In the HBO comedy “Silicon Valley,” one of the main characters hacks into an Internet-connected refrigerator, replacing the normal functionality of the fridge’s screen with something decidedly less cool. When the manufacturer’s managers are confronted by the security breach, they punt responsibility. “We don’t have any experience with the Internet. We make refrigerators!” they exclaim.
The scene is played for laughs but the possibility that the increasingly ubiquitous world of Internet of Things (IoT) devices – connected refrigerators, smart lightbulbs, networked security cameras, mobile-controlled thermostats and other devices that “talk” to each other – can be taken over by bad guys has fueled a thriving new subset of the cybersecurity industry.
“Eighty percent of IoT devices have security flaws,” Yossi Atias, the Israel-based general manager of IoT Security at anti-virus security company BullGuard in the UK tells ISRAEL21c. “We’ve heard horror stories of hackers who got into baby monitors and started talking to the babies!”
To combat the looming IoT home hacking epidemic, Atias started Dojo Labsin 2014.
The company developed the Dojo Pebble, a gadget you place near your modem or Wi-Fi router that constantly checks the security status of your network. It will light up green if your network is good, orange if there’s a problem with malware or another threat the Dojo’s software knows how to deal with, or red if some direct user intervention, such as entering an authorization code, is required.
Dojo uses machine learning and crowdsourced data from the cloud to identify and stop hackers before they can cause real damage.
The technology Atias and his team developed to build the Pebble proved popular – so much so, that in 2016, BullGuard acquired Dojo Labs. The company, now called Dojo by BullGuard, continues to operate independently out of Israel. Its staff of 35 is expected to reach 50 by the end of 2018.
Dojo followed up the Pebble with a free mobile app that allows consumers to scan their networks for vulnerabilities even without the Pebble.
We ran the Dojo app on our own home network. It quickly found 12 devices with 48 vulnerabilities, including a few with a severity level of 3 (on a scale of 1 to 10). The average number of connected devices at home – including phones and PCs — is now between 15 and 25, Atias says.
Gets smarter as threats increase
In June, the company announced its newest product, the Dojo Intelligent IoT Vulnerability Scanner for Communication Service Providers (CSP).
The name is a mouthful but it’s a simple and useful concept that moves the Dojo’s monitoring and fixing functionality from a separate device like the Pebble or a mobile app to your Internet service provider.
A survey by consulting firm Accenture found that 80% of consumers would prefer a “single trusted provider that can offer support, security and the convenience of an ‘out-of-the-box’ experience” and that 71% would choose their CSP to manage their connected home.
“CSPs have both the onus and the opportunity to ensure that the meteoric rise of smart home devices doesn’t result in an equally meteoric rise of IOT-related cyberattacks,” Atias warns.
Dojo’s CSP product can be built into new routers or added to existing ones as a software upgrade. The CSP can choose to manage the service or outsource it to Dojo to deploy. The Dojo platform is open to the integration of third-party apps, so it should continue to get smarter as the threats increase.
In August, the company announced the launch of the Cyber@BGU-Dojo by BullGuard research lab, a partnership with Ben-Gurion University’s tech-transfer company BGN Technologies, to develop practical, implementable research to further develop the capabilities of the CSP product.
Most CSPs probably will bundle the Dojo product with other services, most likely adding a few dollars to one’s monthly Internet bill.
Rapidly growing market
IoT smart home devices are a rapidly growing market – just look at the success of products like the Amazon Echo, Google Home and Apple HomePod. Analyst firm IDC forecasts that total worldwide spending on the Internet of Things will reach $772 million in 2018, a 15% increase over 2017.
Not surprisingly, there is no shortage of cybersecurity companies working to stop would-be hackers. “It’s getting crowded,” Atias admits.
Romanian-based Bitdefender claims to be the world’s largest, with 500 million customers, but doesn’t have a CSP offering, at least yet. AVG is another giant in the space; the company acquired fellow Czech Republic-based antivirus maker Avast in 2016.
Atias is convinced that Herzliya-based Dojo – and Israeli companies in general – have a leg up over the competition given the strong cybersecurity training Israeli techies get from their military service. “Our cyber team is all coming from that domain,” Atias tells ISRAEL21c.
Atias estimates there are some 420 cybersecurity companies in Israel, and that sector will continue to grow. “It’s an endless fight between the bad actors and the industry that tries to protect the world from them,” Atias adds. “In Israel, it’s become almost a national objective to be a leader in this area.”
Since its acquisition by BullGuard, Dojo has more than tripled its sales and is developing new products.
That’s good news for consumers who will soon find it difficult to buy a device for their home, whether that’s a TV, fridge or even the lock to the front door, that isn’t connected to the Internet and, as a result, potentially vulnerable.
The Dojo Pebble is available online at Amazon, BestBuy, QVC and other international e-commerce sites for $129.