• Cujo AI report is based on data from 1.8 billion connected devices, thus statistically very significant
• Hackers prey on data storage on IP cameras, baby monitors and the widening plethora of devices found in homes and offices. 
• The number of IoT devices no longer supported by vendors is a huge concern 
• Regulation may help a little but, in essence, security is an insoluble problem

Many of our home devices may be smart but as individual humans we may not be all that clever, especially when it comes to being conned by phishing scams. Indeed, according to Cujo AI’s scarily fascinating and very detailed Cybersecurity Report 2023: Consumer Devices Under Threat, 56% of internet users try to open at least one phishing link every month.

It’s a very high number given the amount of information that is constantly pumped out by the likes of network operators, banks and financial institutions, government and municipal authorities, shops, the police and consumer agencies warning us to beware, take nothing for granted where email, messaging and web access is concerned and always think twice and then think again before clicking on something. However, as attacks get ever more sophisticated they become more persuasive and even with our anti-gullibility antennae turned up to 11, we can still be duped – and more than half of us are.

Cujo AI is a US network intelligence software company headquartered in El Segundo, California. It provides cybersecurity and device management software for mobile network operators and broadband ISPs allowing them to protect end users’ devices and home networks. The company claims its platform is used to monitor more than 1.8 billion devices and provides “the most advanced AI algorithms” to help its clients “uncover previously unavailable insights about devices on their networks”. 

The report is based on anonymised threat data drawn from those connected devices and is the widest yet available overview of the multiplicity of data threats faced by real-world home networks. The new edition of the annual report focuses on device types and models that are outliers in the number of threats they face.

As might be expected, a key finding of the report is obvious but well worth the repetition: Cybercriminals prey on data storage, on IP cameras, on baby monitors,  digital video recorders (DVRs) and a widening plethora of devices increasingly found on domestic premises, home-office environments and in businesses. IP cameras and DVRs are attacked dozens of times more frequently than other devices. Criminals learn quickly and hone in on types of devices and on specific brands according to their popularity with consumers, their accessibility or vulnerabilities. For example, 98% of baby monitor hacks (an incredible number) are on devices from a single vendor (D-Link).

The reality is that phishing attacks hit every other home network and 56% of internet users either try to or succeed in opening one phishing link every month. Meanwhile, adware attacks hit their peak at weekends as people have more time to browse and shop online. On Saturdays and Sundays attacks are up 400% compared with weekday adware hacks.

Another area of growing concern is Web3 vulnerabilities. Web3 is a term used to describe “a new iteration of the world wide web”, which is based on decentralisation and blockchain technologies. Cryptocurrencies, non-fungible tokens (NFTs), and other token-based economies are a major part of the Web3 movement. And whilst phishing scam numbers are currently quite low for the sector, constituting just 0.5% of new attacks, Web 3’s potential popularity will soon make it a prime target for fraud and theft.

End-of-life IoT devices are easy prey

A related problem is the sheer number of end-of-life, unsupported or outdated devices, the number of which is increasing daily. This magnifies the risk to home networks. As we know, the lifetime of an IoT device often exceeds the period during which a vendor will support it. In-built obsolescence is a common vendor ploy to get consumers to buy a new device when support for a (not very) old one expires, those left in situ, in their countless numbers, are left unprotected, badly configured and riddled with unpatched vulnerabilities that leave them open, easy prey for hackers.

As the report shows, domestic and enterprise networks are under constant bombardment by hackers who scan endlessly and remorselessly via automised scripts looking for chinks in a device’s armour. Often those gaps are so big that cracking an IoT device is a simple matter of letting an automated probe do its stuff and when vulnerabilities are found and exploited, just breaking in and running amok. 

To make matters worse, the increasing number of vulnerable IoT devices feeds the burgeoning deployment of botnets as well as the good old brute-force distributed denial of service (DDoS) attacks. As Cujo AI notes, “As the cybersecurity landscape continues to evolve, we clearly see the need and value of… multi-layered security solution to protect tens of millions of households.” 

Leonardas Marozas, head of the Cujo AI Security Research Lab, states, “Cybercriminals are finding new ways to victimise home users. These attacks are evolving, and it is only natural that many people struggle to find the tools to protect their devices, data, homes and businesses from digital threats – protecting smart equipment can be extremely difficult for the average user.”

The report indicates that unattended (mostly comprising IoT devices) and attended devices (such as smartphones and computers) face different types of attacks – handsets, tablets and laptops get phished, while background devices are targeted en masse by botnet malware.

The security of attended devices is largely dependent on a user’s behaviour and awareness of the security risks he or she faces, while unattended device security is predominantly down to vendors and the ways in which the devices are configured. An added complexity is the amount of time users will (or will not) spend on making sure that device security is optimal and then checking that defences are holding up under the constant attacks by botnets, automated scanners and other exploitation methods and ploys.

To give some idea of the scale of the problem, Cujo AI reported that its software has blocked in excess of 4.2 billion threats over the past 12 months, and that’s just one company’s products. Carriers and service providers prioritise the security of consumer networks but it’s a time consuming and expensive process that has implications for monthly bills, which many are already finding difficult to pay as inflation rages and wages stagnate. 

Perhaps meaningful regulation will be a partial  answer, but it takes a long time to bridge the gap between a vulnerability being discovered and a defensive update being installed. Basically, the attacks on consumer networks have become a war of attrition and the chances of the defending side scoring a decisive victory are zero. Security is improving but hackers are also getting better at what they do and we are stuck with the unpleasant reality that this is the way things are going to stay.