Knowledge Base / News
On Friday, October 21st 2016, an unprecedented attack was made on Dyn, a DNS provider that helps Internet traffic across the globe make its way to many of the world’s popular websites.
A significant number of heavily -trafficked sites were down for a good part of the day, including Twitter, The Wall Street Journal, Spotify, PayPal, and Netflix among many others.
What makes this particular internet attack interesting is the fact that it used Internet of Things (IoT) devices to launch the denial of service traffic against Dyn. In years past, these attacks were usually the result of servers and desktop computers that were infected by malware, and unknowingly used to launch the flood of traffic that brought down targeted servers or websites. This most recent attack used IoT devices such as routers, IP cameras, DVRs, thermostats – basically any device that connects to the internet to send updates to users, or allows itself to be controlled remotely by its owner.
IoT device security has been in the news a lot recently due to the publicizing of some major IoT device security flaws manufactured by a company in Taiwan. Soon after that information was made public, and source code was released for a larger exploit that impacted a number of other types of devices, IoT devices were used to send the traffic that brought down Dyn’s servers. This followed earlier smaller attacks and warnings from security experts that a larger attack was likely very soon.
Room Alert is firmly within the IoT sphere, as it’s designed to send alerts and notifications to users based on the environment factors it’s monitoring. Room Alert can also take automatic corrective action based on those alerts, such as turning on a water pump or fan if certain environment triggers are set up.
It’s important to note that although Room Alert is considered an IoT device, we’ve taken a good number of steps to help protect the security of our devices and our customers.
One major security flaw with some IoT devices is tied into the firmware and software the devices run. When IoT devices run common embedded Linux operating system versions, and specifically the Busybox software that provides stripped down versions of common Unix tools in a single executable, it’s easier to find ways to manipulate those devices from the outside.
Room Alert’s firmware is purpose built, which means that it’s specifically designed for Room Alert devices. Room Alert runs very specifically designed firmware that’s set up to only provide the functions the devices need to monitor, alert and report – that’s it. Room Alert does not run any embedded Linux. In fact, Room Alert does not have an operating system at all, nor does it leverage the common Busybox Unix tools.
Our GoToMyDevices portal offers our customers an easy and secure way to monitor and manage Room Alert. Users can see their devices, reports, alerts, and data directly within the GoToMyDevices portal from any internet-connected device. Sensor data is pushed directly to GoToMyDevices from Room Alert; GoToMyDevices does not require a connection back to Room Alert.
Since traffic is only one way, from Room Alert on the customer’s network to GoToMyDevices, there’s no need for users to open up ports on their local firewalls. Traffic doesn’t need to get in when customers use GoToMyDevices, and users don’t need to worry about those additional open firewall ports adding additional potential points of entry for malicious traffic.
Universal Plug and Play, commonly referred to as UPnP, is a protocol that’s widely used in internet-connected devices to make them easy to set up, and also allows them to discover other devices on their local networks to “talk to”. This protocol has been identified as a major vulnerability when it comes to outside malicious traffic, and has been recommended to be disabled in many instances.
Room Alert does not use UPnP to connect itself to other local network devices or GoToMyDevices for remote monitoring. Again, as we noted above Room Alert uses custom firmware and is designed to provide one-way traffic to our GoToMyDevices platform, the preferred way to monitor your Room Alert. By not using UPnP, we’ve removed one major way IoT devices can be exploited by malicious users and traffic.
UPDATE – Our Support Team has published an FAQ on how to further increase security on a Room Alert, which includes instructions on disabling unwanted or unused features.
Going forward, it’s expected that more Denial of Service attacks such as the one suffered by Dyn will occur. With so many devices connected to the internet it’s inevitable that these types of attacks will last longer, and potentially cause more damage. We always keep those security issues in mind here at AVTECH, which is why Room Alert is designed to run its own purpose-built firmware, offering very little in the way of potential security holes. We know that our business is protecting our customers’ most important assets. Our customers can trust that AVTECH takes security very seriously and is continuously evaluating our products against current and future threats.
If any of our users or partners worldwide have any questions about Room Alert, GoToMyDevices, or our products in general as it relates to their security, we welcome you to contact us at any time. We fully stand behind our products here at AVTECH and are glad to know our users in over 180 countries stand behind them as well.
Note: The former GoToMyDevices online monitoring and management platform was migrated into RoomAlert.com in December 2017. For more information, please see our announcement article and FAQ.