The purpose of a home security system is to make you safer. Sadly, it doesn’t always work out like that.
With more and more systems now offering a “smart” function – such as streaming surveillance video straight to your device, providing a way for you to manage your alarm system remotely, or allowing multiple users to access the control panel – the number of breach-able access points has multiplied exponentially.
The news is now littered with stories of “failed” home security systems. It’s a worrying problem; they can cost homeowners their money, their health, and their sanity.
Here we take a look at some of the most notable home security hacks – exploring what happened and why it happened…
In the autumn of 2013 Washington state resident Leena Rawat and her family bought a new home that came without an alarm system. Being security-conscious homeowners, they immediately went out and bought one – opting for Comcast’s “intruder proof” XFINITY Home package.
The system is supposedly part of Comcast’s wider smart home offering, which allows users to control connected devices from a smart phone app. The home security system can send you real-time alerts when doors and windows are opened, can stream live video from inside or outside your home, and can even incorporate existing equipment.
The package isn’t cheap. Basic fees are $30-$40 per month, and the early cancellation fee is an eye-watering $770.
Fast forward 12 months and their new family home turned into a house of horrors. Intruders broke in through the basement window, and no alarm was raised by the system. They attacked Leena’s 18-year-old son whilst he slept, leaving him with life-threatening injuries.
Subsequent investigations discovered that Comcast didn’t install motion detectors on the basement window, but still signed off the system as secure. Comcast have a contract clause that waives them of any responsibility – but the Rawats are currently testing that in the courts.
This is far from the only Comcast catastrophe; in the middle of last year a Houston family discovered their Comcast alarm system hadn’t been operational since 2007 – even though they’d been paying for it. Comcast’s response? A $20 gift certificate.
The Lesson to Learn
Don’t trust Comcast seems the most obvious takeaway…
On a more serious note, this could happen to anyone. Whether you’ve done a DIY installation, contracted a professional security firm, or hired an ISP, mistakes can happen and threats can be overlooked.
Once the installation of the home security system is complete you need to test, retest, and test again. Check every window and every door and make sure the alarm sounds when it’s breached. Thereafter check your system at least once a month – you should check it with the same regularity as you test batteries in your smoke detectors.
Hacked Security Cameras
The home security camera market is exploding, and it’s giving rise to a number of lucrative security loopholes for criminals. Evidence suggests that everything from laptop webcams to home CCTV circuits and smart baby monitors to intruder alert systems have been compromised.
The problem arises because so many of the devices are configured insecurely due to the manufacturer defaults, and the owners never bother to change them.
For example, in late-2014 a Russian website was found hosting hundreds of feeds of live footage from inside UK homes and businesses; it had hacked the aforementioned devices. The website’s owner claimed he was merely proving a point by using the default login credentials for the hacked cameras – credentials that are widely available online.
At the time, the UK’s Information Commissioner’s Office said there were at least 35,000 exposed devices sold in the country in the previous 12 months.
It could easily become a huge problem. Aside from the creepy nature of someone on the other side of the world watching your every move, think how much personal information is visible in your home. Bank cards, driving licenses, and passports could all be lying around, a camera that’s facing your computer could reveal confidential login data and passwords, and a would-be burglar can get an easy overview of your daily routine, knowing exactly when to target your property for maximum effect.
The Lesson to Learn
You have to take responsibility for your own security. Always delve into the settings of a new system when you install it – even for something that seems as insignificant as a smart baby monitor. Failure to do so could make your home more insecure than if you didn’t buy the system in the first place.
If in doubt about how to edit settings, call the manufacturer’s customer hotline. Alternatively, you could even ask one of our very own experts!
Disabled Wireless Alarms
On the surface, wireless alarms as part of a home security system seem like a great idea. They are free of the usual risks that go hand-in-hand with wired systems (such as cut telephone lines and cut alarm lines), they can be easily installed and aren’t constrained by wiring considerations. They can be easily expanded, and they can be packed up and moved if you buy a new home.
However, there are still some inherent hazards to consider.
Even though the devices aren’t connected to the Internet, they are not safe from hackers. Logan Lamb, a security researcher at Oak Ridge National Lab, conducted his own private research last summer and found that several of the top manufacturers – including companies that sell systems in the US – can be easily compromised.
The vulnerabilities arise from all wireless alarm systems’ reliance on radio frequency signals to communicate between the sensors and the central control system.
This leads to two main problems. Firstly, because the systems failed to encrypt or authenticate the signals, anyone could intercept and decipher them and then play them to the control system as they pleased. Secondly, the signals could be jammed to prevent them from triggering an alarm.
Lamb claimed he could intercept signals and communicate with the central control system with his own $1,700 software defined radio (SDR) device from a range of 250 meters, and that he could jam the signals from about 10 meters.
He went on to claim that even though a cheap Realtek SDR device ($10 on Amazon) couldn’t send signals, it could still receive them and thus give a burglar a clear idea of when a window was left open or where in the house an occupant was at any given moment.
The Lesson to Learn
There isn’t really a clear winner in the wired alarm vs wireless alarm debate. Both have their own pros and cons. What’s important is that you shouldn’t just install one home security system and assume that you are covered.
Every system has its weak points, so protect against those weak points by installing secondary systems. Even the more traditional methods of protection, such as putting bars over your windows or buying motion-sensitive outside lights, can be enough of a deterrent when used in conjunction with a good alarm system.
What Lessons Can You Share?
Have you been caught out by your home security system? Were you the victim of a crime that arose from a flaw in your set-up? Perhaps you experience the opposite, and your system saved you from some potentially nasty consequences?
Whatever your story, we’d love to hear it. You can let us know your thoughts and feedback in the comments section below.
Image Credit: Hacking Computers by Andrey_Popov via Shutterstock