Putting security into the smart home
Smart homes have a problem – they just aren’t very secure – yet. This insecurity still hasn’t stopped people from adding more connected devices to their homes. By the end of 2017, IHS Markit estimates there will be 20.35 billion devices online. By 2025 this number is expected to nearly quadruple to 75.44 billion. Given this jump, this relative insecurity is also a huge issue for potential device owners, manufacturers, and about everyone on the internet.
Device issues coming and going
Smart home devices have vulnerabilities coming and going. The Economist Intelligence Unit found that 80% of the devices they looked at failed to require adequate password protection and had issues which raised privacy concerns. In addition, 70% of the devices did not encrypt the user data sent to the network.
What happened during DDoS attacks?
DDoS attacks and the emergence of the Mirai botnet are a clear sign that smart home device issues have moved beyond theoretical into daily reality. The DDoS attacks in 2016 were among the largest ever recorded and managed to knock a variety of targets off the internet – Cybersecurity journalist Brian Krebs for one. The attack on Dyn, an internet infrastructure provider, also led to service disruptions at Spotify, Twitter, Reddit, and The New York Times. These huge attacks were largely caused by very small devices – digital video recorders and IP cameras. Most of them were made with hard-coded passwords that the end user couldn’t change – and that the Mirai botnet targeted. And, it is almost certain that most of these device owners had no idea about their smart plaything’s role in these attacks.
Top security tips
A survey of Information Systems Audit and Control Association members (ISACA) found that 61% were not confident they could control who had access to the data collected by the smart devices in their homes. Their list of top security tips for connected devices was to avoid storing sensitive data on the device (50%), turn off internet enabled functions when not actively in use (15%), changing privacy settings (15%), and changing passwords (10%).
Old rules don’t work for new devices
The problem is that many of these traditional security steps are just not possible with smart devices. Of course, there is sensitive data stored on them which gets sent to the company’s servers managing the device. More critically, sometimes this information is encrypted and sometimes not. Smart home devices are often meant to be left on. After all, why physically turn a device on or off when your goal is to have a smart device that does these manual steps for you? Changing passwords and privacy settings – that’s a great step – if the device lets you do it.
How to solve the smart security issue?
There are multiple roadblocks to securing the smart home: intrinsically vulnerable devices, users unable or unwilling to securely install them, and a lack of an industry-wide set of device security standards. Looking beyond the roadblocks, there is usually just one internet road leading into the home – the broadband router or the cable from the internet service provider. If the smart device traffic can be controlled at this point, all those roadblocks become a moot point.
Secure your smart home with Avira SafeThings™
Avira SafeThings™ does just that – and more. It secures all smart devices at the gateway – no additional hardware or installation needed. It combines Avira’s substantial experience in AI with its background in cloud-based security in a totally new approach to safeguard smart homes and the growing number of IoT devices.
SafeThings™ is a software application installed on routers that automatically secures the connected devices in the home, in a friendly manner, with a compelling user interface. It is easily delivered via the router or the internet service providers and doesn’t require you to act as the information security officers for your home. The routers are automatically secured against intruders into your network or their smart devices going rogue, misusing private data, and being enslaved into a malicious botnet.
By identifying what goes in and out – and then using artificial intelligence to dynamically analyze their behavior – Avira SafeThings™ can quickly identify intrusive or hijacked IoT device activity and stop it. It safeguards your connected devices against hijacking, ransomware, misuse, and intrusion while enabling you to see and control how your smart devices handle data. SafeThings™ puts real protection within reach for all. That’s good news for you and it’s good news for your ISPs.