Smart home cybersecurity news: Malware stats amid COVID-19 [April 2020]
The smart home's attack surface has only grown since the start of COVID-19. As remote workers connect new devices to their home networks, access sensitive work files, and use work devices for personal use, attackers are paying attention. Here's what some of the most recent data (including Minim's) shows regarding malware found on the home office network.
45% of corporate-associated home networks found with malware
On April 14th, security ratings company BitSight released a report that detailed the security posture of 41,000 remote organizations. The results highlighted how much more common it is to see malware on the home network:
Networks used to work from home are 3.5 times more likely to have malware present than the traditional corporate network. 45% of companies had malware on their employees’ work from home networks, whereas only 13.3% of companies had malware on their corporate networks. [BitSight Report]
The report goes on to describe that remote employees and their organizations will continue to face risks as the home network is also more prone to certain malware variants than the corporate network:
- Mirai, a botnet that caused the largest DDoS attack back in 2016 (see Why Minim), is found 20 times more frequently on the home network than the corporate network
- Trickbot, a sophisticated banking trojan that targets sensitive information, is found 3.75 times more frequently on the home network than the corporate network
Considering this information, we decided to take a look at the Minim platform, which accumulates data from networks world-wide. Here's what we found:
38% of home office networks saw a malware event in the last month
This analysis looked at Minim platform data from a recent 30-day period (3/26/20 to 4/24/20) and found that 38% of the networks managed via the Minim platform experienced a malware issue during this time— which is notably amid COVID-19.
The top malware variants we detected, along with the percentage of networks that encountered them, are listed below:
- Mirai - 1.9%
- Gumblar - 2.92%
- Ramnit - 3.64%
- Matsnu - 5.02%
- Necurs - 5.11%
- Pizd - 5.71%
- Simda - 10.37
- DirCrypt - 13.94%
- Suppobox - 17.09%
- Banjori - 19.92%
As you can see, the malware variants targeting the home are widespread and therefore, pose numerous risks to home internet users, remote workers, and organizations alike.
Plus to top it off, many antivirus solutions are also not up to par to fend off these attacks:
Security researchers at Rack911 Labs found 28 well-known antivirus tools could have common vulnerabilities giving attackers the ability to delete files and prompt system crashes, allowing them to then install potentially damaging malware. The report names antivirus programs including McAfee Endpoint Security, Microsoft Defender and Malwarebytes in its list of products that could have or have had bugs that could eventually result in malware installations. [TechRadar]
In addition to these recently discovered antivirus security flaws, firewalls and VPN services (commonly used by remote workers) also aren't enough.
As such, smart home cybersecurity remains top of mind for Minim, and now many others, as the home network operates in place of the corporate network. For remote working security and performance tips, check out our Minim guide.
Past smart home cybersecurity news roundups:
- June 2019: Linksys Smart WiFi router vulnerability and Android pre-installed backdoor
- July 2019: Website drive-by attacks on home routers
- August 2019: VxWorks and Google Nest Cam IQ Indoor vulnerabilities
- September 2019: SMS-based attacks and major router vulnerabilities
- October 2019: What is Gafgyt malware?
- November 2019: What is Light Commands?
- December 2019: Blink camera and Ruckus router vulnerabilities
- January 2020: Ring doorbell privacy concerns
- March 2020: Work From Home edition