- New IoT botnets are always lurking on the horizon
- Users have an ever-increasing inventory of IoT devices to keep track off and it’s starting to become a hassle
- The protection of a smart home shouldn’t be the consumer’s full-time job
Security researchers discovered a couple of new botnets from different operators in a single week, illustrating the users' desperate need for protection. The affected customers could technically take a few mitigation measures, but the threat would be much easier to deal with if ISPs had the right tools.
Security researchers from 360Netlab found two IoT botnets in a single week, both of which used a lack of security as a means to compromise devices. Attackers designed one to infect a widespread commercial router and another to infect machines with open Telnet ports. Both issues would not exist in a network controlled by an ISP that secures people's IoT devices with a dedicated solution.
Some problems are challenging to fix, especially when the reasons for their existence have been around a long time. We all know that poor security is the IoT industry's Achilles' heel, but almost nothing is done about it. Users have to fend for themselves as companies churn out new IoT devices, ignoring security issues.
As people's homes become more intelligent and as more IoT devices arrive onto the market, the attack vector expands drastically. It's becoming increasingly difficult for consumers to keep up with their own security, especially now that houses can have dozens of smart devices.
Cybersecurity becomes a day job for consumers
Imagine having a dozen IoT devices in a house, including phones, smart speakers, thermostats, watches, TVs, game consoles, media players, streaming devices and others. In theory, users should pay attention to the news, notice when one of their devices is affected by a vulnerability, get the update and install it. And this is a fortunate situation because many IoT devices will never get that patch, leaving users perpetually vulnerable.
What if users could use a smart router that can monitor all devices connected to it for vulnerabilities, and is perfectly capable of stopping attacks originating to or from compromised IoT devices? Fortunately, the same solution that powers that router is also available for ISPs, to integrate into their devices.
Security should be an implied service from ISP
Protecting users' devices makes perfect sense for an ISP. No service provider want devices in its network to be used in DDoS attacks, for example. Having a security solution that can stop such events helps both the users and protects the ISP's infrastructure.
The Bitdefender IoT Security Platform works on existing devices, and ISPs don't need to buy specialized hardware. With a light footprint, the security solution in a smart router is barely noticeable and doesn't hinder the device's performance.
Besides DDoS protection, users will also benefit from brute force protection. In fact, brute forcing credentials is the most successful method used by attackers. The security solution also determines whether the connected devices have known vulnerabilities and informs the customers. Other features include parental control, anomaly detection and even VPN.
Users should really consider their IoT security when choosing an ISP, to make sure their data is protected and bad actors don't use their devices. On the other side, ISPs have to consider any and all solutions that provide new services to customers, which the Bitdefender IoT Security Platform has an abundance of.