Migration to 5G and the better connectivity it promises has also brought with it an equally burgeoning cybersecurity threat landscape. This, coupled with the proliferation of IoT devices that are fraught with inherent security flaws, means even bigger security woes for consumers. It is, therefore, no wonder that Americans are more worried about cybercrime than violent crimes such as terrorism or being murdered.
Today, savvy hackers prey on our increased dependence on smart IoT devices and diligently try to identify the weakest links among them to gain access to our networks, the connected devices and the information stored within them. Home routers are among the more vulnerable paths. This is because once a home router is compromised, every device connected to it is at risk. Once the router is breached, cybercriminals can easily gain access to every connected device, even the IoT appliances. Before long, everything from your smart washer to your kid’s favorite teddy bears could be collecting and delivering information about your life into the wrong hands.
Unfortunately, there are too many ways in which a home router can be compromised. To truly understand how to combat these security risks and who to turn to for help, we first need to identify the different ways in which hackers can infiltrate home routers.
Internal and External Threats to a Home Router
What makes home router security challenging is that it can be compromised by cyber attacks coming from outside the home network and also from devices within it.
Today, one of the most common methods used by hackers to gain access to a home router is to change the router configuration. If an attacker is successful in doing so, they can not only control the router’s behavior but also cause irreparable damage to the router itself.
The hacker can change the DNS server used by the router and hijack traffic that was destined for legitimate domains to impersonate those domains. By doing so, cybercriminals can easily steal personal credentials, personal data and business data from every device on the home network, opening consumers and businesses to an array of cyber risks, including financial theft and ransomware.
Attackers who impersonate the router management system can also change the router’s firmware and introduce an array of new risks, including traffic/keystroke logging, a complete lockdown of the router or even forcing the router and its connected devices – even IoT devices – to join a Distributed Denial of Service (DDoS) bot attack. In DDoS attacks, your network-connected devices can be instructed to send requests to a targeted server, flooding the server with requests from thousands, or even millions of other compromised devices, computers and phones, making it impossible for the server to handle the load and process legitimate requests. Although they do not damage or steal your data, these intrusive DDoS requests can congest your precious bandwidth and cause your network to slow down. Today, 87% of bots are IoT-related.
The Simplicity of Home Router Attacks
Typically, attackers use weak, default passwords and open ports to infiltrate the router. Such attacks allow cyber criminals to step into the home devices and use them as they please. Attacks can also exploit the router’s Web interface from devices within the home network, typically making use of weak authentication methods that come with many routers.
It also doesn’t help that most consumer IoT devices, especially cheaper ones, lack built-in security, making them vulnerable to hacking and malware. Some of these devices also have underlying operating systems and firmware making them impossible to secure. On average, it takes under 18 seconds for an attacker to manipulate these vulnerabilities once they start an attack. And once the router is breached, the connected IoT devices, with weak, if any security, are the most vulnerable targets.
Network Operators are Positioned to Provide Effective Home Network Security
IoT devices cannot run end-point security applications due to their light CPU and memory resources and limited interfaces. That is why available end-point security solutions are ineffective when it comes to IoT. While they address many security loopholes for computers and mobile devices (assuming they are properly installed, configured and regularly updated), they fail to address the security of more recent IoT devices like connected toys, surveillance cameras, voice assistants, smart home controllers or smart washers.
This forces us, the consumers, to look elsewhere for comprehensive solutions. This is where network operators, such as ISPs, fixed telecom providers and cable/satellite providers come in. Routers are part of the operators’ network and are therefore, managed by them. As a result, they are best positioned to provide consumers with multi-layered home network security without requiring the consumer to download and install software on their end.
Network operators can offer protection to home routers with security software that is part of the home router firmware and is supported by continuously updated threat databases and intelligence from the operator’s network. Doing this ensures that the router will only communicate with an approved list of destinations (white list) and protects the router from unauthorized remote access. The network operator can also monitor all the traffic (to and from the home) that flows through the router for viruses, malware, phishing attacks, ransomware and other suspicious traffic, and eliminate threats before they affect the consumer’s network and devices.
Software products like these can also protect home networks from Zero-day attacks using Machine Learning and Artificial Intelligence. These solutions help consumers to be more aware of vulnerable devices – for example, devices that use a default password. Network operators can have a role in identifying such devices, notify the end user and provide guidance about how to overcome such vulnerabilities. In addition, highly vulnerable IoT devices are segregated from non-IoT devices so that a compromised device cannot access other connected devices.
No one wants to believe that the technologies that we rely on can be turned against us, possibly with devastating financial consequences, social embarrassment, or both. But the evolving IoT environment has already proven that we are headed in that direction. Without effective protection against the damage that can be caused by the devices in our own homes, we are effectively contributing to this almost dystopian future.
The most comprehensive way to ensure that all our vulnerable devices are monitored and protected against cybercriminals is to work with the people we trust to handle our data, our communications network providers. They now have access to the network-based tools that make it possible for them to provide the cyber security that keeps your smart washer from airing your dirty laundry.
Hagay Katz, Vice President – Cybersecurity at Allot