Home Automation Systems Easily Hacked via Powerlines
X10 and Z-Wave home automation systems do not support encryption, according to researchers, and can be easily hacked via powerlines.
Two researchers at DefCon in Las Vegas showed how they can hack into automation systems that run through powerlines.
According to Wired.com, the hackers showed how, using a sniffer device connected to the broadband network via an electrical outlet, they could manipulate 15 different neighbors’ lights, HVAC and security systems that communicate via the powerline because those communication signals are not encrypted.
The hackers also showed how they were able to track the movements of 15 neighbors with automation systems inside their homes via their motion sensors and cameras, as well as jam signals for lights and alarms.
“None of the manufacturers have implemented really any security whatsoever on these devices,” says Dave Kennedy, one of the hackers. “It’s such an immature technology.”
According to Wired.com, the hackers spent two months researching and designing their open-source tools to conduct the hacks. The hackers focused on x10 systems because that protocol “does not support encryption.” They were also able to hack Z-Wave devices because the device they looked at did not have the AES encryption incorporated properly.
The hacking tools are being released to the public as the X10 Sniffer and the X10 Blackout, which jams signals to interfere with the operation of lights, alarms, security cameras and other devices, according to Wired.com. It may only be a matter of time before these devices are in the hands of burglars.
We're Looking for Your BEST Projects
Don’t miss your chance to enter to win a 2019 BEST Projects Award. We’ll be announcing winners at a special Gala event at CEDIA EXPO. We can’t wait to see what you’ve been up to this year! Enter your projects now.
Jason Knott is Chief Content Officer for Emerald Expositions Connected Brands. Jason has covered low-voltage electronics as an editor since 1990, serving as editor and publisher of Security Sales & Integration. He joined CE Pro in 2000 and serves as Editor-in-Chief of that brand. He served as chairman of the Security Industry Association’s Education Committee from 2000-2004 and sat on the board of that association from 1998-2002. He is also a former board member of the Alarm Industry Research and Educational Foundation. He has been a member of the CEDIA Business Working Group since 2010. Jason graduated from the University of Southern California. Have a suggestion or a topic you want to read more about? Email Jason at firstname.lastname@example.org
Follow Jason on social media:
SecurityProduct Briefs: CEDIA White Papers; Meridian Live; MQA Adoption Grows
Alarm.com Settles Patent-Infringement Lawsuit with IpDatatel
ADT Settles Lawsuit With NorthStar for $3M
Clare Adds Support for Autonomic, August, Danalock, More
Parks Associates: Consumers Have Major Concerns About Smart Home Privacy and Safety
View more on Security