Akita is an IoT device watchdog station that detects suspicious activity in your smart home devices network and prevents IoT-oriented attacks.
Frequently Asked Questions
Akita uses a custom form of WiFi sniffing to detect questionable packets and sends them to our servers to be analyzed (this is why the hardware can run on low memory/CPU; it's mainly a cloud-based system). Once the packets are determined to be malicious, a command is sent from our servers back to the Akita device.This includes custom protocol commands to disconnect the device from the network router.
Akita connects to a LAN port on your home router (not inline).
Watch our Sign Up Process here.
No subscription is required for Akita to fully function as advertised.
You could think of Akita as a hardware firewall, yes - meaning it is not intended to be used as a software firewall/antivirus system. The most significant difference is other home firewall customers only receive an alert. With Akita, we do something about the problem. We have automatic disconnects to stop the malicious traffic, clean it, and then reconnect the device to the network.
We are actively testing against hacks on the Akita device; we hired one of the strongest Israel-based cyber companies (CyberInt), which has been using a team of ‘white’ hackers to try and hack the device for 3 months. Any vulnerabilities found are reported to R&D and fixed via firmware updates.
Does Akita also monitor other devices’ traffic on the network such as laptops and smartphones, or only IoT devices?
Akita was designed for IoT devices only. You will still need antivirus protection on your laptop.
Our team is comprised of professionals from the Israeli Defense Force’s Cyber Intelligence Unit, veteran developers and Uber alumnis.
Save yourself the time and trouble of writing the same email over and over again by listing your most commonly asked questions and answers here. A dedicated FAQ page should help address the basic needs of your customers, cutting down on customer service emails, increasing conversions, and creating a more satisfying shopping experience!
- Processor: Qualcomm QCA9531 650MHz
- Memory: 64MB DDR
- Flash: 16MB
- 1*10/100Mbps RJ45 Ethernet WAN Port
- 4*10/100Mbps RJ45 Ethernet LAN Port
- IEEE802.11b/g/n 2Antenas
- Product Size: 100*100*500MM
- Weight: 0.29KG
- Akita security software
- Akita network scanner and monitor
- Akita smart datection of security threats
- Integration with Akita cloud system
- Detects and protects against security threats such as Mirai malware
Because this device is not inline (between the modem and router), a gigabit port is not needed and will not affect the speed of any customer currently using gigabit connections.
Akita does not perform DPI (Deep Packet Inspection). Akita works without looking into the data in the packets except for specific parts of the protocol such as source/target/protocol and protocol properties. In layman’s terms, Akita does not look at your personal data or share anything related to that.
It depends on how you set up the "extender". If you use an access point that broadcasts the same SSID, you would only need one Akita. If the extender creates a separate ‘extended’ network, you will need two Akitas to cover both networks. This is because the ‘extended’ network is on a different subnet and is technically a different network.
Currently, Akita only monitors and protects WiFi devices. We are actively developing to include hard-wired devices and there will be a firmware update in the future once finished. No new hardware will be required for this. We do not have an ETA on this update but will keep every backer posted as it progresses.
Yes, Akita works with Google WiFi and mesh networks.
Akita's WAN port does not require a gigabit connection in order to report higher network speeds to our servers; it obtains this info on a command level like any other speed test.
We calculate CRC of installed files every 24 hours and compare it to our reference files.
Regarding the disconnection of a suspicious IoT device: There are many ways to block, disrupt, and take over a device or a home network router using the basic infrastructure IP protocols (DHCP, ICMP, ARP). We wanted to do this as elegantly as possible, and to have user intervention during the process; we use a combination of mechanisms to quarantine, analyze, and block a device. Without giving away our recipe, we can say we are bringing advanced technology used by enterprises into the home network. We DO NOT need any password for the router in order to quarantine the rough device. We DO NOT store credentials of any kind. We didn't show our internals in the demo for obvious reasons - what WAS shown there was one of the approaches considered (that subsequently was not used).
We do have plans for a VPN integration eventually, but not in our initial release. Stay tuned for updates!
This device utilizes services that are cloud-based and would not function without the servers being available.
Akita is not designed to be a sensor.
Yes, we do have plans to integrate with personal assistants (Alexa, HomeKit, Google, etc) in the future, but this will not be included in the initial launch.
We do have an API but it’s not for public use.
What if the AKITA servers go down? Are they reliable enough to make the device fully cloud-operated?
The Akita servers run on Microsoft Azure Cloud and use Azure IoT Hub Technology, with an uptime of 99.9% according to Microsoft Azure CLA.
How does this device work differently from segmenting your network and isolating IoT devices in DMZ and then setting up Access Control for the devices on your smart device network and preventing access to all other connections?
The difference is Akita servers are constantly updating security definitions and block suspicious traffic/devices automatically, versus the manual set up and maintenance of setting up a DMZ with access control.
Yes, you will be able to whitelist devices via the Akita mobile app.
My router only has one port. Can I plug Akita in my network switch or does it have to be plugged directly in my router?
Yes, you can connect Akita to your switch on the same network.
Yes, as long as the 3 frequencies are all broadcasting the same SSID.
Yes, as long as the SSIDs all come from the router Akita is connected to.
Most Intel chips were affected by these vulnerabilities - but by the time Akita production starts there will be kernel patches that will be applied to resolve the issue. We will absolutely make sure these patches are tested and implemented prior to shipment.
Does Akita only protect devices on the WiFi network? Or does it work with other smart devices connected through Zigbee or Z-wave?
Akita protects WiFi devices only. It does not operate on Zigbee or Z-Wave, but it will protect any WiFi-connected hubs/controllers associated with those systems.
It will work as long as the VPN isn't blocking any traffic to and from the Akita.
Camera: The app should be able to scan QR code in order to activate Akita. You can deny the permission and input Akita serial number manually.
Location: Geolocation permission is required to prevent end stealing of Akita HW and activating it at different location from the place where Akita was originally delivered.
Wi-Fi connection information: For Akita unit activation and performance, you should provide WiFi settings.
Storage: This permission is required in order to upload photos and pdf files for Akita Loyalty Progam tasks.
Router Security Resolving Procedure
Wi-Fi Protected Setup (WPS) lets you join the WiFi network without typing the WiFi password.WiFi Protected Setup (WPS) technology has a design flaw. It is better to use a router that does not support WPS. If your does, try to turn it off, and verify that it really is off.
Routers that cannot disable WPS:
The Netgear Nighthawk X4 R7500 v2The D-Link DIR 890LThe Ubiquiti AmpliFi mesh router system
Wi-Fi Protected Access (WPA) is a security standard for users of computing devices equipped with wireless internet connections. WPA2 superseded WPA in 2004. WPA2 uses the Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP). It is based on the obligatory Advanced Encryption Standard algorithm, which provides message authenticity and integrity verification, and it is much stronger and more reliable than the original TKIP protocol for WPA.
WEP was designed with one main goal in mind: to prevent hackers from snooping on wireless data as it was transmitted between clients and access points (APs). However, the Payment Card Industry Data Security Standard prohibited retailers and other entities that processed credit card data from using WEP.
Some models of routers have bad implementation of UPnP. This makes your router vulnerable. Such vulnerability can help hackers change DNS setting on router. After that all devices on a LAN can be routed to a phishing site, a ransom demanding page or even encrypt your files.
The malware located on any device on the LAN can initiate as many outgoing connections to its server as it wants. If the router has UPnP enabled it means that it would trust any outgoing connections and allow to forward a port. Thus the malware would be able to bypass the router, establish a connection with malicious server and as a result provide a permanent access to your computer.
Tunnels are a mechanism used to send unsupported protocols across diverse networks.Tunneling protocols allow you to use, for example, IP to send another protocol in the "data" portion of the IP datagram. Most tunneling protocols operate at layer 4, which means they are implemented as a protocol that replaces something like TCP or UDP.
How to solve: Block ports and Install Firewall
OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.
A Default Credential vulnerability is a type of vulnerability that is most commonly found to affect the devices like modems, routers, digital cameras, and other devices having some pre-set (default) administrative credentials to access all configuration settings.
Weak passwords are always a problem when it comes to computer security. If you’re using WPA2 encryption for your Wi-Fi network, you may think you’re safe – but you may not be.
If you’re using a weak password for your WPA2 encryption, it can easily be cracked. Passwords like “password”, “letmein” or “abc123” are just as bad as using WEP encryption – if not worse.
Don’t use the minimum password length of 8 characters. Something between 15 to 20 characters should probably be good, but you can go all the way up to 63 characters if you like. You can also create a longer password by using a “passphrase,” or password phrase – a sequence of words, like a sentence.
Assuming you’re using WPA2 with a strong password, you’re all set. You don’t have to put up with the hassle of hidden SSIDs, MAC address filtering, and static IP addresses to secure your network.
A security researcher recently discovered a backdoor in many routers, allowing anyone to access the router without knowing the username or password. This isn’t the first router security issue and won’t be the last.
Disable Remote Access: Routers offer a web interface, allowing you to configure them through a browser. The router runs a web server and makes this web page available when you’re on the router’s local network.
However, most routers offer a “remote access” feature that allows you to access this web interface from anywhere in the world. Even if you set a username and password, anyone would be able to log in without any credentials. If you have remote access disabled, you’d be safe from people remotely accessing your router and tampering with it.
To do this, open your router’s web interface and look for the “Remote Access,” “Remote Administration,” or “Remote Management” feature. Ensure it’s disabled — it should be disabled by default on most routers, but it’s good to check.
Like our operating systems, web browsers, and every other piece of software we use, router software isn’t perfect. The router’s firmware — essentially the software running on the router — may have security flaws. Router manufacturers may release firmware updates that fix such security holes, although they quickly discontinue support for most routers and move on to the next models.
Unfortunately, most routers don’t have an auto-update feature like Windows and our web browsers do — you have to check your router manufacturer’s website for a firmware update and install it manually via the router’s web interface. Check to be sure your router has the latest available firmware installed.
Akita doesn't break any laws, as far as we know and have researched. We are not a hacking tool; we are a network communication management tool. Manipulating a network protocol for your own home cybersecurity protection is not considered hacking. We DO NOT use any network vulnerability and we DO NOT damage any device in the process.
For the North American market AKITA will comply with the FCC regulations and for the European market AKITA will comply with the CE regulations.
Akita has the ability to disconnect any WiFi IoT device from a network, but does not access the internal setup of the device (it would not stop the recording function of a security system if the footage was stored locally, such as an external hard drive).