F-Secure has joined the prpl Foundation to provide a more secure consumer experience when customers use their home Wi-Fi network and Internet of Things (IoT) devices.
The move leverages F-Secure’s position as a long-standing and trusted cyber security vendor with a network of 200+ operator partners worldwide.
F-Secure joins at a time when the prpl Foundation is working with operators to harmonize development processes, integration points, and security standards across the hugely fragmented router industry. Unreliable Wi-Fi coverage issues persist in some parts of people’s homes some two decades following the broadband revolution.
“This is because nobody has addressed the need for a common software framework to provide services to be delivered seamlessly on top of different platforms,” says F-Secure Principal Consultant, Operator Market, Tom Gaffney. “Too many different vendors in the ecosystems have built proprietary solutions.”
He goes on to explain that the lack of a common standard has resulted in the process being fragmented. This is because different drivers and backends are currently needed to make Wi-Fi work with different processes and chips.
“This has led to complex development cycles for service providers and vendors, which also exposes significant security flaws in our increasingly connected world,” comments Gaffney.
The prpl Foundation is an open-source, community-driven consortium with a focus on making security and interoperability of embedded devices for the IoT and smart society more robust.
For this, prpl members are developing a support framework called prplWRT. The solution is a mix of tools, open-source development, and guidelines designed to complement OpenWrt – a Linux-based platform used by many router vendors as the basis for their software stacks.
“We are absolutely delighted to welcome F-Secure to our Foundation and look forward to a productive partnership towards a future with a safer home Wi-Fi experience for consumers,” says Art Swift, president of the prpl Foundation.
“F-Secure, as a global, leading cyber security provider, is pleased to join the prpl Foundation to share our wide expertise in the creation of a security standards to build a better, more secure connected world,” Gaffney concludes.
Cyber criminals upped the intensity of IoT and SMB-related attacks in the first half of 2019, according to a new F-Secure report, “Attack Landscape H1 2019”. The report underscores the threats IoT devices face if not properly secured when online, as well as the continued popularity of EternalBlue and related exploits two years after WannaCry.
F-Secure’s honeypots – decoy servers that are set up to lure in attackers for the purpose of collecting information – measured a twelvefold increase in such events compared to the same period a year ago. The increase was driven by traffic targeting the Telnet and UPnP protocols, which are used by IoT devices, as well as the SMB protocol, which is used by the Eternal family of exploits to propagate ransomware and banking Trojans.
Telnet traffic accounted for the largest share of traffic for the period, with over 760 million attack events logged, or around 26 percent of traffic. UPnP was the next most frequent, with 611 million attacks. SSH, which is also used to target IoT devices, had 456 million attacks. Likely sources of this traffic are IoT devices infected with malware such as Mirai, which was also the most common malware family seen by the honeypots. Mirai infects routers, security cameras, and other IoT devices that use factory default credentials.
Traffic to SMB port 445 accounted for 556 million attacks. The high level of SMB traffic is an indication that the Eternal family of exploits, the first of which was used in the devastating WannaCry ransomware outbreak of 2017, is still alive and well, trying to ravage millions of still-unpatched machines.