What’s the problem?
Millions of homes have one or more smart home device that is being used by hackers to do harm. Most harm is done in the form of DDoS attacks (Distributed Denial of Service). A DDoS attack is a brute force attack where thousands of hijacked smart devices, (smart camera’s, DVR’s, WiFi routers, smart thermostats, et.), are pointed at a specific web address by a hacker and instructed to flood that website with nonsensical requests for information. The targeted site is brought to its knees trying to service all the nonsense requests, and legitimate requests can’t be serviced. The site is effectively down for the duration of the attack.
How does a hacker find your smart device in the first place?
Hackers write programs to look for devices by scanning IP addresses, and when it finds one it starts probing for known exploits. Known exploits can be as simple as a default password that the end user never changed, to as obscure as a communications port left open by the manufacturer for their final testing of the product before it shipped.
What happens after your smart device is compromised?
From your prospective, nothing happens. Your device still functions as normal, but on closer observation you may notice a lot more network traffic generated by the device, and the power supply may be warmer as it’ll be consuming more power than usual. Your device has been recruited into an army of compromised devices called a botnet – which is a combination of the words “robot” and “network”. Individual armies of botnet’s can contain upwards of a million devices, and at the request of the hacker they can shut down any targeted website, business or governmental, with a sustained DDoS attack.
What are the odds that you are part of the problem?
The sheer number of smart devices in the world reduces the chance that any one device has been compromised, but the probabilities are not inconsequential. Wikipedia documents botnet armies totaling over 80 million devices over the years, and we know that smart devices are being aggressively sought after by hackers. In 2018, Kaspersky, (a major anti-malware firm), set up fake smart devices that could be monitored (called honeypots). They documented 105 million attacks during the study.
What’s the gain for the hacker? Why would they do that?
The original reason was for fame or notoriety, but it’s since evolved into a for profit business. Hackers rent out their botnet armies to anyone on the dark web where you can hire a cyber-criminal to lodge an attack against a given website for around $250 for an attack for 5 hours.
Their clientele includes disgruntled employees, jaded lovers, and people looking to extort money from individuals or businesses.
How do you tell if you have a device that’s been compromised?
It’s not easy. You either need a psychic or you need to add more technology into the mix. More technology can take the form of a network traffic analyzer (many available at no charge), or a security device that analyzes the network traffic for you. There are a number of devices on the market now that give you good visibility to what your network is doing, control over what’s allowed, and safeguards to identify when a device may have been compromised. Products like RatTrap, F-Secure, Fing, and Winston. The downside is that they all come with cost and complexities. More security & privacy features are generally a good thing, but there are a lot of people that are not proficient enough with technology to make an informed decision. The last thing they are looking for is more alarms, notifications, and information dashboards.
As mentioned above, more security & privacy products are generally a good thing. These products are affordable (typically less than $200), but most come with a monthly service subscription. Looking at the description of the services rendered, Winston offers the most compelling solution, but we haven’t tested it. A potential downside to these types of products is that they do analyze all traffic on your network, which is pretty invasive; they require a good deal of trust on your part that they will respect your privacy.
An alternative low-tech and low-cost approach is to keep your network off when you’re not using it. Obviously, when your network is on, you’re only as protected as whatever security mechanisms you have in place, which for most people is a password protected WiFi router, and malware detection on their PC’s, tablets, and smartphones. This leaves your smart home devices exposed, and the problem is that these devices are always on, always connected, and always vulnerable. By limiting their exposure to the internet however, you reduce the likelihood that they’ll be discovered by scanning programs, and if they are discovered it greatly reduces their utility to hackers. When the network is off, these devices can’t be used to do harm to your family or other.
The simplest and least expensive partial solution is to put your WiFi router on a programmable timer to keep your network off at night when you’re sleeping. Off Hours does that for you, but because it’s cellular it also keeps the network off when you’re away from home, turning in on automatically when you return, and it also provides an easy means of turning the network and off whether you’re home or away.
April 13, 2020