Beware – Your Smart Home Might Be A Massive Security Risk

Householders looking to make their homes more intelligent may want to think twice about installing ‘smart home’ hubs, a new survey has warned.

Researchers at security firm Tripwire found serious flaws in three of the top-selling smart home systems on Amazon which could put the residences at risk.

The study uncovered zero-day flaws inside the smart hubs, which, if exploited, could allow hackers to gain control of alarm settings, temperature levels and door locks, as well as being able to tell when people have left their home.

Tripwire, whose Vulnerability and Exposure Research Team undertook the research, also warns that the vulnerabilities could allow criminals to access local area networks and use the smart hubs as a basis for DDoS attacks.

Not so secure?

“Smart home hubs are steadily growing in popularity; however, as with many consumer technology products, functionality has trumped security,” said Craig Young, security researcher for Tripwire.

“Smart home hubs enable users to have control over the connected devices in their house, but they also open new doors for criminals. The threat is relatively low for now, but it will increase as malicious actors recognise how much information can be gained by attacking these devices.”

Tripwire has informed the smart hub vendors of the flaws, and two of the three have moved to patch the flaws – although one is still to do so, leaving it at risk of attack.

“Smart home hubs that are vulnerable to remote code execution could allow attackers to migrate from a breached computer to the hub, effectively hiding themselves on the network,” said Tyler Reguly, manager of security research at Tripwire.

“In addition, a cross-site request forgery could allow malicious actors to manipulate device settings every time the consumer surfs the web or opens an email. The risks are real, and the points of entry are numerous. Vendors need to acknowledge vulnerabilities and issue updates on a regular basis, and consumers need to realise the risks and apply vendor issued updates.”

Several of the technology industry’s biggest names have confirmed their interest in working in the smart home market.

This includes Apple, which is reportedly developing an app that will allow users to control their smart home via their mobile devices. Apple’s HomeKit software is already being used to make intelligent products for the home, including smart lightbulbs from GE which aim to lessen the effect that artificial lights have on our sleep patterns by giving consumers the ability to automate lighting according to the body’s natural sleep circadian rhythm.

What do you know about the Internet of Things? Take our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Vodafone Germany Confirms 2,000 Job Losses, Amid European Restructuring

More downsizing at Vodafone after German operation announces 2,000 jobs will be axed, as automation…

14 hours ago

AI Poses ‘Jobs Apocalypse’, Warns Report

IPPR report warns AI could remove almost 8 million jobs in the United Kingdom, with…

15 hours ago

Europe’s Longest Hyperloop Test Track Opens

European Hyperloop Center in the Netherlands seeks to advance futuristic transport technology, despite US setbacks

15 hours ago

NHS Scotland Confirms Clinical Data Published By Ransomware Gang

NHS Dumfries and Galloway condemns ransomware gang for publishing patients clinical data after cyberattack earlier…

17 hours ago

Fewer People Using Twitter After Musk Takeover – Report

Research data suggests fewer people are using Elon Musk's X, but platform insists 250 million…

20 hours ago

Julian Assange Wins Temporary Reprieve For US Extradition Appeal

US assurances required. Julian Assange handed a slender reprieve in fight against his extradition to…

22 hours ago