How easy is it for thieves to hack you home alarm system?
Homes around the world are becoming smarter and more connected, but what impact does the Internet of Things have on your personal safety? Are home security systems vulnerable to hackers, and if so, what can you do to prevent the criminal attacks?
Whether we are talking about smart TVs, connected toasters and fridges, remote control lighting and monitoring, or other prototyping technologies, more and more consumers are becoming interested in the Internet of Things. And it’s easy to see why: home automation allows people to organize their lives with a single tap from their smartphones or tablets.
So what is home automation anyway? Simply put, home automation gives you access to control almost any appliance in your home from a mobile device anywhere in the world, as long as you are connected to the Internet. From thermostats to the sprinkler system and from lights to heating and cooling systems, the devices have an assigned IP address, which allows them to be accessed and monitored remotely.
It goes without saying that remote controlled systems make monitoring and controlling your home easier. By enabling object to communicate over the Internet, you can arm or disarm your alarm remotely from your smartphone, check security footage, turn the heating on your way back from work, or check if everything is OK while you are on holiday.
A fair number of consumers are dipping their toes into home automation. However, many of them don’t fully understand what connected home devices are and how they work. For most of them, the main concern is that remote thermostat or lighting work properly, ignoring one major aspect: wireless home alarms.
Home owners are exposed to a greater risk than ever before, as home security systems can be vulnerable to cyberattacks. Hackers could access your data and either disconnect the alarm system altogether or create a number of false alarms that could label them as ineffective.
How easy is it for thieves to hack your home and is there anything you can do to prevent these attacks? Let’s find out!
Is your home security system hackable?
When you install a home alarm system, you do it knowing (or hoping) that it will make your home safer, that it will protect your family and your possessions. The truth is that remote controlled automated systems are a great of monitoring your home from the anywhere in the world. You can get real time security footage, alert the authorities if you notice any abnormal activity, and remotely control everything – locks, lights, thermostats, surveillance cameras, and so on.
With all these benefits are hand, chances are you never truly thought about whether your home security system could actually be used against you. It sounds ridiculous and frightening, but the truth is that home alarm systems aren’t as impenetrable as you thought.
Study shows: security systems are vulnerable to cyberattacks
On a Friday night, at a birthday party in Knoxville, Tennessee, a man wandered the perimeter of a home, eventually breaking in. Even though the system was armed, the alarm did not trigger as it should and the central control station didn’t call the police as it was programmed to do in these types of situations. With just some basic tools and good knowledge of technology, this man was able to turn off the alarm system and break in.
Luckily, the man, whose name is Logan Lamb, was a researcher at the Department of Energy’s Oak ridge National Laboratory, and the house he broke into was his coworker’s. They were doing a research on the way popular security systems can be turned against their owners to spy on their activity. According to Forbes.com, Lamb was able to disconnect the alarm through interception the system’s unencrypted wireless communications with the sensors around the home, and sending his own signals to the main controls.
According to the researcher, most home alarms systems can be hacked to either disconnect the alarms altogether or create a number of false alarms that would render them as inefficient.
Another researcher, Silvio Cesare, who works at a network security and vulnerability management company, tested various security systems.
Both researchers found the same problems: all the system they examined relay on radio signals to run the wireless home security. The signals are sent from the doors and windows sensors to a control system that triggers the alarm there is a trespass. These signals are sent anytime a door or window is closed, regardless if the alarm is armed or not. However, when the alarm is enabled, the control system will trigger the alarm and alert both the owner and the authorities when someone breaks in.
The researchers found that the signal the sensors send to the control system is usually unencrypted, meaning that they can be easily intercepted. Basically, anyone with good knowledge of technology could use the radio signals to either spoof the signal and turn off the entire system, or intercept the signal and steal your password.
One breach in the system that Cesare found was that when home owners arm or disarm their alarm remotely, they don’t enter a password on the control panel. This data is transmitted via radio signals and, because they are fixed ones, can be monitored and replayed.
One of the scariest things is that home-burglary packets are being sold everywhere. Both researchers used a software-defined radio to intercept and replay communications. With this device, Lamb, for example, was able to copy signals and send them back to the system to trigger false alarms from 250 yards away. Furthermore, there are apps that can be used to break into a home.
How can hackers use apps to break into your home?
A reporter from Wired Magazine used a mobile app to break into his friend’s house. Although it was all part of an experiment, it’s scary to see how easily it can be for someone, with no burglar skills whatsoever, to break into your house. Here’s how the reporter did it:
The reporter used an app that scans keys and uploads them in the company’s server. It then lets you print a 3D copy of your key or it sends it to you in your mailbox. Of course, these types of services are destined to solve the problem of lockouts and lost keys but, when in the wrong hands, they can be used to make a copy of someone’s key and use it later to break in.
The best way to protect yourself from these situations is to be prudent with your keys and store them carefully. It doesn’t take more than 30 seconds to make a key copy with a mobile app, so if you lose sight of your keys even for 20 seconds, it’s best to replace your locks. It’s a paranoid approach, but it’s probably the safer.
Don’t think that if you leave your keys hanging from your belt you are protected. According to one group of researchers, it’s easy to replicate a key photographed from 200 feet away.
Other methods thieves use to disable your home alarm systems
Not all thieves are technologically gifted (although the majority of them are becoming more and more advanced), so some might appeal to some old school methods to disable your home alarm system.
- Giving out to much information
Burglars look for every piece of information they can find, looking for ways to break into your house undetected. If, for example, you have your name painted on your mailbox, you just gave a potential burglar essential information about yourself – your name and address.
- Placing security signs
You may think that placing security signs around the house will scare potential intruders away, but, in fact, what you are doing is giving hints to where the devices are placed. Professional burglars know how security companies usually wire the devices, where they place the sensors, and can use this information to suppress the system.
- Burglars use Social Media to target you
You probably don’t see anything wrong with posting a picture from your holiday or checking in at a new hip restaurant. But, what if we told you that more than 75 percent of convicted burglars use information like this to target victims?
Everything from checking in to posting a picture or a reveling status is practically in invitation to home intruders.
What’s the solution?
To begin with, be very careful with how much you give away. It’s all common sense, but never leave your keys lying around and never give them to someone you just met. Set you Facebook’s privacy settings and control who and what is seeing.
Install a home security system that has an anti-jamming counter measure to prevent someone from blocking signals from sensors to control systems. Furthermore, a secure WiFi network will help you keep these devices secure.