The Dark Side of Home Automation
With today’s robust technology, it is now possible for users to remotely control their home devices via the Internet. However, as this technology gains a foothold, cybercrime is not far behind.
In our 2013 Security Predictions, our Chief Technology Officer (CTO) Raimund Genes predicted that with digital technology becoming more integrated in our lives, we may be seeing threats in unlikely places. In particular, as more home devices and appliances are designed to access the Internet, they can become new venues for unexpected threats.
In my recent post, I mentioned that the bulk of research initiated on Internet-enabled devices has been on identifying vulnerabilities. Though done to provide better security for end users, the flip side is we’re seeing novel ways to steal information and money. This is an alarming prospect, as majority of these home gadgets have basic IP configuration with limited security options. What’s more, most end users are unaware of these devices’ vulnerability.
Below are some of three possible threat scenarios that may occur once attackers take advantage of these well-known home automation protocols:
- X10. Because X10 devices use 4-bit ID numbers, it is vulnerable to brute-force attacks. Furthermore, because it can be turned off with just one command, a thief can turn-off an X10-based alarm and infiltrate a victim’s house.
- Z-Wave. By using tools readily available on the Internet, an attacker can sniff all traffic that flows in WPAN. With this information, an attacker can monitor a user’s day-to-day activities and gain information on the kind of devices used at home and how these are controlled. More tech-savvy thieves can even execute random commands via WPAN.
- ZigBee. Though ZigBee-based devices have a more secured communication, problems still exist in the gateway between WPAN and an IP network. An attacker can bypass ZigBee authentication due to user’s weak password or misconﬁguration, allowing him to access devices like security cameras. With this, an attacker can monitor user’s daily activities and change gateway conﬁguration to connect to a fake Domain Name System (DNS) or proxy server, that may lead to data theft.
Today Trend Micro releases the paper Home Automation and Cybercrime that provides a more detailed view of these possible risks in using Internet-capable home appliances. For end-users with little or no familiarity with these home automation protocols, we previously released an infographic that looks into the risks of home automation.