Communication between devices, homeowners, and technicians is a fundamental element of the modern smart home security design. Unfortunately, this connectivity between parties, as well as to home networks and the countless other devices on it, is prone to exploitation should bad actors gain access. In an effort to find potential entry points into devices or network before hackers do, cybersecurity firms run what is called “white hat hacks.” These campaigns are benevolent probes into organizations’ security postures, with findings then revealed and acted on in partnership with the target organization. Abode recently partnered with Europe-based cybersecurity firm Bitdefender to conduct exactly such an exercise.
Bitdefender is a well-known global organization headquartered in Bucharest, Romania but with offices in the US, the Middle East, and Australia. Though their main business is in security software for consumer smart devices and computers and a managed service for enterprise-level customers, Bitdefender also conducts benevolent white hat hacks into enterprises.
During an audit of Abode solutions, Bitdefender discovered a few blind spots in the security posture of Abode IOTA smart cameras that allowed for the possibility of “Man-in-the-Middle” (MitM) type attacks. Upon discovery, Bitdefender contacted Abode to showcase their findings and work together to implement fixes.
Abode swiftly began working with Bitdefender to patch, test, and repatch each of the notifications brought to our attention by the group. Throughout the process, Bitdefender was highly professional and principled to work with, emphasizing that their work was in the name of security, not in pursuit of financial recompense. This entire process lasted the span of a few short months. From notification, to response, to action – Abode worked alongside Bitdefender to not only patch, but confirm with their experts that the deployed patch was solid. Abode plans to continue our relationship with Bitdefender to identify and address any future issues that may arise as we upgrade our products’ software and firmware.
As you can imagine, security is at the heart of our business, so we will always work tirelessly to shore up our own blind spots so we can continue helping our customers shore up theirs.
Additionally, it is important to note that zero Abode customers were affected by this process and the patch to the shared findings by Bitdefender has already been issued to all Abode customers.
The full incident report from Bitdefender can be found here