Here’s an overview of the different types of threats that the Advanced Security feature will help prevent:
- Unauthorized Access Attempts: This happens when a device outside your WiFi network tries to access another device connected to your network, usually through open port forwards on your connected device. While open ports are needed for certain apps and features, we recommend reviewing your open ports regularly and deleting the ones you don’t need. If the request from the outside device is non-threatening (e.g., if you’re trying to access your home security system from a local restaurant) you can locate the blocked request in the Threat History for the affected device on the Security dashboard in Ignite HomeConnectTM and allow temporary access.
- Suspicious Site Visits: This happens when we stop a device that’s connected to your home WiFi network from visiting a potentially malicious site. This site may contain malware, spyware, ransomware or viruses that can infect devices and make them vulnerable to personal data collection, blackmail or attacks on other computers and networks. We’ll often block just a section of a page from loading (e.g., a banner ad) if there’s only one component that’s deemed to be threatening. If this happens, you’ll still be able to load the rest of the page and may not even realize any content was blocked. The Threat History for an affected device on the Security dashboard in Ignite HomeConnect lists all the blocked Suspicious Site Visits, including the specific site that was blocked and the reason why. If a full page is blocked and you still want to visit it despite the potential risk, you can choose to override Advanced Security and allow access for one hour by selecting Allow Access.
- Suspicious Device Activity: Most smart home devices have predictable usage patterns and sites they contact. Suspicious Device Activity occurs when a device deviates from its normal behaviour, like connecting to an IP address that it doesn’t normally interact with. We’ll block this suspicious activity to avoid data theft, but the occurrence itself indicates that the security of the device may have been compromised and corrective action is required. For this reason, whenever you encounter Suspicious Device Activity, simply restart your device and make sure that it’s running the latest software.
- Targeted Network Attacks: This occurs when a device on your WiFi network has been infected with a virus or malware and, as a result, has tried to participate in an attack on another network. This type of attack is also known as a Denial of Service (DoS) attack. We’ll block this type of attack, but the occurrence itself indicates that the security of the device may have been compromised and corrective action is needed. For this reason, whenever you encounter a Targeted Network Attack, simply restart your device and make sure that it’s running the latest software.
- IP Reputation Threats: This occurs when a device that we’ve identified as coming from a known malicious source tries to access a device connected to your home WiFi network. Typically, IP Reputation Threats occur through open ports on the device. The goal of the attack is to access the device – for example, to obtain personal information and/or compromise the device. To keep your network safe, we automatically block access attempts from known malicious sources. While open ports are needed for certain apps and features to run properly, we recommend reviewing open ports on a regular basis and deleting those you don’t need open.
To further protect your devices, we highly recommend using strong passwords and changing them regularly. We also suggest installing and running up-to-date antivirus software for devices connected to your network such as laptops, desktops and smartphones.