With more homes connected to the internet than ever before, how can networks stay cyber-secure?

Barry Spielman of Allot

With the widespread adoption of 5G, and the proliferation of IoT devices prone to security flaws, consumers are facing increased risks. This is especially true for home network security, says Barry Spielman, director of security product marketing at Allot. Many people aren’t even aware of the total number of connected devices within their homes, all of which could serve as a gateway to cyber criminals. 

Hackers have learned how to access IoT devices which are known to lack built-in security controls, and they often try to identify the weakest links in order to access home networks, connected devices, and information found on them. The impact of a home router being breached can be especially damaging, since once the home router is hacked, that means all of the devices connected to it are at risk too.

The router serves as a backdoor into every device on its network, giving cybercriminals the ability to access everything from smart TVs to appliances. Additionally, home routers are optimised for the lowest possible cost, maximum convenience, and rapid time to market. Essentially, these routers are manufactured without security being a primary concern.

Another issue is that there are a number of ways in which home routers can be breached. In order to fully explain how these attacks can be prevented or managed if they occur, it is crucial to understand how home routers are vulnerable to attacks.

Threats both outside and in the home 

One of the biggest challenges to securing a home router is that it can be compromised by both cyber-attacks from outside of the home network, as well as from devices inside of it. 

By impersonating a router management system, hackers can also change the router’s firmware and bring forth a range of risks, from a traffic/keystroke logging attack to a complete lockdown of the router or sometimes forcing the router and connected devices to join a Distributed Denial of Services (DDoS) bot attack.

During such attacks, devices connected to the home network can be instructed to direct requests to a targeted server. The server is flooded with requests from thousands or millions of compromised devices, and unable to handle the load and process the legitimate requests. While these types of attacks don’t steal data, they can overwhelm the bandwidth, leading a network to lag.

Another frequently used attack method by hackers is to change the router configuration. If a hacker can successfully do this, then they can control both the router’s behaviour, and can cause irreversible damage to the router itself. 

A hacker can also modify the DNS server used by the router to hijack traffic meant for legitimate domains and impersonate those domains. This can lead cybercriminals to effortlessly gain access to personal credentials and data, as well as business data from all of the devices on a home network. This leaves consumers, and the businesses tied to them, exposed to a wide variety of cyber-attacks, from financial theft and phishing to ransomware.

Routers’ greatest vulnerabilities

Hackers are often able to access routers by using default passwords and open ports, enabling them to use home devices as they desire. These attacks lead hackers to explore the router’s Web interface through devices on the network, typically through weak authentication methods.

As mentioned above, another major reason these attacks can be easily carried out is that many consumer IoT devices are not built with security features in place. This leaves them at risk of hacking and malware. Furthermore, some IoT devices have underlying operating systems that make it impossible to protect themselves from attacks. Once a home router is attacked, IoT devices are one of the prime targets. 

How can consumers protect themselves? 

There are several steps that consumers can take to protect their home routers, and all of the devices connected to them. 

Some simple steps include

  • Standard intermittent rebooting of the home router, which could even be done on a daily basis and can help protect it from threats. 
  • Making the effort to change router credentials from factory defaults helps add a level of security. 
  • More advanced measures such as regularly updating the router’s firmware, or purchasing a high-end router that will have standard, risky protocols disabled. This provides an added level of protection. 

Where do network operators come in? 

While there are certainly some simple steps that consumers can take, an all-encompassing approach means network operators, including fixed telecom providers, ISPs and cable providers should take proactive measures to ensure their consumers’ networks are secure. Network operators are in a position to provide consumers with a multi-faceted approach to home network security, without the need for end-point solutions. This requires downloads and updates by individual consumers.

Network operators can provide protection to home routers by securing both the source of Internet connection, as well as monitoring the network activity in a home itself. This guarantees the router only communicates with approved devices, while protecting those routers from unauthorised remote access. By monitoring traffic from outside and in the home, viruses, malware, phishing attacks and ransomware can be detected, as well as eradicated before they cause damage to the router, network and connected devices.

Security solutions can help home networks by educating consumers on the devices that are most vulnerable to attacks, such as those that use default passwords. Network operators can identify such devices, alert consumers to their risks, and provide guidance on the steps they can take to secure them. Network operators can also isolate the most vulnerable IoT devices so that if those are compromised, they won’t provide a gateway to other devices on the network.

Closing thoughts 

As the number of Internet of Things (IoT) devices in each household continues to grow, it is critical that consumers and network operators alike take steps to protect home networks and connected devices. Without effective security measures in place, consumers’ personal data, financial information and business information during the work from home era is all at risk.

In addition to taking several steps, such as ensuring the router settings are changed from the factory settings and that routers are frequently rebooted, consumers should trust their network operators to provide protection as well. With advanced network-based security solutions to both protect networks, devices and monitor network traffic, network operators can keep an eye on everything from the router itself to smart phones, smart washing machines and more.

 The author is Barry Spielman, director of security product marketing at Allot

About the author

Prior to joining the Allot team Barry Spielman held marketing management positions at networking and cybersecurity companies including Sixgill, Verint and Gilat Satellite Networks. Spielman holds a B.A. in Political Science from Bar Ilan University, an M.A. in International Relations from George Washington University and an M.S.M. in Business Administration from Boston University.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

RECENT ARTICLES

Motive and Navistar partner to equip fleet operators with robust vehicle telematics data and insights

Posted on: July 1, 2022

San Francisco, USA. 29 June 2022 – Motive, the specialist in Automated Operations, and Navistar, a manufacturer and solutions provider to the medium-, heavy- and severe-service trucks industry, announced today a strategic partnership and future product integration that will connect Motive’s Automated Operations Platform with Navistar’s OnCommand Connection telematics and Advanced Remote Diagnostics solutions.

Read more

Seamless indoor cellular coverage has earnt its rightful place as a 4th utility

Posted on: July 1, 2022

“Network infrastructure including fibre broadband and Wi-Fi access points are factored into all new building projects from the outset, with mobile coverage infrastructure taking second place. Both should be given equal status in a world driven by tech,” says Colin Abrey of Nextivity.

Read more
FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more

What is IoT?

Posted on: July 7, 2019

What is IoT Data as a new oil IoT connectivity What is IoT video So what’s IoT? The phrase ‘Internet of Things’ (IoT) is officially everywhere. It constantly shows up in my Google news feed, the weekend tech supplements are waxing lyrical about it and the volume of marketing emails I receive advertising ‘smart, connected

Read more
IoT Newsletter

Join the IoT Now online community for FREE, to receive: Exclusive offers for entry to all the IoT events that matter, round the world

Free access to a huge selection of the latest IoT analyst reports and industry whitepapers

The latest IoT news, as it breaks, to your inbox