Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Hacking and attacking automated homes

Ms Smith (via Networkworld) | June 26, 2013
Do you have an automated home system, a 'smart' house? At Black Hat USA 2013 and Def Con 21, there will be several presentations about attacking the automated house, including automated homes using the Z-Wave wireless protocol.

That's about to change. At Black Hat USA 2013Behrang Fouladi and Sahand Ghanoun will present "Honey, I'm home!! - Hacking Z-Wave Home Automation Systems."

Home automation systems provide a centralized control and monitoring function for heating, ventilation and air conditioning (HVAC), lighting and physical security systems. The central control panel and various household devices such as security sensors and alarm systems are connected with each other to form a mesh network over wireless or wired communication links and act as a "smart home". As you arrive home, the system can automatically open the garage door, unlock the front door and disable the alarm, light the downstairs, and turn on the TV.

Among other things, the hacking Z-Wave synopsis adds, "Zigbee and Z-wave wireless communication protocols are the most common used RF technology in home automation systems...Z-wave is a proprietary wireless protocol that works in the Industrial, Scientific and Medical radio band (ISM). It transmits on the 868.42 MHz (Europe) and 908.42MHz (United States) frequencies designed for low-bandwidth data communications in embedded devices such as security sensors, alarms and home automation control panels.... Z-wave chips have 128-bit AES crypto engines, which are used by access control systems, such as door locks, for authenticated packet encryption. An open source implementation of the Z-wave protocol stack, openzwave, is available but it does not support the encryption part as of yet. Our talk will show how the Z-Wave protocol can be subjected to attacks."

Then there is "Home Invasion v2.0 - Attacking Network-Controlled Hardware" that will be presented by Daniel CrowleyDavid Bryan and Jennifer Savage at Black Hat and also atDef Con 21. The synopsis states:

A growing trend in electronics is to have them integrate with your home network in order to provide potentially useful features like automatic updates or to extend the usefulness of existing technologies such as door locks you can open and close from anywhere in the world. What this means for us as security professionals or even just as people living in a world of network-connected devices is that being compromised poses greater risk than before.

Once upon a time, a compromise only meant your data was out of your control. Today, it can enable control over the physical world resulting in discomfort, covert audio/video surveillance, physical access or even personal harm. If your door lock or space heater are compromised, you're going to have a very bad day. This talk will discuss the potential risks posed by network-attached devices and even demonstrate new attacks against products on the market today.

 "Let's get physical: Breaking home security systems and bypassing buildings controls" will also be presented at Black Hat by Drew Porter and Stephen Smith. It is described as:

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.