender technologies that constitute the building blocks of Bitdefender BOX.
If you’re a science fiction fan, you probably daydreamed about smart homes way before they existed. Smart fridges, coffee pots and air conditioning units are now real and form just a tiny part of a sprawling network of countless devices with as many potential security issues. These issues have been exploited in high-profile attacks such the Mirai incident that cut off parts of the United States from the internet for almost a day.
So, I have vulnerable devices in my home. Who cares?
When compromised, IoT devices give cyber-criminals access to important private information, depending on what the device was designed to do. Compromised smart baby monitors allow hackers to eavesdrop on or talk with children; security cameras offer them a 24-hour live feed of your home, virtually eliminating your privacy.
But not just the device owner stands into harm’s way by unknowingly harboring vulnerable devices. Most of the time, the devices are used as a weapon against other innocent targets. Cyber-criminals amass armies of compromised devices, or botnets, and use them to deal devastating blows to infrastructure in coordinated DDoS attacks and prevent services or business from operating. This is how the Mirai incident in 2016 became possible.
What is Vulnerability Assessment and why you should care about it?
Internet of Things devices are commodity products, and the only way to make a profit is to keep costs to a minimum, while increasing production. While security should be a top priority for all vendors, real life shows that security and security testing are the most frequently overlooked aspect.
Some of these devices ship with default or hard-coded credentials. Others harbor bugs in firmware that can be remotely exploited. Most owners don’t know this until their devices are exploited, so Bitdefender has come up with a technology to help users understand which “things” on their network are affected and how they should address this.
This sounds cool, but how does it actually work?
Whenever you plug a device into your network, Bitdefender BOX picks it up and identifies it using several proprietary technologies. After it is correctly identified, it passes to the Vulnerability Assessment technology for a series of tests specific to the device make and model to identify misconfiguration and flaws.
Some of these tests are related to the way it interacts with the network: they include checks for open services that might inadvertently expose the device to the outside world (SSH, Telnet) or default credentials known to ship with the device. A dictionary attack is also run to identify weak passwords that may have been set by the vendor or user.
The Bitdefender BOX goes much deeper into probing for flaws than other IoT security appliances. Bitdefender Cyber-Threat Intelligence analysts create “device cards” by compiling public vulnerabilities (CVEs), as well as issues discovered in house to give users a full overview of their security posture. In-house research includes manually inspecting the devices’ firmware, cloud-based components and web apps to piece together a complete view of the device’s security.
Bitdefender BOX keeps a vigilant eye on these devices. After the initial vulnerability scan, users can initiate an on-demand vulnerability assessment for any device online whenever they need one.Bitdefender Bitdefender BOX vulnerability assessment