Will Hackers Outsmart the Smart Home? Why Security Needs to Happen at the Design Level

ABI Research:  The advent of home automation and rapid rise of smart home connected devices is seeing some vendors and new startups scramble to become a part of the movement, with ABI Research forecasting 360 million smart home device shipments by 2020. But many companies are leaving major security flaws in the wake of their hurried attempts to penetrate the market, producing products riddled with bugs and unpatched vulnerabilities. Ignoring cybersecurity at the design level provides a wide open door for malicious threat actors to exploit smart home products.

“We see an alarming increase in ransomware in smart TVs and IP cameras, code injection attacks, evidence of zero-day threats, and password eavesdropping for smart locks and connected devices,” says Dimitrios Pavlakis, Industry Analyst at ABI Research. “The current state of security in the smart home ecosystem is woefully inadequate. Smart home device vendors need to start implementing cybersecurity mechanisms at the design stage of their products.”

Numerous attack vectors have been identified in popular smart home communication protocols, such as ZigBee, Z-Wave, and Wi-Fi. Many companies are creating and selling easy-to-tamper smart locking systems, easy-to-hack sensor systems, and products that host a plethora of software vulnerabilities.  Cont'd...

MacKeeper Partners with CUJO to Protect Smart Homes from Cyber Threats

As part of their partnership, MacKeeper's parent company, Kromtech Alliance Corp., and CUJO signed a reseller deal under which MacKeeper will distribute CUJO devices among their customers starting in July 2016.

Now You Can Hide Your Smart Home on the Darknet

Andy Greenberg for WIRED:  The Privacy Software Tor has aided everything from drug dealing marketplaces to whistleblowing websites in evading surveillance on the darknet. Now that same software can be applied to a far more personal form of security: keeping hackers out of your toaster.
On Wednesday, the privacy-focused non-profit Guardian Project, a partner of the Tor Project that maintains and develops the Tor anonymity network, announced a new technique it’s developed to apply Tor’s layers of encryption and network stealth to protecting so-called “Internet of things” or “smart home” devices. That growing class of gadgets, ranging from refrigerators to lightbulbs to security cameras, are connected to the Internet to make possible new forms of remote management and automation. They also, as the security research community has repeatedly demonstrated, enable a new breed of over-the-Internet attacks, such as the rash of hackers harassing infants via baby monitors or the potential for hackers tosteal your Gmail password from your fridge.  Cont'd...
 

Simplifying Security for IoT Device Engineers and Manufacturers

A Guide to Security Requirements for Specific Types of IoT Devices and Systems.

From NetworkWorld - Interview with the creators of EZ-Wave, a Z-Wave hacking tool

The synopsis for Breaking Bulbs Briskly by Bogus Broadcastsmentions the promise of smart energy and building automation, as well as the many unintended vulnerabilities that are introduced in the rush to bring IoT devices to market. The researchers believe “the ability to physically damage hardware by abusing network access is particularly interesting.” I agree.

Frustrated by the “lack of functionality in current Z-Wave hacking tools,” ShmooCon presenters Joseph Hall and Ben Ramsey created and released a new, open source EZ-Wave tool. Not only did the duo discuss how to use the tool for pen-testing Z-Wave wireless automation networks, they also discussed “a rapid process for destroying florescent lights.” They added, “Once access is gained to an automated lighting system, regardless of the protocol used, we  demonstrate how to destroy florescent lamps rated for 30K hours within a single night of abuse.” Full Article:

Belkin Is on a Mission to Fix WeMo's Buggy Smart Home Software

By Stacey Higginbotham for Fortune:  The WeMo line of devices has been around since 2012, and has expanded gradually to include outlets, light switches, light bulbs, as well as a line of sensors that was shown at CES, the consumer electronics trade show in Las Vegas last January but are still not out yet. However, WeMo products have a huge and glaring problem. The software running them is terrible. It has been beset by security issues, customer complaints, and generally can drive a user batty.
However, that’s about to change. Taylor said last week that the WeMo team has been focused on repairing the software and that in January WeMo’s users should expect an update. This means that daylights savings time won’t break all your schedules as sometimes happens. Or adding something to your Wi-Fi network won’t inexplicably confuse every WeMo device in the house. Or that one day your WeMo products will just decide that they no longer want to respond to their product names. Every WeMo user has a story, and like Tolstoy, every WeMo user is unhappy in their own way.  Cont'd...

Could This Single Device Protect Your Smart Home?

Joseph Bernstein for BuzzFeed News:  Sense is a smart router combined with software that sits on top of and monitors all of the connected devices in your house. It reads all the traffic coming into those devices in real time and analyzes it using F-Secure’s cloud security network, “an analytics engine and information repository for malware and a variety of other digital threats.”

When Sense detects unwanted or malicious traffic — say, a botnet trying to connect to your smart television — it simply blocks it.

By drawing all of the IoT devices in the home into one protected network, Sense presents a remarkably elegant solution to a problem the cybersecurity world has been worrying about for a long time.  Cont'd...

Cybersecurity

To protect your company, rethink what you reveal on social media, as it is all fodder for social engineers. Develop policies for handling sensitive requests like password resets over the phone. Have a security audit done.

Records 1 to 8 of 8

Featured Product

Revolutionary Hi-Fi 2 4x4 (Four Zone, Four Source) Distributed Audio System from Leviton Security & Automation

Revolutionary Hi-Fi 2 4x4 (Four Zone, Four Source) Distributed Audio System from Leviton Security & Automation

Leviton Security & Automation's 4x4 is the perfect affordable solution for homes and small businesses. The powerful yet compact Hi-Fi 2 plays music from devices you already own (or those you wish to purchase), and is so easy to operate that anyone can enjoy it. Use the free app on your iPad, iPod Touch, or iPhone to control audio sources, volume levels, etc. Use the optional Bluetooth input to wirelessly stream music from your tablet, notebook, or smartphone!"