How secure is your IoT ‘home security’ system?

Following news this week that vulnerabilities have been found in the Xfinity Home Security system provided by Comcast, the world’s largest broadcasting and cable company* it is fair to ask how secure ‘IoT security’ systems really are. As Jeremy Cowan asks, who guards the guardians? 

Wired.com reports, “Philip Bosco, a security researcher at Rapid7, found vulnerabilities in Comcast’s Xfinity Home Security system that would cause it to falsely report that a property’s windows and doors are closed and secured even if they’ve been opened; it could also fail to sense an intruder’s motion.”

Rob Miller, head of Smart Energy at MWR InfoSecurity, tells IoT Now, “There is a belief in the IoT (Internet of Things) community that using a wireless protocol such as ZigBee means that the device is secure. ZigBee has a number of very effective security features such as encryption of communications, but it is not a silver bullet. (To see a home security guide comparing rival  systems go to: https://www.reviews.com/home-security-systems/)

“Developers of IoT need to consider the unique security risks of their products rather than assuming that they have already been solved for them. Many attacks such as denial of service, capture and replay of messages and side channel attacks could undermine an otherwise secure product.”

Rob Miller, head of Smart Energy, MWR InfoSecurity
Rob Miller, head of Smart Energy, MWR InfoSecurity

“IoT is a rapidly growing area, as seen at this year’s CES 2016 conference. Making a device smart is seen as a way of gaining a competitive edge in a range of products, from fitness to home security,” says Miller. “This advantage is strongest when your product is first to market whilst also being efficient and practical. Building a competitive device requires short development times, reduction of component cost and reduction in power usage. This often means that security is marginalised in an attempt to get the product out the door at a reasonable price. The consequences for a simple smart device may be minimal, but when these devices start controlling our burglar alarms or car doors, then the priorities must be adjusted.”

Failures in IoT security

IoT Now asked where the risks lie in IoT security?

“There are two races happening at the moment that are leading to security failures in IoT. The first is over which wireless protocol will become the de facto standard in IoT.  Developers and manufacturers of wireless protocols and hardware need to be clear not only what security features their solutions have, but also how to use them safely and where their limits are.

“The second race is which IoT products will become the ‘must haves’ for 2016.” Miller concludes that, “IoT vendors should consider not only the impact of being first to market, but the impact to their brand when the security of their products is exposed to the world.”

* (largest by revenue)

Comment on this article below or via Twitter: @IoTNow_  OR  @jcIoTnow

 

RECENT ARTICLES

Nordic-powered Apple HomeKit with Thread smart air purifier captures and analyses air quality data

Posted on: September 28, 2022

Oslo, Norway – Connected appliances manufacturer, Sleekpoint Innovations, has released the ‘Purelle (AP2)’ under its Airversa brand, which specialises in creating air treatment products that improve the quality of the air we breathe. The smart air purifier takes advantage of Apple HomeKit with Thread Accessory Protocol.

Read more

IoT interoperability – Living the dream

Posted on: September 28, 2022

With the arrival of cost-effective Satellite IoT (SatIoT), Systems Integrators are rushing to meet the huge pent-up demand for global solutions that allow asset tracking across the 85% of the planet not covered by cellular networks. They are building fully connected IoT solutions, where mobile assets can be tracked as they move, connecting to an

Read more
FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more

What is IoT?

Posted on: July 7, 2019

What is IoT Data as a new oil IoT connectivity What is IoT video So what’s IoT? The phrase ‘Internet of Things’ (IoT) is officially everywhere. It constantly shows up in my Google news feed, the weekend tech supplements are waxing lyrical about it and the volume of marketing emails I receive advertising ‘smart, connected

Read more
IoT Newsletter

Join the IoT Now online community for FREE, to receive: Exclusive offers for entry to all the IoT events that matter, round the world

Free access to a huge selection of the latest IoT analyst reports and industry whitepapers

The latest IoT news, as it breaks, to your inbox