Smart speakers, autonomous vacuum cleaners, and all sorts of other smart home devices are becoming ever more affordable, and home networks are now capable of hosting dozens of such gadgets. On the one hand, it’s convenient and tech-progressive. On the other hand, the more connected devices in the home, the greater the risk owners face. Having hacked a weak link such as a smart vacuum cleaner or even a fish tank, an attacker can steal confidential data from a computer or smartphone — anything connected to the same network.
Fears and dangers
In the past five years, the number of IoT-related cyberthreats has increased by a factor of 70(!) and continues to grow. That’s not surprising given that smart devices are easy targets for cybercriminals. In fact, 76% of IoT gadgets communicate over unencrypted channels, according to a recent Zscaler report; and last year, Israeli cybersecurity company JSOF discovered 19 zero-day vulnerabilities, some of them critical, in a TCP/IP library millions of IoT devices use to communicate with the Internet.
We can see another aspect of the problem in the young and rapidly growing connected-device industry, where some vendors take little responsibility for updating firmware. Even the more responsible vendors tend to stop updating their products early on, leaving smart gadgets prone to hacking, as in the case of Western Digital’s My Book Live NAS, for example.
A Kaspersky study showed that 89% of IoT device owners have security concerns. Here are the most common fears:
- A hacked device will infect the entire home network;
- Cybercriminals will lock a gadget and demand ransom;
- Attackers will spy through a camera or microphone;
- A device will malfunction and become bricked.
Unfortunately, their fears are well-founded. If you think you are too small a fish to become a target, think again: Cybercriminals often carry out mass attacks, hacking hundreds of thousands of devices indiscriminately.
How to protect your smart home
The best way to prevent hackers from accessing IoT devices is to install protection on the home router — that is, between the Internet and connected gadgets. Router-level protection helps by intercepting threats before they get inside the home network. That’s precisely how our new solution for smart homes, Kaspersky Smart Home Security, works. It runs on the home router, and users can manage it through the mobile app. Broadly, here’s what the solution can do.
Detect vulnerable network ports
Many IoT device developers leave network ports open for connection, and attackers can then exploit those openings to take control of a device. On detecting an open port that poses a risk, Kaspersky Smart Home Security notifies the user and blocks all unauthorized connection attempts.
Protect against brute-force attacks
IoT devices are often subjected to brute-force attacks. Using specialized search engines, cybercriminals select gadgets with protocols available for connection and automatically brute-force common usernames and passwords. A careful search will always yield a baby monitor or camera whose vendors have set a crackable password.
Kaspersky Smart Home Security monitors unsuccessful connection attempts, and if someone tries to access a device several times in a row, the solution temporarily blocks any further attempts to connect to it.
Block dangerous links and downloads
Kaspersky Smart Home Security blocks attempts to download malware to users’ routers and immediately notifies them about the attack.
If a device has been hacked and is trying to connect to a malicious website, Kaspersky Smart Home Security prevents it from doing so. (Rest assured, your smart toaster will not be coopted for a DDoS attack or your speaker used as a surveillance tool.)
Check password strength
Password security relies on users having long, complex, and unique passwords — a tricky set of requirements. In the case of IoT devices, vendors often underestimate the threat and set short, weak passwords.
Cybercriminals are well aware of this tendency, so after every password leak they use compromised credentials to hack IoT devices.
Kaspersky Smart Home Security promptly warns users about unsafe passwords and does not permit the use of leaked credentials.
Restrict Internet use
Digital parenting just became a whole lot easier. Users can now create a schedule to manage children’s home Internet use on tablets, TVs, and other smart device, as well as restrict access to unwanted resources.
How to connect Kaspersky Smart Home Security
Installing a security solution (or any software) on a router is technically challenging. For this reason, and because most users buy or lease home routers from their Internet service providers anyway, we decided to distribute Kaspersky Smart Home Security through ISPs. If you are interested in the solution, contact your ISP and ask if they offer Kaspersky Smart Home Security.
If you happen to represent an ISP, we invite you to join us in making smart homes safer. Please write to us at firstname.lastname@example.org with any questions.