Organizations may need to consider a broader cyber ecosystem than their deployed on-premises and cloud-based systems, according to Intel Security’s Christopher Young who addressed the issues at the recent RSA Conference 2017.[i] Smart homes are increasingly becoming a part of organization’s comprehensive attack surface[ii] as more employees take the opportunity to work from home. A smart home threat model is therefore needed to understand the upstream threats introduced to organizations by employees working from home.
February’s Threat Model of the Month
As the first in the series Threat Model of the Month, we are presenting a smart home threat model. This is a very high-level threat model which shows only a couple of smart home components but can be easily expanded to show threats related to Smart TVs, Smart Refrigerators, and so forth.
In this threat model, there is a Smart Home Gateway (Gateway), which communicates with intrusion sensors utilizing the ZigBee protocol, and smart door locks communicating through Bluetooth. The gateway connects to the Wi-Fi router, which is connected to the Cable Modem. As a backup, the gateway also connects with the Cell Tower using the 3G protocol. Homeowners (Users) can connect to a Cloud App to check the status of the intrusion sensors or open/close the smart door locks using their mobile or tablet.
Different communication protocols come with a unique set of potential threats. The ZigBee protocol between the intrusion sensors and the smart home gateway, for example, is a standard protocol for IoT devices. While the ZigBee protocol has many benefits that make it ideal for use with IoT devices, its downside includes the ability for malicious actors to quickly circumvent the home’s firewall or other security systems and send malicious instructions to the IoT devices and any system connected to the home network.[iii]
Why a Smart Home Threat Model Matters
While organizations spend significant resources on traditional intrusion detection and defensive technologies, adversaries creatively search for new or low-security attack vectors through which they can enter your system. The employee who works from an IoT-enabled smart home may provide the perfect pathway directly past your organization’s defensive technologies. Organizations, therefore, need a quantifiable understanding of the potential upstream threats posed by employees logging in from home to better manage their comprehensive attack surface.
Download the summary threat report of this smart home threat model.
Learn How to Create this Smart Home Threat Model with ThreatModelerTM
Watch this short video on how to create the above threat model with ThreatModelerTM.
[i] Pudwell, Sam. “Smart Home Attacks and Data Weaponisation: The New Threat Vectors For 2017 And Beyond.” Silicon. NetMediaEurope: London. February 17, 2017. http://www.silicon.co.uk/security/smart-home-data-weaponisation-205708
[ii] Agarwal, Anurag (Archie). : The Comprehensive Attack Surface.” Anurag Agarwal. Peerlyst: San Francisco. December 1, 2016. https://www.peerlyst.com/posts/the-comprehensive-attack-surface-anurag-agarwal
[iii] Beyst, Brian. “How Many Light Bulbs does it Take to Screw up your Life?” Brian Beyst. Peerlyst: San Francisco. November 11, 2016. https://www.peerlyst.com/posts/how-many-light-bulbs-does-it-take-to-screw-up-your-life-brian-beyst-mba