Using AI to protect IoT devices: a Q&A with Cujo AI

IoT Devices
(Image credit: Shutterstock)

In our increasingly digital world, the devices around us have gotten smarter and now form a massive intertwined network known as the Internet of Things (IoT). Unfortunately though, many device manufacturers rushed to bring these new products to market and failed to secure them properly. 

Since IoT devices connect directly to a home or office network, they pose a significant threat if exploited by cybercriminals. This has led to a rush to secure IoT devices from potential attacks and exploits. TechRadar Pro spoke to Cujo AI to learn more about how the company is using its AI-powered platform to monitor IoT devices on a global scale.

What are the biggest threats to IoT devices today and how does your platform use AI to protect against them?

IoT ecosystems were known to have a wide variety of problems: insecure design and architecture, no  security standards, and the lack of quality control in the market. Even though these problems are being  taken care of, it is not a quick process, so they still exist for the most part. 

These issues are compounded by the fact that you cannot use traditional security solutions (like anti malware solutions for laptops or smartphones) on most IoT devices, which means that you rely solely on  the vendors to take responsible steps designing, developing, and supporting the product.  

All in all, one of the biggest threats of IoT devices is the possibility to exploit them silently. This can happen  whenever an attacker gains access to the device. If this happens on a network that does not use any  additional security solutions, the IoT device might not only leak private data, but also participate in a  coordinated attack as part of a botnet infrastructure. 

In terms of our solutions, there are multiple layers of protection they provide to home users and their  connected devices. For example, if a new zero-day infection is spreading and targeting IoT devices, our AI-based solution can automatically detect and block any anomalous connections that are not known for  the particular IoT device models by examining the connectivity patterns of all IoT devices on the  network. 

AI

(Image credit: Pixabay)

How is CUJO AI able to leverage AI and ML to block emerging threats?

The power of AI lies in the fact that it is not reactive, as it does not rely solely on past factual knowledge  or threat intelligence. While reactive threat management is without a doubt extremely important in  protection services, relying solely on it is nearly impossible, as it leaves a time gap between when a new  zero day is discovered and exploited, and when protection measures are distributed and applied.  

An efficiently developed ML and AI solution is one of the best ways to close this gap and notice any new  malicious activity from the very beginning. Our big-data systems do this by analyzing network  communication metadata from millions of homes that use our solution. Key features our models extract  from this data help us improve, retrain, and test our AI and ML solutions. This is one of the main drivers  of success for CUJO AI: data is the answer to most questions related to AI and ML. 

How is your technology deployed by broadband operators in the US?

Broadband operators deploy our solutions on the edge of their networks in self-hosted or owned cloud  instances, so the data always stays with the network operator. Our features focus primarily on metadata analysis, which never impacts network connections in any significant way. This, by the way, is a primary  concern for every operator. As for the way the technology is deployed – it depends on each operator:  most prefer to roll out test batches of managed networks before scaling the solution or adding  additional security, device intelligence or digital life solutions.

Currently, CUJO AI protects more than 760 million connected devices in 25 million homes. We have  proven our ability to meet broadband operators’ needs around the world, including Comcast and  Charter Communications in the US. 

In the end, our clients report higher end-user satisfaction, lower customer support costs, and more  avenues for incremental revenue. Today, CUJO AI covers the largest inventory of devices in the world  with the broadest ability to detect, categorize and protect in real-time. 

Can you tell us more about CUJO AI’s Digital Life Protection services?

Our Digital Life Protection solutions focus on several aspects of end-user cybersecurity. For end-users there’s Sentry network security, which relies on big data solutions to analyze malicious activities and  protect vulnerable devices. Then there’s Compass, which gives users controls for digital parenting and  prevents access to malicious content. And lastly, we also offer Incognito, a comprehensive privacy  protection platform that blocks most known online trackers. 

In terms of network operators, we have Explorer, which handles the overall security and statistical data precision on the networks through algorithmic metadata analysis. These statistics really come to the  fore with Lens – a customizable dashboard for full data analysis and threat management. 

Thanks to our use of machine learning and artificial intelligence, we can provide a full suite of these services at scale. 

5G

(Image credit: Shutterstock)

Your company recently became a member of the European Telecommunications Standards Institute (ETSI). What are the benefits of this and how will it allow you to become more involved in future rollouts of 5G infrastructure and applications?

Our immediate goal for joining ETSI was the ability to join the standardization and development of 5G  Core networks, in order to ensure the protection to end-users on mobile networks. While CUJO AI is well  known for the superior network-based protection it offers to end-user in their homes, an ever increasing number of devices connect to the internet via mobile networks or migrate between router based connections at home and mobile connections, often in ways that are not transparent to the end user.  

We believe it is crucial to protect consumers and their devices, no matter how they connect to the  internet. The natural way to do that is by participating in the standardization and development efforts of  5G mobile networks, as well as other networking standards. It enables CUJO AI to offer insights about  protection from any network-based security threats by using technologies that have proven successful in the past. Our initial focus will be on enhanced Mobile Broadband (eMBB).  

There are also new avenues we find interesting, such as network virtualization and edge-computing, as  well as the higher bandwidth and lower latency in 5G networks. Last, but not least, we want to help  protect people in the future with ETSI’s other standardization efforts, such as the “5th Generation Fixed  network” (ISG F5G) efforts, or the “Europe for Privacy-Preserving Pandemic Protection” (ISG E4P) group. 

What does the future hold for CUJO AI and are you currently working on any new products?

CUJO AI’s Security Lab is constantly monitoring the threat landscape and creating new ways to keep our customers secure. One of the most exciting research topics for the Lab is the concept of leveraging our ML capabilities to proactively identify and mitigate risks even before they manifest themselves as  threats. In essence, our researchers will be able to detect and flag unpatched and vulnerable IoT devices on NSP networks. Network operators will then be able to isolate a vulnerable device from any others on  the home network to ensure it is not used as an entry point by attackers.  

CUJO AI is also finalizing a solution to protect mobile devices outside of the home network. A small piece of code on a smartphone can extend the same parental control policy and security protection when the  device is on cellular or public hotspot networks – the latter representing an increased risk as one can  never be sure of the downstream systems that user traffic flows through before it hits the Internet.