This Wireless Home Alarm Can Be Hacked
SimpliSafe’s wireless home alarms are susceptible to being hacked. According to Andrew Zonenberg at IOActive, a potential attacker can intercept the radio signals between the alarm’s keypad and base station and record the correct pin number for the system. At a later time, they can replay this recorded signal to break into the system and turn off the alarm. He writes, “Countless movies feature hackers remotely turning off security systems in order to infiltrate buildings without being noticed. But how realistic are these depictions?”
As of last summer, SimpliSafe wireless alarms were used to secure at least 300,000 homes in the United States. The Boston company sells security systems that users can install themselves starting at $200. The company differentiates itself with lower prices, a self-installation option, and the ability to forego subscription fees for a central monitoring service. The alarm system can be monitored by the homeowners themselves using a mobile device. As the company continued to grow based on positive reviews from the New York Times, NBC, and Fox News, the units started being sold by Walmart and Best Buy. The number of users has likely surpassed 300,000.
Zonenberg was able to intercept the home alarm signal because the unit’s radio interface is not encrypted, allowing transmissions between the wireless keypad and base station to be recorded. Once they are recorded, an attacker can re-play the signal to turn off the alarm at a future time. Such an attack cannot be performed over the internet, as it requires physical proximity to the target system: an attacker would have to hide the recording device within about a hundred feet of the keypad until the pin code signal has been recorded.
Zonenberg has repeatedly approached the company regarding the vulnerability since October 2015 and did not receive a response. He points out that many SimpliSafe customers have prominent window and yard displays promoting their use of the alarm system, identifying their home as a potential target.