Dozens of devices, More than 6 kilometers of cables, and a Faraday Cage give researchers a new place to crack open the IoT
Avast has opened its Internet of Things Lab in the lobby of the company’s headquarters in Prague, the capital of the Czech Republic. With dozens of devices, 30 Wi-Fi routers, three 3-D printers, 100 outlets, and 6 kilometers of cables, the lab provides visitors with insights into IoT technologies while giving researchers and analysts a new state-of-the-art facility for their everyday IoT research.
Vladislav Iliushin with the Avast IoT Lab's Faraday Cage.
The lab includes a Faraday Cage used for radio frequency experiments that few labs in the industry can do because it is illegal to transmit signals that could interfere with broadcast, government, and military networks. Avast uses the Faraday Cage (EMC shielded room), a steel-walled room that blocks electromagnetic signals from coming in or out, to make sure no signals inside the cage interfere with signals outside the cage.
Visitors of the Avast IoT Lab can also see the Avast Omni, a new network-based consumer security product currently available in the US, which protects devices at home and on-the-go. Omni blocks malware uploaded to vulnerable IoT devices, and blocks and suspends infected IoT devices being used as a bot.
The IoT Lab is the labor of love of Vladislav Iliushin and Marko Žbirka, IoT threat researchers at Avast. “It took a year to pull this lab together, and we’re excited to get to expand our work in this key area of cybersecurity where consumers need protection,” Iliushin said.
Iliushin said the lab is a collection of resources that will help Avast researchers across the company to “stay a step ahead of the bad guys.” The team can do security analyses of different IoT devices, run IoT malware samples on real hardware instead of device emulators, hack into hardware using a soldering station and microscope, or experiment with broadcast waves in a way few companies can. “This facility represents a commitment to anticipate and outrun cybercrime.”
The facility is a place where researchers can crack open innocuous devices consumers might not realize are a cybersecurity threat, such as an internet-connected coffee maker on display that Avast researchers hacked remotely to turn into a ransomware machine.
The IoT Lab's hardware workbench allows researchers to dissect devices.
At an extensive hardware workbench researchers can dissect hardware with soldering tools and a high-powered microscope. Iliushin said the hardware workplace surprises some visitors, but it is part of a holistic approach to cybersecurity that must address the entire IoT cybercrime world. “A lot of people ask us why do we need the IoT Lab and all the hardware. The answer is simple: Bad guys don’t care if we’re a software company doing security. They use any tools to find vulnerabilities in devices, and we will use all tools and means necessary to stop them. ”
At the other end of the spectrum from the hardware workbench is super-fast internet to streamline research. A 10-gigabit-per-second connection can download large data sets in seconds rather than minutes, giving researchers much-needed response time when working to stop a threat. A server room that replicates an entire neighborhood of smart homes also gives the researchers insight into the real world of IoT. “We have put a lot of thought into the design of our server room, where we can connect about 100 physical Smart Home networks with different devices on them and then run different kinds of experiments,” Žbirka said.
The lab's transparent standup desk lets you watch your computer work.
The lab also includes a transparent standup desk where you can see inside two personal computers worked on at the desk.
But not everything in the lab is “smart.”
In a closet of the lab is the dumbest microwave you may ever see in the 21st century – it doesn’t include quick settings, users must set the cooking time manually, and open the oven by pushing a button rather than with a door handle. Why does such a futuristic facility cook snacks on such an anachronistic machine? “It provides historical perspective,” Iliushin said, smiling.
Join in as Garry Kasparov discusses the intersection of rights and social media in the age of AI during an upcoming Reddit AMA session.
At this year's Collision conference, Avast CISO Jaya Baloo led a panel that explored several myths and misconceptions about tech abuse.