Our security operations team shares that on average, households that use CUJO have 14-15 connected devices. Sounds like a lot of devices to have, right? Not really.
How come that many?
Let’s count a bit. An average American household consist of 2-3 members. Each of them will probably have a smartphone. Most of them have a laptop, some – a desktop computer. The basics already make 4-6 devices per household.
Then we have shared devices that all family enjoys: a gaming console, a smart TV or a tablet. Young parents will probably use a baby monitor. Music lovers will invest in a voice control sound system. Someone who hates vacuuming probably will get themselves a Roomba. Voice control device like Alexa, a smart thermostat, a printer or a connected doorbell might be a bit less common, but they are getting welcomed into more homes every year.
If you add all of that, it will seem that having JUST 15 devices per home is a conservative number.
By the end of 2020, we’ll have 30.7 billion devices installed.
So what’s the problem?
The key problem is that the whole Internet of Things industry was not built with security in mind. First, someone sees an issue and gets an idea how to fix it. Then they create a device, some of which are making people’s lives better, others are not as good as advertised.
Most of the new smart devices are usually built with lean manufacturing in mind: make a minimal viable product, ship fast, rinse and repeat.
Usually, there is no time for things like proper security practices in most startups, and because even huge companies (Equifax, Yahoo or Instagram) tend to fail at this. Quite often people do not put enough thought to cybersecurity.
Danger online comes in 2 main ways: either it’s a security breach in a company that stores your data, or it’s a problem that you bring on yourself by not following proper cyber hygiene practices. In this blog, we’ve talked a lot about the usual problems online (malware, phishing, viruses). Let’s talk a bit more about another important concept: device security.
IoT+S: Internet of Things, Secured
What’s one of the first things you do when you come to someone’s home or visit a cafe? You ask for their wifi password. Once you use the password, you join the network. Or join the free access internet in these same cafes or airports.
That way you become a part of the same network, like all other devices that use the same password. This is where it can get dangerous.
To put it simply: if one device on that network is compromised, there is a big chance that all of them will be.
Most of the times, the biggest danger is related to smart gadgets, because you cannot install any protection on them. But many people will not have antivirus on their smartphone or tablet as well. Some people do not even update their pre-installed antivirus on their laptops. It can get messy quite fast.
All those 14-15 devices I’ve mentioned before are connected to one network when they use your internet. If some of those devices are not protected, then it’s really easy for hackers to get to your data.
Why should hackers care about me?
It’s not too usual for a hacker to target one or another home in particular. And when they do, it gets really creepy, fast. Just take a look at this story about hackers that remote access a baby monitor and talk to kids at night.
Usually, hackers write computer programs that seek to find vulnerabilities. Those programs randomly target thousands of users. It’s not personal – hackers do not care if it’s your device or if it’s someone’s in Chicago. What they care about are devices that are easy to access and start controlling.
How CUJO works? Identify, block and alert
CUJO stands as a gateway protection, isolating your local network from outside. All the traffic that comes into any of your devices gets checked and either blocked or allowed. If the website was blocked, the home user gets a notification to their app.
All the traffic that is checked is also encrypted – we do not know what you do online, nor we store any of your private data. We don’t use deep packet inspection, meaning that you keep all your privacy. We check only the metadata and see if the website you want to visit is malicious.
If some unauthorized source tries to remotely access any of your devices, such as cameras, or if a DDoS attack happens and a hacker tries to enlist your IoT devices into a botnet, we protect those devices and make sure you know about it as well. Or if the infected device starts acting weird and not according to manufacturer’s plan. Or countless other cases – we’ll talk more about it in the next installments of this article series.
How does that work?
We use the best of two worlds: our cybersecurity experts provide all the knowledge there is to build a secure infrastructure, and our machine learning algorithm makes sure we are agile and proactive towards new hacking methods.
Our machine learning algorithm collects data from new and old malicious sites and constantly learns how to detect new threats. If one CUJO finds a harmful website, it automatically informs all other CUJOs. So anytime you try to visit a website, you are sure that it is safe.
We protect your devices from outside threats, but you still have the full control of your network. You can control access to all the services, websites and apps that devices on your network use. For instance, if you have children and do not want them to see adult content or access social media, you can block those websites on your children’s devices on specific times.
This is the first article from the series “How CUJO works?”. Later on, we’ll discuss how CUJO uses machine learning, device identity and other functions, such as access controls.
If you want to learn more, write your question in the comments and I’ll do my best to answer them all.
And if you want to hear from people that already have CUJO, check out 600+ reviews on Amazon.