A connected but not yet secure home

A survey of service providers reveals most are committed to providing managed Wi-Fi, but few have a clear strategy for providing cybersecurity and connected home services.

Wireless Signal 1119306 1280

The number of homes with managed Wi-Fi will reach 294 million in 2025 from 40 million in 2020, according Maravedis’s latest report, Managed Home Wi-Fi Networks for the Smart Home 2020-2025. Managing the quality of broadband experience in the home is a priority for most service providers, and Wi-Fi is the centerpiece of that strategy. But what about security?

Privacy and security concerns are growing everywhere as stories of massive data breaches make the headlines. Wireless as a medium is prone to breach and espionage, and both citizens and politicians are increasingly wary about privacy and security issues for both humans and connected machines.

By 2020 alone, Gartner predicts that there will be 12.8 billion consumer Internet of Things (IoT) devices connected to the Internet, and further, that on average, early adopters will have as many as 16 to 18 connected devices per household. Homes worldwide are exposed both to new opportunities, as well as security risks, as a result of this increasing connectivity.

New reports on mass cyberattacks targeted at consumers through phishing, malware and DDoS are making the headlines. Most connected and IoT devices are built with no or poor security, giving intruders access into the home network and possibly personal data. Since these devices connect and interconnect from the router/gateway provided by the network operator, the solution is an added layer of security embedded in the middleware and SDK app. Vendors are developing solutions using artificial intelligence (AI) and machine learning (ML) to detect intrusions and abnormal activity, such as a camera wanting access to the smart lock.

Unfortunately, security is not front-of-mind in the manufacture of smart devices. Low cost and speed-to-market are prioritized by manufacturers over security. Generally, it is assumed that the devices will be placed on a secure network, but most often, this is not the case. The IoT devices that customers install in their homes affect broadband services, frequently creating new types of vulnerabilities. Home networks are particularly vulnerable to hacks, because it is not possible to install endpoint security on the majority of customers’ devices.

Both traditional and new/novel hacking methods are increasingly being used to target smart devices (TVs, DVRs, cameras). The introduction of Wi-Fi Protected Access (WPA3) addresses the increased security requirements from user access, new use cases and the IoT in the smart home.

According to NetScout, nearly 4 million DDoS attacks occurred around the world in the first half of 2019 alone. More than 20,000 unique Mirai samples and variants monthly have been reported in the first half of 2019, flattening any competition in the IoT malware space. These malware binaries and variants mimic predecessors by using a mixture of hard-coded administrative credentials and exploits to compromise IoT devices.

Surprisingly, service providers don’t seem ready to protect their customers yet. In our survey from the Managed Home Wi-Fi Networks for the Smart Home 2020-2025 report, we found that the majority of service providers we surveyed and spoke to are still at the early stage of any comprehensive cybersecurity offering; 75% of them have not selected their home security platform provider yet. Service providers will need to educate their subscribers about the benefits of protecting their connected home if they hope to monetize new services beyond parental control.

Operators also indicated that protecting their network from new threats and protecting their network from abuse and unnecessary traffic (DDoS, serving malvertising, serving spam, etc.) were equally important (51%). This is followed by protecting their customers from new threats and privacy. So, it is clear that service providers want to protect their network infrastructure from attacks before worrying about the end users.

Adlane Fellah is managing director of Maravedis LLC, a market research and analysis firm. An veteran industry analyst and influencer with 20 years’ experience in the telecom sector, he authored various reports on Wi-Fi, LTE, 4G and technology trends in various industries including retail, restaurant and hospitality. Fellah is a Certified Wireless Network Administrator (CWNA) and Certified Wireless Technology Specialist (CWTS). He also regularly serves as a Glomo Awards (GSMA) and WBA Awards judge. Fellah will present a webcast based on the Managed Wi-Fi and Security for the Smart Home 2020-2025 report on December 3, 2019.

More in Home Networks