Beware – Your Smart Home Might Be A Massive Security Risk

Householders looking to make their homes more intelligent may want to think twice about installing ‘smart home’ hubs, a new survey has warned.

Researchers at security firm Tripwire found serious flaws in three of the top-selling smart home systems on Amazon which could put the residences at risk.

The study uncovered zero-day flaws inside the smart hubs, which, if exploited, could allow hackers to gain control of alarm settings, temperature levels and door locks, as well as being able to tell when people have left their home.

Tripwire, whose Vulnerability and Exposure Research Team undertook the research, also warns that the vulnerabilities could allow criminals to access local area networks and use the smart hubs as a basis for DDoS attacks.

Not so secure?

“Smart home hubs are steadily growing in popularity; however, as with many consumer technology products, functionality has trumped security,” said Craig Young, security researcher for Tripwire.

“Smart home hubs enable users to have control over the connected devices in their house, but they also open new doors for criminals. The threat is relatively low for now, but it will increase as malicious actors recognise how much information can be gained by attacking these devices.”

Tripwire has informed the smart hub vendors of the flaws, and two of the three have moved to patch the flaws – although one is still to do so, leaving it at risk of attack.

“Smart home hubs that are vulnerable to remote code execution could allow attackers to migrate from a breached computer to the hub, effectively hiding themselves on the network,” said Tyler Reguly, manager of security research at Tripwire.

“In addition, a cross-site request forgery could allow malicious actors to manipulate device settings every time the consumer surfs the web or opens an email. The risks are real, and the points of entry are numerous. Vendors need to acknowledge vulnerabilities and issue updates on a regular basis, and consumers need to realise the risks and apply vendor issued updates.”

Several of the technology industry’s biggest names have confirmed their interest in working in the smart home market.

This includes Apple, which is reportedly developing an app that will allow users to control their smart home via their mobile devices. Apple’s HomeKit software is already being used to make intelligent products for the home, including smart lightbulbs from GE which aim to lessen the effect that artificial lights have on our sleep patterns by giving consumers the ability to automate lighting according to the body’s natural sleep circadian rhythm.

What do you know about the Internet of Things? Take our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

SoftBank Promises To Invest $100bn In US

Japanese tech investment firm SoftBank promises to invest $100bn during Trump's second term to create…

10 hours ago

Synopsys, SiMa.ai To Collaborate On AI Car Chips

Synopsys to work with start-up SiMa.ai on joint offering to help accelerate development of AI…

10 hours ago

AI Start-Up Basis Raises $34m For Accountancy Agent

Start-up Basis raises $34m in Series A funding round for AI-powered accountancy agent to make…

11 hours ago

Databricks Raises $10bn In Huge AI Funding Round

Data analytics and AI start-up Databricks completes huge $10bn round from major venture capitalists as…

11 hours ago

Congo Files Complaints Against Apple Over Conflict Minerals

Congo files legal complaints against Apple in France, Belgium alleging company 'complicit' in laundering conflict…

12 hours ago