Targeting hacks on ‘smart devices’
University of Texas at San Antonio researchers hope to detect attacks in real time, notify organizations of vulnerabilities
SAN ANTONIO — As the coronavirus pandemic spread this year, brilliantly colored dots proliferated across an interactive map on a big screen in a University of Texas at San Antonio lab.
They were tracking infections of the cyber variety, which were spreading wildly, too — in “smart devices” such as security cameras, thermostats, digital video recorders and baby monitors.
Attacks on objects, other than computers, that connect to the internet more than doubled when compared with the months before the pandemic emerged, according to research led by Elias Bou-Harb, associate director of the Cyber Center for Security and Analytics at UTSA’s business school.
Experts believe 9 out of 10 smart devices send unencrypted information across the internet. The swelling number of people working from home provides an ideal environment for hackers, who can jump from smart devices to machines that log into organizations’ networks, Bou-Harb said.
“The devices are being pushed to the market with little security in mind,” he said. “They’re vulnerable to basic attacks.”
Bou-Harb and a team of researchers have been analyzing network traffic worldwide. On any given day, they can see hundreds, if not thousands, of undetected hacks in smart devices in the U.S. alone.
Now UTSA’s Cyber Center is improving on its database with the goal of detecting smart device hacks in real time and notifying organizations or internet service providers of vulnerabilities. That system could be operational by year’s end, Bou-Harb said.
The researchers also are building infrastructure to narrow their findings to smaller geographic areas, such as San Antonio, Houston or Austin, for the public.
“I’m really looking forward to having our system where we can start making an impact on cybersecurity here in San Antonio, and in the United States and all over,” Bou-Harb said.
UTSA’s Cyber Center leverages data from the Homeland Security Department and the University of California San Diego, which together built a “network telescope” that uses sensors to capture a large sample of malicious traffic. But UTSA’s center is unique in using the data to analyze attacks on smart devices, while most other cybersecurity experts use it to address computer hacks, Bou-Harb said.
Once the cybersecurity center had the network telescope data, researchers used it to map hacks using different colored dots, with red circles indicating the greatest volume of malicious activity.
The goal is for average people to see and understand the data, said Nicole Beebe, the center’s director.
Some hacks on smart devices are sponsored by foreign governments that use botnets, or networks that run orchestrated malicious scripts, compromising thousands of devices daily, BouHarb said. A few such campaigns targeted smart devices in the medical sector, he said. Smart devices can also be infected in water and power facilities.
Bou-Harb’s project has received a National Science Foundation grant to continue until 2022 and possibly longer.
Through federal funding, they acquired servers to run a smaller amount of data at UTSA. In an innovative method, they taught machines to identify patterns in network traffic that flag compromised devices, Bou-Harb said. Then they can scan to get identifying information about the hacked devices and log their findings in a database.
When the system is complete, they will be able to notify consumers, organizations or service providers if smart devices on their networks have been hacked, BouHarb said.
The lab is working on ways to determine how devices were compromised and how to fix vulnerabilities remotely. But BouHarb also wants to teach the public about heightened risks that come with smart devices and about basic protection strategies.
“We would like the nontechnical society to be aware not to adopt these technical devices blindly,” he said. “Keep an eye on your devices.”