How to Protect Wireless Intrusion Systems From Cyber Threats

The benefits of wireless systems are well known. But how can security pros arm security systems against attacks via the Internet of Things?

TODAY, wireless intrusion systems and IoT (Internet of Things) are tied together so that what affects the one is almost sure to influence the other. This fact came to light in 2014 when Hewlett Packard Enterprise (HPE) conducted a study that revealed that 70% of IoT devices are vulnerable to attack. The concern then, as now, involves the fact that the majority of today’s intrusion systems are Internet connected.

A second HPE study, conducted in 2015, revealed even more perplexing news on the security of security: “The simplicity and convenience of home security systems is unquestionable, especially with their remote monitoring capabilities. But do these smart security devices actually make our homes safer or put them more at risk by providing easier electronic access via an (insecure) IoT device?”

In other words, by ignoring the little things, we jeopardize the bigger ones. This same concern also applies to commercial systems, although to a lesser degree. Just ahead, we’ll explore this and other wireless security matters such as encryption, provide practical ideas on how security professionals can minimize inherent risks and see what some manufacturers are doing to mitigate these issues.

Protecting Traditional Wireless Connection
Several years ago a story hit the news where two computer code-savvy IT professionals were able to hack a popular brand of alarm panel, disarming the system by recording and retransmitting the various radio frequency (RF) signals to the alarm system. Of special concern was the user keyfobs that arm and disarm the system. The issue also centered on the use of an unencrypted RF technology.

Although there is no perfect security system, signal encryption at this level helps assure the bad guys will fail at the task of signal interception. Experienced security professionals should look for systems that provide secure signal transmission centering on encrypted data.

“Two researchers say that top-selling home alarm setups can be easily subverted to either suppress the alarms or create multiple false alarms that would render them unreliable. False alarms could be set off using a simple tool from up to 250 yards away, though disabling the alarm would require closer proximity of about 10 feet from the home,” wrote Kim Zetter in the July 2014 WIRED article, “How Thieves Can Hack and Disable Your Home Alarm System.”

The first part of this issue, which involves unencrypted radio signals, has been addressed by several security system manufacturers since this story hit the Internet in 2014. One method is to change the keyfob arm/disarm code each time it’s used, something that garage door radio control manufacturers have been doing for some time.

“Bosch control panels support multiple wireless platforms, including Bosch RADION, as well as Inovonics Echo-Stream. RADION utilizes synchronized encryption for keyfob communications, which provides increased immunity to replay attacks for more reliable system security,” says Tom Mechler, application design manager with Bosch of Fairport, N.Y.

Although there is no perfect security system, signal encryption at this level helps assure the bad guys will fail at the task of signal interception. New security companies as well as experienced professionals searching for something a step above the traditional should look for systems that provide secure signal transmission centering on encrypted data.


Read Next: Security Systems Integrators Are Missing the Boat on Interoperability


“In addition to encrypting the transmission, the system and keyfob also maintain synchronization. Every time a keyfob button is pressed, it increments the code. Similar to traditional rolling code schemes, it uses an incremented code for its next transmission. The receiver knows to look for this incremented code and will not accept messages that do not match. This thwarts attempts to record and replay the transmission. By combining synchronization and encryption, the Bosch RADION platform provides reliable, secure system operation,” says Mechler.

Security dealers should select a wireless alarm system that clearly makes use of rolling codes, encryption or spread spectrum technologies.

The second method of dealing with vulnerable radio signals is to use spread spectrum technology. In this case, radio transmitters basically transmit data over multiple frequencies in such a manner that interception is extremely difficult if not impossible. The other part of the spread spectrum solution is it effectively stops high-tech criminals who attempt to jam the wireless receiver by sending out a radio signal on the same frequency the system uses.

“DMP’s 900MHz two-way wireless technology has proven very solid and reliable, because of its frequency-hopping spread spectrum technology and acknowledgement for every message, it’s difficult to intercept or tamper with,” says Mark Hillenburg, executive director of marketing with DMP of Springfield, Mo. “The wireless communication is hopping randomly over 53 channels every 32 milliseconds, based on a unique code that changes for each system. Any interference or collision in a single fragment of a message results in a retry of that message fragment on another channel. This has met the most stringent UL anti-jamming requirements, and has proven completely reliable gaining UL commercial fire listings and widespread adoption among discerning dealers.”

The takeaway from this for security dealers is to do your homework and select a wireless alarm system that clearly makes use of rolling codes, encryption or spread spectrum technologies.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author

Contact:

Al Colombo is a long-time trade journalist and professional in the security and life-safety markets. His work includes more than 40 years in security and life-safety as an installer, salesman, service tech, trade journalist, project manager,and an operations manager. You can contact Colombo through TpromoCom, a consultancy agency based in Canton, Ohio, by emailing [email protected], call 330-956-9003, visit www.Tpromo.Com.

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Get Our Newsletters