September 7, 2017

Kaspersky IoT Scanner: How to keep your home network and its smart devices safe

Products Special Project

We often talk about the Internet of Things being terribly unsafe. Threatpost publishes news on this topic almost daily. The problem is really significant, and there are not enough solutions for it.

One of the saddest peculiarities of the IoT is that only the manufacturer of a smart device — let’s say a smart kettle — can resolve all of its security problems; owners quite often are not capable of doing anything.

At the same time, if it turns out that said kettle is sending spam, participating in distributed-denial-of-service (DDoS) attacks, and generally not behaving itself online because it was infected with malware and became part of a botnet, someone has to shoulder the blame. It should be the manufacturer, which decided a kettle needs a Wi-Fi connection but did not bother to protect the connection, but ultimately, the smart device owner is deemed responsible.

It may seem that while researchers and manufacturers of smart devices are trying to find common ground, simple users have no choice but to wait, but that is not entirely true. There is something you can do about it, and we’ll help.

Kaspersky IoT Scanner — to find and to patch

To make it easier for people to find vulnerabilities in smart devices that are connected to the home network, we created a dedicated app, Kaspersky IoT Scanner.

The Android app analyzes your home network, makes a list of all connected devices, and reveals common vulnerabilities.

After installation, IoT Scanner scans your home network and locates all of the devices connected to it. Then, the application scans specific network ports on those devices and finds out which of the ports are open and which are closed.

If IoT Scanner detects that some devices have open ports that can be potentially exploited, then the app will notify and prompt the user to close those ports, thus patching the hole.

There are, however, two challenges. First, the IoT market is extremely varied; creating a step-by-step manual for the entire range of devices would be impossible. You will have to find a user manual for the device for which IoT Scanner has detected an open port, and search the guide for how to close it.

Second, not every device actually allows the closing of ports. We think if a device on your home network is missing that feature, you should give some thought to whether you really want that thing in your home. Maybe you can sacrifice a bit of comfort and opt for a model that has neither excessive “brains” nor any possibility of being hacked? At any rate, it’s your decision: IoT Scanner just shows potentially vulnerable spots.

Little pig, little pig, let me come in

Kaspersky IoT Scanner has two more useful features.

Upon scanning the network, it reveals all of the devices that are connected to your Wi-Fi access point. You can look through the list and see if someone unwanted has connected to your router — and if that person is stealing bandwidth, or, worse, spying on you. You can expel the uninvited guest through the user interface of your access point.

IoT Scanner also detects and scans the ports of any new device connected to the network, checks for unnecessarily open ports, and notifies you. It is through this features that you will learn that a new device has joined your network (what if it’s not yours?) and immediately see how safe it is.

You can download Kaspersky IoT Scanner in Google Play. The app is still in beta, but it is completely free.