Home Smart homes more hackable with weak IoT security

Smart homes more hackable with weak IoT security

Smart homes’ connected technologies are leaving homeowners vulnerable to data and privacy theft, according to a new study that examined several common IoT consumer devices.

IoTTech News reports that research by Romanian internet security software maker Bitdefender identified four common IoT products that were susceptible to cyber attack: WeMo switch, LinkHub, LIFX Bulb and the MUZO Cobblestone audio receiver.

Bitdefender undertook the study as IoT smart home systems proliferate globally, making them more subject to hackers’ attention. It examined how these devices communicated with its mobile app, as well as how they connected the cloud and the Internet more broadly. The research recommended that manufacturers need to take greater steps to prevent sensitive data from being overheard as the increasing array of devices communicate with each other.

Smart homes are vulnerable today

Though not one of the devices in this report, at a recent conference university researchers easily showed how one of the most popular smart home devices, the Nest thermostat, can be hacked especially with physical access to the device. In under 15 seconds, bad guys could remove the Nest from its mount, plug in a USB cable, and back-door the device without the owner’s knowledge. The hacked Nest can then be used to spy on the household or serve as a platform to attack other networked devices.

“IoT vendors need to prioritize security before their devices become hugely popular, leaving millions of people at risk from cyberattacks,” said Bitdefender malware researcher Radu Basaraba.

“The IoT opens a completely new dimension to security where the Internet meets the physical world,” he said. “If projections of a hyper-connected world become reality and manufacturers don’t bake security into their products, consequences can becoming life-threatening.”

For the Bitdefender report, the research found that hackers could use the LIFX Bulb to reroute users to a fake hotspot while the LinkHub smart lighting system was sending unencrypted data. The WeMo remote switch was made vulnerable by weak access point authentication, and the MUZO receiver suffered from weak initial credentials that left the device open to hacking.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.