October 21, 2016, was a rough day on the internet. Dyn, a company that provides domain-name services, was hit by a distributed denial-of-service attack (DDoS). Perhaps you tried to visit sites like Twitter or Reddit and found that they didn’t work—that’s because of the attack on Dyn. The siege utilized a botnet, an exploit in which devices are co-opted to work towards a sinister goal, like flooding a specific website with traffic. In this case, the botnet was called Mirai.
A botnet requires a multitude of devices, and there are plenty of those connected to the internet already. Consumers around the world will hook up an estimated 5.2 billion “things” to the internet this year, and over 12 billion by the year 2020. Some of the things on that vast network are devices like printers or webcams, and some of those were swept into the Mirai botnet attack.
Incidents like that, or the more recent WannaCry ransomware attack, understandably turn people’s attention to the security of their home networks, especially if their cadre of devices includes things like baby monitors or security cameras.
“You look at the increasing complexity of someone’s home network,” Shuman Ghosemajumder, the CTO of cybersecurity company Shape Security, says. “And there’s a lot to remember in terms of: how do you secure that network as effectively as possible?”
Stepping into the fray are companies that sell security products straight to consumers who may want to batten down the hatches on their assortment of internet-connected devices.
Gadgets to the rescue—for a monthly fee
Paul Lipman, the CEO of a British cybersecurity company Bullguard, points at those devices in our home, like smart locks or internet-connected televisions, as vulnerabilities because they can lack security features. “The manufacturers [of devices like these] are not software companies,” he says. “They’re not security companies.”
At the beginning of June, Bullguard released a $200 device called Dojo designed to bring “enterprise-class, multi-layered, network security to the home,” Lipman says. The main part of the Dojo is a white box that plugs into your router, while a separate stone-like gadget called the “pebble” uses green, yellow, and red lights to inform you about the health of your network. After the first year, a Dojo requires a monthly or yearly paid subscription.
Dojo can block against botnet attacks like Mirai, while keeping watch for other types of security risks using “a machine learning system that we’ve developed that operates in the cloud,” Lipman says. “It’s looking at behavior of devices across the entirety of our customer base.” Thus, if it sees one smart thermostat acting strangely, the action the company takes in that case can be applied to other household networks with the same thermostat to stop the suspicious behavior on a larger scale.
Bullguard isn’t the only company getting into the home network security field.
On Tuesday, home-networking startup Eero announced the next generation of its Wi-Fi system, a $299 package that pairs a central router with a “Beacon” that plugs into an outlet to extend good Wi-Fi coverage throughout a dwelling, forming a mesh network. (Those cute beacons also double as nightlights.) Accompanying the product is a new feature called Eero Plus, an optional subscription service that will include security features for home networks for, like the Dojo, a monthly or yearly fee.
Nick Weaver, CEO of Eero, says that ideally, people would install antivirus or antimalware software on all the devices they own. But of course, that’s not possible. After all, your smart lightbulbs probably aren’t going to cooperate if you try to install software on them.
“When you look at the home, and all the devices we have connected,” he says. “The best way to do it is actually to protect everything at the network level.”
Eero Plus promises to keep the network safe in a couple ways. “Any type of known malware or virus that you try to download, it’ll block the download of that content on your device,” he says. “And then, if a device does happen to be infected, it will also block all of the traffic out.” That means that Eero Plus can block what Weaver calls “malicious communication” between a compromised device and an outside server, ensuring that it doesn’t become part of a botnet such as Mirai. It also offers parental controls to keep content kid-friendly.
Like the Dojo, the Eero Plus system considers the larger network that is comprised of all the smaller networks. “You can constantly tune and tweak what types of threats we see,” Weaver says, “and then you can deploy that learning across every single network.”
But it’s unclear whether consumers will want to plunk down cash for their own home network security, says Ghosemajumder, of Shape Security, which offers cybersecurity for companies and other organizations.
“I think that it’s too early to tell how effective these devices are, because they’re just coming to market now,” Ghosemajumder says, adding that the proof will be in how they handle real Mirai-type attacks. “The concept is definitely worthwhile. I think that there’s no reason that they shouldn’t be technically capable of providing a lot of effective protection.”
Your home network, by the way, should ideally incorporate a modern router and a Wi-Fi signal that’s password-protected.
Your smart fridge may not actually be threatening you specifically
“I think it’s fantastic that more and more devices [like Eero or Dojo] are becoming security-aware,” says Oren Falkowitz, who previously worked for the NSA and now heads a company called Area 1 that focuses on preventing phishing attacks. “And it’s important for people to have as many tools as possible.”
That said, Falkowitz points out that with something like a Mirai botnet attack, even though it utilizes consumer products, the focus is not on everyday people—it’s on companies like Dyn. A bigger concern for the average citizen, he says, is phishing attacks, in which cybercriminals try to get people to click on a bad link, or fill out an imitation bank form online. (Both Eero and Dojo say that their services can help protect against phishing scams, like by stopping a bad page from being loaded if a user clicks a suspect link.)
“It’s asking more and more of people for them to be like their own specialized security army,” Falkowitz says. “And that doesn’t make a lot of sense. The risk of a [internet-connected] refrigerator being compromised is not really against the individual that owns that refrigerator.”
More likely, that smart fridge, or webcam, is part of a larger attack. “It’s very uncommon that your refrigerator is attacking you,” he adds. “Or that anyone really cares if you have bad eggs.”
Ultimately, Falkowitz thinks that it’s not the consumers, but the manufacturers that make the internet-connected devices, who should bear the burden of making sure their devices are secure. “It’s not the responsibility of individuals to be defending the world against Mirai,” he says.
In other words: Until all device manufacturers are selling totally secure gadgets, systems like the Dojo or Eero Plus may well be a stop-gap.
[“Source-ndtv”]