Susmita Nayak

Feb 27, 2020

Cyber-Intrusion Protection for the Smart Home

What’s new? 

As part of our mission to provide industry-leading cyber-protection for the Smart Home, we are excited to introduce our much-anticipated Intrusion Protection and Outbound IP Protection offerings–part of our Online Protection feature. These features automatically block high-risk IP based interactions to and from your connected home devices. We’ve enabled every Plume customer with this increased protection as part of their membership. 

The average Plume home in North America boasts 20 or more connected devices across all categories–computers, mobile phones, tablets, set-top boxes, voice assistants, smart TVs, printers, surveillance cameras, game consoles, hubs, and more. Each of these devices opens a unique door to potential attacks from the websites and servers they connect to: weak or reused passwords, unpatched software, targeted phishing, spam, fraud attacks, and more. 

Our newest features further strengthen the cybersecurity of your home, and since they inspect only network headers to protect from malicious actors they are also privacy-friendly. 

What are IP connections? 

Most of us connect to the internet using an easy-to-understand website name like google.com. These are resolved into an IP address like 10.23.12.223 through the DNS resolution process. Plume already protects all DNS-based connections through its Online Protection feature. However, there are scenarios where IP address is directly referenced, either by users via a browser, or inadvertently when users visit websites where developers have embedded them into web pages. Review the merits of static vs. dynamic IPs here.

Intrusion Prevention

Intrusion threat blog graphic

As part of this new set of features, Plume protects devices from malicious incoming requests by observing every connection into the home and checking for the reputation of the external server’s IP address against our enterprise-grade Global Threat Intelligence database. If the connection is deemed risky, Plume automatically blocks the flow, protecting the device from harmful malware, phishing, fraud, botnets, ransomware, scams, and other attacks that can cause loss of personal data, identity, and privacy. 

What you'll see

  • A Plume app notification informing you of the high-risk blocked event taking you to the Managed Security Events list.
  • Blocked events will appear in this list, including details regarding the threat and where it originated.


2-screens

What does this mean for users?

In most cases, there is no action required by users, since Plume has already blocked the risky connection. However, it is recommended that users review the threats blocked and devices being targeted to understand what might be driving this:

  • For personal devices like PCs, smartphones, and tablets, common applications that open ports to the internet include torrent applications, multiplayer online games, VOIP applications, additional peer-to-peer apps, etc. 
  • Game consoles can be targeted because some multiplayer games require ports to be opened up. 
  • IoT devices like surveillance and baby cameras or network-attached storage (NAS) naturally lend themselves to opening ports so they can be accessed remotely. 
  • IoT devices also use UPnP auto-forwarding for home automation, serviceability, and updates. 

Putting you in control

In most cases, you should not need to grant a connection from an address that has been blocked for security reasons. However, if you trust the connection, you can approve access for the device, user, or entire home. You can also personalize and build your own “Approve” or “Block” list for ultimate control.3-screens
Securing outbound IP connections

Further increasing your home's cybersecurity, Plume has added Outbound IP Protection. This sub-feature protects outbound connections from client devices in your home to servers on the internet directly using an IP address. It is privacy-friendly, even if you are using encrypted DNS. 

What you'll see

  • Blocked IP events will appear here under “Device access blocked,” including location details regarding the IP address it was connecting to.
  • As with the Intrusion blocking feature, you can approve access if you trust the connection. 

4-screens
Rest assured

At Plume, we know that comprehensive protection from the connections you let in and out of the house is incredibly important for smart home cybersecurity. After all, just a single vulnerable device can put your whole home at risk. With these new features entering the Online Protection suite, we’re able to better protect you from all angles, which is why Intrusion Prevention and Outbound IP Protection are automatically enabled for all SuperPod-equipped homes. Our AI Security is always adding new capabilities, so you can spend less time worrying about security issues and more time enjoying all the conveniences of your smart home.



tech security internet safety Internet Service Provider cybersecurity protection