'Smart' homes open doors to hackers

Jul 30, 2013
A damaged garage door is visible at a house, on August 16, 2011, in Buckner, Kentucky. Smart homes that let residents control alarms, locks and more over the internet are opening doors for crooks with hacker skills, according to computer security specialists.

Smart homes that let residents control alarms, locks and more over the internet are opening doors for crooks with hacker skills, according to computer security specialists.

"The trend is growing, and it evolves quickly into a story of security," Trustwave managing consultant Daniel Crowley told AFP.

"Connecting things to a network opens up a whole range of vectors of attack, and when you are talking door locks, garage doors, and alarm controls it gets scary."

Crowley and Trustwave colleague David Bryan found security "pretty poor" on the devices they studied.

"If someone can access your home network, but doesn't have a key to your home, they can still unlock your door and get in," Crowley said of what he found in gear on the market.

Trustwave researchers will share their findings Thursday with peers at a premier Black Hat security conference in Las Vegas and at the infamous Def Con hacker gathering taking place in that city through the weekend.

A vulnerability of particular concern to the researchers was that once hackers joined local home networks, perhaps through poorly protected wireless routers or using malware slipped onto computers, they could control devices with no password or other authentication required.

"The fact that you need to be on someone's to exploit these things is not as big a hurdle as you'd imagine," Crowley said.

And the trend of providing people with smartphone applications for controlling smart home devices while away means that crooks who hack into handsets could potentially grab the reins, according to the researchers.

There are also ways to use computer "IP" numbers to figure out real-world addresses, and some smart home applications, themselves, reveal location information, according to Trustwave.

Combing that capability with hacking tools could put an Internet age twist on home burglaries, the researchers said.

"I don't think this will be something that enables the ordinary criminal to do something they weren't doing before," Crowley said.

"The big risk is that a compromise could give you access to hundreds of thousands of homes all at once; I could see that as an attack someone could actually use to launch a crime spree."

Explore further: Online sharing helps hackers sharpen 'spears'

add to favorites email to friend print save as pdf

Related Stories

Next up: Smart homes

May 28, 2012

You've got a smartphone and maybe a smart TV, and may have heard that smart refrigerators are in the works. Next up: the smart home.

Computer hackers and defenders mix in Las Vegas

Jul 24, 2012

Rival factions from the Internet security world will mix warily this week at a pair of Las Vegas conferences gathering computer security experts and software savants who make sport of hacking them.

Smart home security device gets even smarter over time

Jul 28, 2013

Wouldn't it be nice to have an intelligent home system you can control from your phone? A system that is smart enough to know what is normal? A system that averts false alarms that fray the nerves of responders? ...

Recommended for you

Patent talk: Google sharpens contact lens vision

Apr 16, 2014

(Phys.org) —A report from Patent Bolt brings us one step closer to what Google may have in mind in developing smart contact lenses. According to the discussion Google is interested in the concept of contact ...

Neuroscientist's idea wins new-toy award

Apr 15, 2014

When he was a child, Robijanto Soetedjo used to play with his electrically powered toys for a while and then, when he got bored, take them apart - much to the consternation of his parents.

Land Rover demos invisible bonnet / car hood (w/ video)

Apr 14, 2014

(Phys.org) —Land Rover has released a video demonstrating a part of its Discover Vision Concept—the invisible "bonnet" or as it's known in the U.S. the "hood" of the car. It's a concept the automaker ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

antialias_physorg
not rated yet Jul 31, 2013
"The big risk is that a compromise could give you access to hundreds of thousands of homes all at once; I could see that as an attack someone could actually use to launch a crime spree."

Not so much a crime spree as a sort of centralized 'burglary service' that finds/unlocks homes and defuses local security measures for others to exploit (for a fee). In that way even the ordinary criminal can 'profit' from such methods.

And of course the NSA (and other secret service outfits) just love this.

When are people going to learn that the only unbreakable security is a one-time-pad based one? It's not THAT hard to implement (to be precise: it's one of the easiest encryption schemes to implement). And with the limited information sent/received by home systems it's actually quite feasible.

More news stories

Venture investments jump to $9.5B in 1Q

Funding for U.S. startup companies soared 57 percent in the first quarter to a level not seen since 2001, as venture capitalists piled more money into an increasing number of deals, according to a report due out Friday.

White House updating online privacy policy

A new Obama administration privacy policy out Friday explains how the government will gather the user data of online visitors to WhiteHouse.gov, mobile apps and social media sites. It also clarifies that ...

Hackathon team's GoogolPlex gives Siri extra powers

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Leeches help save woman's ear after pit bull mauling

(HealthDay)—A pit bull attack in July 2013 left a 19-year-old woman with her left ear ripped from her head, leaving an open wound. After preserving the ear, the surgical team started with a reconnection ...

Scientists tether lionfish to Cayman reefs

Research done by U.S. scientists in the Cayman Islands suggests that native predators can be trained to gobble up invasive lionfish that colonize regional reefs and voraciously prey on juvenile marine creatures.