Technology is in an interesting time when the rise of home automation and the Smart Home is being exacerbated by a plethora of consumer electronic vendors and start-up companies entering the market in order to grab a piece of the pie.
ABI Research forecasts that by 2020, there will be 360 million Smart Home device shipments. However, in the rush to get products to market, major security flaws are going unanswered, leaving products bug-ridden and vulnerable. ABI says ignoring cybersecurity at the design level leaves homeowners with the possibility of malicious threats coming to their door.
“We see an alarming increase in ransomware in smart TVs and IP cameras, code injection attacks, evidence of zero-day threats, and password eavesdropping for smart locks and connected devices,” says Dimitrios Pavlakis, industry analyst at ABI Research. “The current state of security in the Smart Home ecosystem is woefully inadequate. Smart Home device vendors need to start implementing cybersecurity mechanisms at the design stage of their products.”
ABI Research points to numerous attacks on Smart Home communication technologies, including ZigBee, Z-Wave and Wi-Fi. Consumer electronics vendors are selling smart locks that are easy to tamper with, sensor systems that can be hacked and other products with software vulnerabilities. This could allow intruders to determine when a homeowner leaves the house or to carry out distributed denial of service (DDos) attacks. Other situations could include the stealing of data, stealing personal information or forcing appliances offline in exchange for a ransom.
ABI Research’s findings echo those of the Online Trust Alliance, which recently reported its own findings regarding Smart Home security issues, many of which could have been avoided if cybersecurity was more of a focus at the design level (Read: Smart Home Security an Afterthought to Developers).
ABI Research agrees that more consideration about security at the design stage could help avoid future problems and increase a product’s lifespan. Luckily some vendors such as Amazon, Apple, Google, Samsung and Philips are now including security in the project-design phase, using encryption key management and placing limitations on communication protocols. But others need to get on board in order to make the home a secure and safe place for these technological innovations.
To contact the author of this article, email engineering360editors@ihs.com