Protecting yourself from the 'things' on your home network
- Summary:
- The rapid proliferation of unsecured IoT devices is exposing the end customers of ISPs and other digital service providers to a relentless barrage of cyber attacks. Israeli startup SAM Seamless Network claims to have a solution.
At my house right now, there are 7 'things' connected to the internet - unless my hasty survey missed something, which is possible because many of us have little or no idea about what’s coming in and going out of our gateway.
The average home now has 3.2 connected devices, according to GlobalWebIndex, but that number is sure to rise as more and more consumer products are connected to the Internet of Things. By 2022, according to Cisco's annual Visual Networking Index, machine-to-machine (M2M), connections that support IoT applications will account for more than half of the world's 28.5 billion connected devices.
Sivan Rauscher, co-founder and CEO of the Israeli-based B2B startup SAM Seamless Network, said in a telephone interview, that hackers target IoT devices because they are easy to hack:
As more of our daily lives become more connected and dependent on the web, the sheer number of devices and endpoints in your home makes likely it likely that some of these attacks will succeed. Because IoT devices lack a security layer like authentication, encryption, all of those usual basic security layers, they are low hanging fruit.
Rauscher, a former Captain and project manager in the Israeli army's elite 8200 intelligence unit (Israel's NSA), founded SAM in 2016 with fellow Israeli cyber-intelligence specalists, CTO Eilon Lotem and Vice Chairman Shmuel Chafets. The company raised around $4 million in seed funding in February 2018, followed by a Series A round of $12 million in November 2018.
Investors included Intel Capital, ADT Inc., NightDragon and Blumberg Capital. Intel and ADT are also both customers.
The big idea
Because IoT devices are internet or Wi-Fi connected, the common denominator is the home router, which creates an interconnected network of all devices and applications within your home. Most routers are built with protective firewalls and most people have some form of security installed on their computers, but if these are left on the default configuration, they still remain easily hacked—usually without the consumer even knowing about it.
The default configuration, in many cases, allows remote access to the router using a known combination of username and password that is the same for all routers of that model. If the attacker can connect to the router using credentials like ‘admin’ and ‘1234’, he is then able to disable the firewall, to remotely knock out the device.
This is a huge problem. Security vulnerabilities affecting the popular broadband cable SURFboard modems produced by the ARRIS (formerly Motorola), for example, left more than 135 million devices open to attacks. Said Rauscher:
Routers are the most vulnerable part of home networks and keeping them secure and updated is something that requires full-time, round-the-clock ‘smart' monitoring. Although vulnerabilities are easy to patch as the vendor just needs to update the firmware, this is an expensive, risky and long process. Sometimes the rollout of an update won't happen due to fear of stability regressions and other times the manufacturer doesn't provide the necessary update, leaving the routers vulnerable. In any event, these updates can't be executed by the end-user alone, the ISP has to distribute the patches themselves, which adds time and complications.
SAM’s big idea was to create a AI-driven home security system that large enterprises like ISPs, telcos, security companies could offer as a premium security service through their CPEs (Customer premises equipment is telephone or other service provider equipment that is located on the customer's premises rather than on the provider's premises) that helps their customers protect their own home networks in real-time.
The software identifies every connected device on the network and then uses its AI-powered cloud to apply the appropriate security policy for each device. Its virtual patching security fixes within days of their detection.
SAM's solution gathers numerous network parameters to create a sensor, and detects anomalies in the home network, blocking malicious software and viruses. Through SAM’s technology abnormal behaviors and trends can be identified and we can classify the specific device the virus was coming from.
SAM’s first big success story is Israel’s largest telecommunications company Bezeq, which over the past year, has installed SAM's seamless, core cybersecurity software in over 1.5 million households. SAM says it prevents an average of 67.4K DoS attacks, 15,6K Malware attacks, 18K spyware, and 2.5K router takeover hacks to Bezeq’s customer base on a weekly basis.
In addition, over 35% of the Bezeq’s customers have subscribed to SAM’s premium enterprise-grade security service, opting to pay an extra few dollars per user per month to protect LANs, home or small office networks, and creating a new revenue stream for the telco.
My Take
Tech marketers tell us that IoT will make all our lives easier and more convenient and maybe that is true, although it’s hard to envision just how useful self-lacing sneakers or self-flushing pet potties might be. One thing on which everyone seems to agree is that billions of lightly secured connected devices will create an enormous playground for digital evildoers and create new security risks that haven’t even been thought of yet. Every day there are new reports of how such devices have been compromised, hacked and used to attack users in dangerous ways.
SAM looks like a company with the right product at exactly the right time. The fact that the company has come so far in less than three years and attracted investors and customers like Intel and ADT is proof that the concept of providing ISPs and other digital service providers with a basic tool that protects their customers from IoT attacks, patches vulnerabilities quickly and inexpensively, and creates a new premium service they can charge extra for, looks like a crackerjack idea to me.