Half of major Internet-connected security systems are vulnerable to jamming

from not-so-smart-house department

As usual, the “smart” home isn’t always very smart, and dumber tech can often be the better option. This is certainly true in the field of smart locks, where studies have repeatedly shown that many major smart lock brands are easily compromised. The same would have been proven for most other “smart” devices, be it smart fridges, smart TVs or even smart Barbies.

You would think that “smart” security-focused systems would be better, but not really. Consumer Reports recently looked at Top 10 Modern Home Security Systems, and found that half of them could be easily compromised by hackers. Most modern security systems are DIY systems that include a centralized hub and then various door, window, and other sensors that you can purchase on a piecemeal basis. But Consumer Reports found that five major brands can be blocked relatively easily so that the alarm never goes off when an intruder enters your home:

“In a series of new tests, Consumer Reports found that five popular home security systems are relatively easy to jam. That means a burglar can use a laptop computer and a portable radio frequency (RF) transceiver to block signals door/window or motion sensors and enter a home without setting off the alarm.It should be noted that any wireless device can be blocked, but there are methods and technologies that make it more difficult to remove.

Of course, an intruder capable of hacking needs to know what type of alarm system they’re trying to block, so it’s a good idea not to advertise the type of alarm system you have via these pegs or handy garden signs (which some people use as a replacement for a real alarm system anyway). While such signs can be a deterrent, they also announce vulnerabilities that an intruder should target.

Systems according to Consumer Reports that were relatively easy to jam were Abode Iota All-in-One Kit, Cove Home Security System, Eufy 5-Piece Home Alarm Kit, Ring Alarm Security Kit (2nd Gen), and SimpliSafe The Essentials SS3- 01. Two of these systems, Cove and Eufy, were also found to be vulnerable to disarm signal attack replay, where an attacker captures and records a key fob’s disarm signal and then broadcasts it to disarm the security system. Not all of these vulnerabilities are lethal; some detect the jamming, they just do it too late. Others may have blocked sensors, but still register intruders.

That said, when Consumer Reports reached out to all five companies to see if they would fix the jamming issue, only one said they would. And most downplayed the threat as unlikely in the real world:

“Blocking a device would require running a very nuanced protocol perfectly with devices specifically tuned and configured for that purpose,” says Gomes-Casseres. alerted and cameras are queued to record and capture evidence of jamming attempts.”

Yet this is yet another example that dumb tech (like, say, getting a dog and a deadbolt) can still be a more reliable add-on, if not an outright alternative.

Filed Under: smart homes, vulnerabilities

Companies: consumer reports