European cyber security firm, BullGuard, has developed an application that can scan your network and identify potential weak points that an attacker might exploit.
While the name of the application – BullGuard IoT Scanner – isn’t what you would call imaginative, what it does is incredibly valuable – especially if your home or office is jumping on the internet of things bandwagon.
To offer a bit of context, last week DNS hosting service Dyn was hit by a massive distributed denial of service attack (DDoS) that resulted in major websites such as Twitter and Netflix being unavailable on the East Coast of the United States.
Dyn has alleged that the DDoS was perpetrated by innocent cameras and DVRs which had been unknowingly corralled into a massive botnet by the Mirai malware.
“We’re fortunate that this incident was relatively benign, but it’s a timely reminder that security cannot be an afterthought in this emerging market,” BullGuard chief executive officer Paul Lipman said.
So, onto the IoT scanner.
To date, 100 000 unique IP addresses have been scanned and 4.6% were found to have vulnerabilities. That appears to be a small number but if you look at the fact that four billion smart gadgets are connected to the internet that 4.6% would represent some 185 million devices according to BullGuard. To put that into context it’s alleged that the Dyn DDoS attack last week was executed by tens of thousands of devices.
What the BullGuard IoT Scanner does is compare your public IP address with the IP addresses that are listed on the internet of things search engine, Shodan. Clicking the big orange button on the scanner’s homepage will prompt a search of your public IP address through Shodan. If there are no vulnerabilities you’ll get the all clear but if there are vulnerabilities BullGuard will provide on the steps you need to take to secure the device you scanned.
Now that scan is fine but if like us you have many smart devices in your home and want to make sure those are safe as well, you can perform a Deep Scan but be wary.
As BullGuard points out running a deep scan will add any open internet facing ports on your network to Shodan. If a Deep Scan yields any results, BullGuard will once again advise you on the steps you need to take to secure your network.
If you’re fretting about the fact that your network can now be seen by the world, don’t. As long as you take the steps BullGuard suggests to you, your network should be secure. If that isn’t enough to stem your concerns Lipman says, “The [Shodan] database is refreshed periodically, so this information may not be stored permanently.”
Securing your network can insure that – for now – your internet of things devices aren’t being hijacked by malware such as Mirai.
The BullGuard IoT Scanner is free and we’d recommend giving your network a scan now and when new devices are added to it, just to be safe.
UPDATE 27/10: A quote in the original story attributed to a BullGuard representative has been corrected.
The BullGuard CEO has also said, “Shodan is continually scanning the entire internet IP range, so if your devices are publicly accessible they will ultimately be likely to end up in the Shodan databse – regardless of whether you perform a BullGuard deep scan.”