Know your weak spots: VPNFilter shows how important Vulnerability Assessment is to your smart home
In late May, Cisco’s security division, Talos, issued a report about a new strain of IoT malware allegedly from Russia. As opposed to “commercial-grade” bots that regularly target the IoT ecosystem, this strain features novelties such as persistence, a highly complicated chain of compromise and C&C communication that makes it extemely difficult to remove.
The botnet, which mostly affects devices in the Ukraine, prompted the FBI to publicy urge users to lend a helping hand in cleaning up the infection. As a leading security solutions provider for the IoT, Bitdefender closely monitors the developments in the space and develops proactive protection technologies in the BOX series of products for the smart home.
Your router is probably riddled with bugs you don’t know about
According to Bitdefender’s real-time telemetry, routers are the most-targeted devices in the IoT space, with one in two consumer routers suffering at least one important security vulnerability. This number is particularly worrying, as routers face the internet, acting as the gateway between your network and the outside world.
In addition, most consumer-grade routers went out of support long ago. Despite being designed as devices for long-term use, their support window usually closes after two years. After that, the firmware rarely gets any security updates. Vulnerabilities identified and reported to the vendor never get plugged, so you’ll be running a vulnerable device inside your household until you decide to replace it.
Misconfigurations and hardcoded backdoors (authentication credentials) are also a significant source of compromise. In fact, the VPNFilter does not seem to exploit any zero-day vulnerabilities, but rather rely on known ones, as well as on weak passwords to execute its job.
Up your security game now
Unless you are a professional who reads vulnerability disclosure sites every day, chances are you’ll never learn about any vulnerabilities that affect your router, even if staying in the know is extremely important. This is why we built an automated vulnerability assessment technology into the Bitdefender BOX. It helps you stay in the know whenever one of your devices (router included) has security issues or is poorly secured, and it helps you take reparatory action. If a newer firmware version is available, install it. If it isn’t, ask your vendor to provide one. And, ultimately, if the vendor refuses to help, you will at least know that it’s time to get a device from a vendor that takes security seriously.
The Bitdefender BOX features several security layers that complement the Vulnerability Assessment feature to make sure your smart stronghold does not get compromised. The high-performance hardware doesn’t just move your packets across the network – it also allows for anomaly detection, traffic filtering and visibility into the vulnerable devices on your premises.
Vulnerability Assessment report on a consumer-grade router reveals attack avenues
If you don’t have a Bitdefender BOX security hub in your home, that’s OK, we still have your back. If you have a Windows PC, just get the free Home Scanner application and run a vulnerability assessment to see if your devices — particularly your router — harbor vulnerabilities you don’t know about.