SimpliSafe DIY Home Security System ‘Inherently Insecure’ and Prone to Hacking, Report Finds
IOActive was able to infiltrate and disarm the security system, as well as listen in on radio traffic.
A “critical” security vulnerability has been found in the DIY wireless home security system SimpliSafe, IOActive has learned after hacking the system.
IOActive’s Andrew Zonenberg conducted the test and was able to disarm the system and listen in on radio traffic by capturing PIN entries.
Zonenberg says SimpliSafe consumers need to know the product is “inherently insecure and vulnerable to even a low-level attacker.”
“This simple vulnerability is particularly alarming because: 1. It exists within a security product that is trusted to secure over a million homes; 2. It enables an attacker to completely own the system; and 3. Many unsuspecting consumers prominently display window and yard signs promoting their use of this system, essentially self-identifying their home as a viable target for an attacker,” writes Zonenberg.
Threat Post reports SimpliSafe told customers about the security vulnerability on Wednesday, saying there was an extremely low probability of a hacker exploiting the security flaw. However, they told customers to keep an eye out for unexpected disarming of their home security system.
For the entire test report, check back with IOActive and watch the video below to see Zonenberg disarm the home security system.
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!