Beware – Your Smart Home Might Be A Massive Security Risk

Householders looking to make their homes more intelligent may want to think twice about installing ‘smart home’ hubs, a new survey has warned.

Researchers at security firm Tripwire found serious flaws in three of the top-selling smart home systems on Amazon which could put the residences at risk.

The study uncovered zero-day flaws inside the smart hubs, which, if exploited, could allow hackers to gain control of alarm settings, temperature levels and door locks, as well as being able to tell when people have left their home.

Tripwire, whose Vulnerability and Exposure Research Team undertook the research, also warns that the vulnerabilities could allow criminals to access local area networks and use the smart hubs as a basis for DDoS attacks.

Not so secure?

“Smart home hubs are steadily growing in popularity; however, as with many consumer technology products, functionality has trumped security,” said Craig Young, security researcher for Tripwire.

“Smart home hubs enable users to have control over the connected devices in their house, but they also open new doors for criminals. The threat is relatively low for now, but it will increase as malicious actors recognise how much information can be gained by attacking these devices.”

Tripwire has informed the smart hub vendors of the flaws, and two of the three have moved to patch the flaws – although one is still to do so, leaving it at risk of attack.

“Smart home hubs that are vulnerable to remote code execution could allow attackers to migrate from a breached computer to the hub, effectively hiding themselves on the network,” said Tyler Reguly, manager of security research at Tripwire.

“In addition, a cross-site request forgery could allow malicious actors to manipulate device settings every time the consumer surfs the web or opens an email. The risks are real, and the points of entry are numerous. Vendors need to acknowledge vulnerabilities and issue updates on a regular basis, and consumers need to realise the risks and apply vendor issued updates.”

Several of the technology industry’s biggest names have confirmed their interest in working in the smart home market.

This includes Apple, which is reportedly developing an app that will allow users to control their smart home via their mobile devices. Apple’s HomeKit software is already being used to make intelligent products for the home, including smart lightbulbs from GE which aim to lessen the effect that artificial lights have on our sleep patterns by giving consumers the ability to automate lighting according to the body’s natural sleep circadian rhythm.

What do you know about the Internet of Things? Take our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Microsoft Executive Indicates Departmental Hiring Slowdown

Amid concern at the state of the global economy, a senior Microsoft executive tells staff…

2 days ago

Shareholders Sue Twitter, Elon Musk For Stock ‘Manipulation’

Disgruntled shareholders are now suing both Twitter and Elon Musk, over volatile share price swings…

2 days ago

Google Faces Second UK Probe Over Ad Practices

UK's competition watchdog launches second investigation of Google's ad tech practices, and whether it may…

2 days ago

Elon Musk Raises His Contribution To Twitter Acquisition

But one of Elon Musk's biggest backers on the Twitter board has tendered his resignation…

3 days ago

Broadcom Confirms VMware Acquisition For $61 Billion

Entry into cloud infrastructure software for US chip firm Broadcom after it confirms reports it…

3 days ago