If there are two things that the average American internet user would agree shouldn’t go together, it’s Comcast and network traffic monitoring. After all, it was Comcast’s own shady data practices that helped spur the calls for net neutrality regulations in the US (which have since lapsed) and drove millions of users to sites like Bestvpnrating.com in search of ways to shield their traffic from the ISP’s prying eyes. At this year’s CES, however, it looks like Comcast is making a play to have subscribers to voluntarily allow them to monitor their network traffic both inside and outside their home network – but in the name of security.
To that end, Comcast has announced the launch of their new Xfinity xFi Advanced Security service, which will use artificial intelligence and machine learning to provide adaptive security for all devices connected to a subscriber’s home network. The service is intended as a way for users to protect the myriad connected devices that now exist in the average American home, from smartphones to IoT devices and everything in between.
The move comes at a critical time in the world of internet security, as there are now more connected devices in the world than there are people, and the flood of new devices don’t abide by any recognized security standards. In fact, cybersecurity firm Symantec charted a 200% rise in implanted malware attacks in 2017, meaning that a wide range of IoT devices arrive in consumer homes already infected with some form of malicious software.
Comcast’s new security offering seeks to proactively identify suspicious traffic patterns and connections to known malicious addresses network-wide, rather than on a per-device basis. That way, according to Comcast, users won’t have to worry about installing any specific software on new devices, and they can extend protection to non-customizable connected devices, like smart TVs, thermostats, and smart speakers.
The system doesn’t stop at known threats, however. The AI behind the service, provided by Comcast technology partner Cujo AI, builds a profile of existing network devices to establish a baseline of normal behaviors. In other words, it will know that an Amazon Alexa-powered device will contact Amazon servers on a regular basis to poll for software updates. That way, if the device suddenly begins contacting an unknown IP address each day, the security service can block the connection and notify the user that there could be a problem.
It is that kind of behavior that makes AI such a valuable part of next-generation network security because the ever-growing list of smart devices in the world don’t always conform to the same activity profiles, making advanced detection of anomalous behavior a huge challenge. Finding a way to spot trouble in such an environment is critical, especially because of the sensitive types of data that today’s connected devices might contain. For example, an attacker that gains access to your connected robotic vacuum could end up in possession of a detailed map of your home.
The good news for potential users of the new security platform is that it includes a detailed dashboard that can alert them to anything amiss in their network, including threat detection notifications and explanations of what’s been blocked. That should allow even novice users to feel more secure without having to resort to any other hard-to-configure security solutions.
The system can even conduct proactive network scans, which might identify open ports or known security flaws on existing devices. The mere act of shielding home users from such vulnerabilities by shutting down outside access to networked devices should prove a valuable addition to the average home’s cybersecurity posture. It also may help to increase awareness among the general public about how the devices they rely on could be creating privacy risks they never imagined, which would be a great step forward.
There is some risk in the mass adoption of such a set-it-and-forget-it, albeit limited, network security tool, however. First, it’s possible that it may lure home users into a false sense of complete security, since they may not comprehend the limitations of the service’s protection. For example, the system can only detect certain types of device vulnerabilities like open ports and default passwords, but it can’t actually fix them. That means most of the real benefits of detection will rely on users’ ability to correct problems on their own, which might be a tall order.
Second, the system will grant an enormous amount of access to user data to a company that’s not known for taking privacy issues very seriously. With few legal restraints on what they might do with the vast amounts of data that an in-home network monitoring service will generate, there’s no telling how Comcast could choose to further monetize this new product offering. Also, the company has suffered several embarrassing security failures in recent months, calling into question its ability to safeguard customers at all.
The bottom line here is that Comcast’s new Xfinity xFi Advanced Security service could turn out to be a step in the right direction for the security of millions of home internet subscribers. At the same time, it’s hard to imagine people paying for the chance to turn over even more of their personal data to America’s most hated company. With an existing potential user base of over 15 million homes (houses that already have an xFi gateway), it’s a safe bet that the service will gain some traction, and we’ll have a verdict on its efficacy in the very near future.