Sam Stelfox

Smart home cybersecurity news: Malware stats amid COVID-19 [April 2020]

The smart home's attack surface has only grown since the start of COVID-19. As remote workers connect new devices to their home networks, access sensitive work files, and use work devices for personal use, attackers are paying attention. Here's what some of the most recent data (including Minim's) shows regarding malware found on the home office network.

Smart home cybersecurity news

45% of corporate-associated home networks found with malware

On April 14th, security ratings company BitSight released a report that detailed the security posture of 41,000 remote organizations. The results highlighted how much more common it is to see malware on the home network:

Networks used to work from home are 3.5 times more likely to have malware present than the traditional corporate network. 45% of companies had malware on their employees’ work from home networks, whereas only 13.3% of companies had malware on their corporate networks. [BitSight Report]

The report goes on to describe that remote employees and their organizations will continue to face risks as the home network is also more prone to certain malware variants than the corporate network:

  • Mirai, a botnet that caused the largest DDoS attack back in 2016 (see Why Minim), is found 20 times more frequently on the home network than the corporate network
  • Trickbot, a sophisticated banking trojan that targets sensitive information, is found 3.75 times more frequently on the home network than the corporate network

Considering this information, we decided to take a look at the Minim platform, which accumulates data from networks world-wide. Here's what we found:

38% of home office networks saw a malware event in the last month

This analysis looked at Minim platform data from a recent 30-day period (3/26/20 to 4/24/20) and found that 38% of the networks managed via the Minim platform experienced a malware issue during this time— which is notably amid COVID-19.

The top malware variants we detected, along with the percentage of networks that encountered them, are listed below:

As you can see, the malware variants targeting the home are widespread and therefore, pose numerous risks to home internet users, remote workers, and organizations alike.

Plus to top it off, many antivirus solutions are also not up to par to fend off these attacks:

Security researchers at Rack911 Labs found 28 well-known antivirus tools could have common vulnerabilities giving attackers the ability to delete files and prompt system crashes, allowing them to then install potentially damaging malware. The report names antivirus programs including McAfee Endpoint Security, Microsoft Defender and Malwarebytes in its list of products that could have or have had bugs that could eventually result in malware installations. [TechRadar]

In addition to these recently discovered antivirus security flaws, firewalls and VPN services (commonly used by remote workers) also aren't enough.

Securing the smart home: Why aren't traditional security technologies enough? (PDF)

As such, smart home cybersecurity remains top of mind for Minim, and now many others, as the home network operates in place of the corporate network. For remote working security and performance tips, check out our Minim guide.

Past smart home cybersecurity news roundups: 

Like this blog?

Subscribe to our newsletter.