Bitdefender BOX : the ultimate security solution for smart home environments?

Bitdefender Box in home environment

By Marc, Editor at IoT Business News.

Bitdefender has just released the 2nd generation of its Bitdefender BOX, a hardware security appliance designed to offer protection to all the home systems and devices connecting to the Internet. The protection applies to all devices running operating systems like Windows, Mac OS, Android, iOS, but also to Kindles, smart TVs, gaming consoles, smart thermostats, or any other internet-enabled device. At a time where IoT security has become a hot topic, Bitdefender brings to the consumer market an easy-to-use solution to protect connected home devices against a large variety of cyber threats.

Bitdefender Box pack shot

Advanced security features for connected home devices

The Bitdefender BOX has been designed as a Smart Home Cybersecurity hub able to secure any home network with all the internet-enabled devices attached to it. And the protection doesn’t stop at the front door. Whether you’re connecting to public wifi or using your mobile network, your devices will stay secure out in the world as they do in your home.

The Bitdefender team has done a nice job, designing an elegant yet powerful box able to run a large set of security features on its Dual Core Cortex A9. Embedded wireless connectivity supports 802.11ac MiMo Wi-Fi delivering up to 1 Gbps throughput.

The BOX comes with the following smart home security services pre-integrated:

  • Web scanning: The BOX checks every website that the devices access and in case the website is listed as malicious in our cloud database, the BOX will block access to it.
  • On demand Vulnerability Assessment: The BOX offers the option to scan a certain device and check for vulnerabilities. In case the device is found vulnerable, the user will be notified in the BOX managing app regarding the vulnerability found (week credentials, outdated firmware, CVE vulnerabilities, etc). This also includes tips on how to address and secure your network, based on the specific vulnerability BOX has identified.
  • Device detection: Once a new device is connected to the network protected by the BOX, the user will be informed through a notification displayed in the managing app of the BOX and will be asked if he wants to allow the device to be connected to his network.
  • Exploit prevention: This engine identifies and blocks exploits through a mechanism similar to other popular IDS solutions in the market. It includes generic signatures to cover a wide array of attacks as well as specific signatures wherever needed (noting that the signature list is constantly expanded).
  • Anomaly detection: The anomaly detection engine uses machine learning and cloud correlation to understand how devices should behave under normal circumstances and is able to accurately identify, block and alert upon any malicious activity.
  • Brute force protection: This security module blocks forced authentication on devices connected to the BOX protected network.
  • Sensitive data protection: This module identifies whenever credit card information or passwords is sent over a non-encrypted connection and block the attempt. The user is free to surf a non-secured website without issues but any attempt to send sensitive information will be redirected to a warning page.

When operating in Network Level Protection mode, all the devices connected to the BOX-protected network benefit from the here-above security features.

The BOX can also operate in Local Protection mode. With this option, the Bitdefender BOX offers extended protection to all devices connected in the home network but also outside of it with the help of the Bitdefender Total Security package. This also includes a range of extra protection features like VPN brought through Bitdefender Total Security on Windows, Bitdefender Antivirus for Mac on Mac OS, Bitdefender Mobile Security on Android and iOS.

Setup and System requirements

The most common configuration is using the BOX with the router provided by your ISP but the BOX can also be used with a combo of ISP provided router + personal router. At last, it is also possible to use the BOX configured as a standalone router if you wish to create a new Wi-Fi network. Whatever option you choose, the setup process is quick and smooth.

Bitdefender BOX can be installed and managed only using a dedicated app, available for devices running Android 4.0 or newer and iOS 7.0 or newer. The network level protection does not have any operating system requirements. The only requirement is that the devices need to be able to connect to the BOX protected network.

The Local Protection, Device Management and VPN have the normal Core Products system requirements, Windows 7 or newer for Bitdefender Total Security, Mac OS 10.9.5 for Bitdefender Antivirus for Mac, iOS 9 and Android 4 for Bitdefender Mobile Security.

BOX package content

The Bitdefender BOX package contains:

  • The Bitdefender BOX.
  • A power adapter for powering on the unit.
  • An Ethernet cable – for connecting BOX to the existing router.
  • A Quick Start guide – to get started with the setup.
  • A Quick Start guide – for helping get started with the setup.
  • A warranty card.

Price

The Bitdefender BOX is offered at $ 249.99 and can be ordered online from the Bitdefender online store.

It is to be noted that apart from its security BOX, Bitdefender offers a free IoT scanner that looks for vulnerable devices and passwords, and offers detailed security recommendations for home networks. If you are not ready yet to get equipped with the BOX, we recommend at least to try this smart (and free) tool which will scan your home Wi-Fi network for weaknesses.

Bitdefender Box in home environment

Conclusion

With the fast development and deployment of IoT devices, new security threats appear almost every day. Although we can expect that enterprises are in a position to address their IoT security issues by setting up smart security protocols and sophisticated equipments, most likely it is not the case for the millions of people using internet-connected devices at home. With its BOX 2, Bitdefender offers to the consumer market an efficient and affordable smart home security solution which may soon become a must-have in any home environment. Easy to setup and packed with the latest cybersecurity features, it is an excellent option for everyone looking to be on the safe side when using IoT devices at home or on the go.

The post Bitdefender BOX : the ultimate security solution for smart home environments? appeared first on IoT Business News.

IoT Business News

Smart home platform revenue to touch $39.5 billion in 2026, projects Navigant Research

A new Navigant Research report has projected that smart home platform revenue globally will reach $ 39.5 billion in 2026 from the present worth of only $ 4.2 billion.

At the time when consumers are getting more and more conscious about smart home technologies, the report analyses the global smart home platform with focus on residential IoT hardware, software, services, and smart home platforms. It also discusses the issues associated with the smart home market including value propositions, market channels, and drivers and barriers as well as key devices and technologies.

According to the report titled “The Smart Home”, adoption of the smart home platform among consumers is motivated by several factors such as tech incumbents, telecommunications providers and security providers. It is also held that these stakeholders are putting their existing footprint to involve in the smart home market resulting in increased availability smart home devices.

Paige Leuschner, research analyst with Navigant Research, said: “The concept of a smart home has the potential to revolutionize the way we interact with our homes and the grid. Homes that act intuitively and intelligently through a comprehensive ecosystem of hardware, software, and services not only enrich consumers’ lives, but also play a role in the transition to the Energy Cloud.”

Meanwhile, another Navigant Research report has projected that combined cumulative revenue for Industrial Internet of Things (IIoT) devices, software and services worldwide will surpass $ 1 trillion by 2027. According to the report, enterprises will the main drivers behind this trend as they realise the truth value of IIoT, which leads to decreased costs and increased equipment maintenance.

iottechnews.com: Latest from the homepage

Create the smart home gadget of the future with Alexa and Arduino

We’re excited to announce a new challenge with Amazon Alexa and Hackster.io, which invites the Arduino community to design the smart home gadgets of the future.

Makers have already come up with exciting ways to integrate Alexa and Arduino into their projects, from talking teddy bears and singing animatronic fish, to voice-controlled blinds and holiday decorations, to robotic coffee machines and drink mixers. And now, we want to see what next-generation devices you can come up with. Personalized lighting? Room temperature automation? Security and doorbell systems? Pet toys and feeders?

Contest winners will be awarded with prizes that can help take their ideas from prototype to product through Dragon Innovation’s certification process, Kickstarter coaching sessions, cash, and more.

The Best Overall Alexa Smart Home Skill & Gadget winner will receive a prize package valued at $ 29,000:

  • $ 14,000 cash
  • Kickstarter Package: Promotional video and marketing fund
  • Dragon Innovation Certification
  • A 60-minute Kickstarter coaching session

Want to learn more about the Alexa and Arduino Smart Home Challenge? You can find a full list of prizes and rules here.

Arduino Blog

Blueborne discovered to affect Amazon Echo and Google Home

Blueborne discovered to affect Amazon Echo and Google Home

Intelligent speaker vendors forced to patch up AI-enabled voice assistants after devices shown to be vulnerable to Blueborne virus. 

Back in September, we reported how researchers at IT security company Armis had revealed the existence of an ‘airborne’ IoT malware called Blueborne.

The flaw was shown to be affect many devices using Bluetooth connectivity – from smartphones to medical devices – potentially enabling hackers to take control of them and spread the malware ‘over the air’ to other vulnerable systems.

Now, in an update, researchers at Armis have issued an update revealing that the flaw also affects Amazon Echo and Google Home voice assistants.

“Since these devices are unmanaged and closed source, users are unaware of the fact their Bluetooth implementation is based on potentially vulnerable code borrowed from Linux and Android,” they write.

Read more: Security researchers warn of ‘airborne’ IoT malware, Blueborne

Amazon Echo and Google Home

According to the update, the Amazon Echo devices are affected by two vulnerabilities: first, a remote code execution vulnerability in the Linux Kernel (CVE-2017-1000251), and an information leak vulnerability in the SDP Server (CVE-2017-1000250).

Google Home devices, meanwhile, are affected by one such vulnerability: an information leak vulnerability in Android’s Bluetooth stack (CVE-2017-0785).

“These vulnerabilities can lead to a complete takeover of the device in the case of the Amazon Echo, or lead to DoS of the Home’s Bluetooth communications,” said Armis.

The researchers note that this is the first severe remote vulnerability found to affect the Amazon Echo, “which was an impregnable wall up until now, with the only known vulnerability requiring an extensive physical attack.”

Researchers said the company both Amazon and Google about the findings, and both companies have issued automatic updates for the Amazon Echo and Google Home.

“Customer trust is important to us and we take security seriously. Customers do not need to take any action as their devices will be automatically updated with the security fixes,” said Amazon in a statement.

Read more: Amazon’s Alexa can now control your smart home cameras

Armis CTO speaks out

In an interview with US IT publication e-Week, Nadir Izrael, co-founder and CTO of Armis Security said that organisations can find themselves full of devices that basically have open microphones that can “listen to everything and the organisation has no idea they are even there”.

That’s a problem, he explained, because these devices are constantly listening to Bluetooth communications. There’s no way to put an agent or antivirus software on them and, given their limited user interface, there is no way to turn their Bluetooth off, as can be done with many other IoT devices in the home, such as smart TVs.

“With BlueBorne, hackers can take complete control over a vulnerable device, and use it for a wide range of malicious purposes; including spreading malware, stealing sensitive information and more,” said Izrael.

And the problems aren’t confined to homes. A recent survey by Armis of its clients showed that over four-fifths (82 percent) have at least one Amazon Echo in their corporate environment, “sometimes in very sensitive environments.” In many cases, corporate IT may not even be aware that these devices are attached to the network.

Read more: Honeywell launches Smart Home Security System

 

The post Blueborne discovered to affect Amazon Echo and Google Home appeared first on Internet of Business.

Internet of Business

BlueBorne put billions of IoT devices at risk – including Echo and Google Home

A serious vulnerability affecting billions of IoT devices also put Amazon Echo and Google Home users at risk.

The vulnerability, known as BlueBorne, was discovered by IoT security company Armis and found to put more than five billion devices at risk of attack. Researchers have now confirmed the attack surface included as many as 20 million Amazon Echo and Google Home devices.

If compromised by BlueBorne, the device can be used to establish a ‘man-in-the-middle’ attack to gain access to critical data, personal information, web traffic, and network availability.

As the name suggests, BlueBorne is an airborne vulnerability over Bluetooth. A hacker does not have to be in the vicinity of the vulnerable device and can launch a remote attack from a compromised device with Bluetooth capabilities.

With many computers and smartphones featuring Bluetooth, the initial device could become infected through clicking on malicious links or downloading files. Once compromised, it can then use the BlueBorne vulnerability to infect other Bluetooth-enabled devices — such as the Amazon Echo and Google Home.

"Burgeoning demand for digital personal assistants is expanding the avenues by which attackers can infiltrate consumers' lives to steal personal information and commit fraud," said Yevgeny Dibrov, CEO of Armis. "Consumers and businesses need to be aware how their devices are connecting via Bluetooth, and the networks they may be accessing, in order to take security precautions to protect their information."

Business threat

Although thought of as consumer products, these devices are making their way into business environments for their digital assistant capabilities. This will raise concerns about IoT devices being used for espionage and/or blackmail.

“Rising airborne threats such as BlueBorne and KRACK are a wakeup call to the enterprise that traditional security simply cannot defend against new attack vectors that are targeting IoT and connected devices in the corporate environment,” added Dibrov.

“Every organisation must gain visibility over sanctioned and unsanctioned IoT devices in their environments. If they don’t, they’ll be victimised by a breach that can lead to stolen identities for customers and employees, impact their bottom lines, and even cost top executives their jobs.”

It is estimated there are 15 million Amazon Echos and 5 million Google Home devices sold, according to a report in September by Consumer Intelligence Research Partners. Additional estimates indicate that more than 128 million Echos will be installed by 2020 and drive more than $ 10 billion in revenue for the company.

Google Home and Amazon Echo have since been patched to address the BlueBorne vulnerability, but many others remain vulnerable. Armis has released an app on the Play Store which can be downloaded here and used to identify impacted devices.

Are you concerned about IoT device vulnerabilities such as BlueBorne? Let us know in the comments.

iottechnews.com: Latest from the homepage