Will hackers outsmart the smart home?
The advent of home automation and rapid rise of smart home connected devices is seeing some vendors and new startups scramble to become a part of the movement, with ABI Research forecasting 360 million smart home device shipments by 2020. But many companies are leaving major security flaws in the wake of their hurried attempts to penetrate the market, producing products riddled with bugs and unpatched vulnerabilities. Ignoring cybersecurity at the design level provides a wide open door for malicious threat actors to exploit smart home products.
“We see an alarming increase in ransomware in smart TVs and IP cameras, code injection attacks, evidence of zero-day threats, and password eavesdropping for smart locks and connected devices,” says Dimitrios Pavlakis, Industry Analyst at ABI Research. “The current state of security in the smart home ecosystem is woefully inadequate. Smart home device vendors need to start implementing cybersecurity mechanisms at the design stage of their products.”
Numerous attack vectors have been identified in popular smart home communication protocols, such as ZigBee, Z-Wave, and Wi-Fi. Many companies are creating and selling easy-to-tamper smart locking systems, easy-to-hack sensor systems, and products that host a plethora of software vulnerabilities. This could allow home invaders to determine when residents are out and enable them to break in more easily; cybercriminals to carry out Distributed Denial of Service (DDoS) attacks and force appliances offline in exchange for ransom; and malicious actors to steal data, and possibly even personal information, and resell them online.