Home Automation Systems Easily Hacked via Powerlines
X10 and Z-Wave home automation systems do not support encryption, according to researchers, and can be easily hacked via powerlines.
Two researchers at DefCon in Las Vegas showed how they can hack into automation systems that run through powerlines.
According to Wired.com, the hackers showed how, using a sniffer device connected to the broadband network via an electrical outlet, they could manipulate 15 different neighbors’ lights, HVAC and security systems that communicate via the powerline because those communication signals are not encrypted.
The hackers also showed how they were able to track the movements of 15 neighbors with automation systems inside their homes via their motion sensors and cameras, as well as jam signals for lights and alarms.
“None of the manufacturers have implemented really any security whatsoever on these devices,” says Dave Kennedy, one of the hackers. “It’s such an immature technology.”
According to Wired.com, the hackers spent two months researching and designing their open-source tools to conduct the hacks. The hackers focused on x10 systems because that protocol “does not support encryption.” They were also able to hack Z-Wave devices because the device they looked at did not have the AES encryption incorporated properly.
The hacking tools are being released to the public as the X10 Sniffer and the X10 Blackout, which jams signals to interfere with the operation of lights, alarms, security cameras and other devices, according to Wired.com. It may only be a matter of time before these devices are in the hands of burglars.
Jason has covered low-voltage electronics as an editor since 1990. He joined EH Publishing in 2000, and before that served as publisher and editor of Security Sales, a leading magazine for the security industry. He served as chairman of the Security Industry Association’s Education Committee from 2000-2004 and sat on the board of that association from 1998-2002. He is also a former board member of the Alarm Industry Research and Educational Foundation. He is currently a member of the CEDIA Education Action Team for Electronic Systems Business. Jason graduated from the University of Southern California. Have a suggestion or a topic you want to read more about? Email Jason at [email protected]
Follow Jason on social media:
SecurityThe Incredible Puppy Dog Close: Let Your Clients Test It Out
Disruptive Business Model: How Comtronics Makes Money on DIY Security, Home Automation
CEDIA Q&A: LILIN Demos New 1080P IP Video Door Station
CEDIA Q&A: Yale Locks Presents nexTouch, Z-Wave and ZigBee Backed Keypad Lock
CEDIA Q&A: Channel Vision Demos New IP-Based Intercom & Touch Screens
View more on Security