Two reports recently resurfaced – one online and the other on national television – that cited potential vulnerabilities of wireless intrusion door contacts and window sensors, devices commonly used to secure the perimeter of protected premises.
These reports came after two independent researchers who work in the industry, but announced their findings independent of their positions, cited that alarm signals from sensors and detectors to the control panel could be subverted to “suppress the alarms or create multiple false alarms that would render them unreliable.” False alarms were initiated using a hacking tool some 250 yards from the system, but the actual disabling of the alarm required a closer action about 10 feet from the home.
The report indicated that intruders could walk to a door, suppress the alarm and conduct their activity without alarm notification. The problem occurs with the signals emanating between the door and window sensors to the control panel. According to the researchers, the signal is not encrypted or authenticated, making it easy for someone to intercept the data, decipher the commands/codes and play them back to control panels at will. Other potential problems uncovered included the ability to jam signals and intercept communications, thus rendering the system unresponsive.
This type of signaling is separate from the home’s Internet connection via a wireless network. According to the Electronic Security Association, it’s paramount for homeowners to secure their WiFi network with encryption such as strong passwords and other measures.
While the possibility of these types of risks may be remote, it’s certainly something for the alarm industry to consider and investigate further, especially as wireless systems become more commonplace, says Steven Paley, President and CEO of Rapid Security Solutions LLC, Sarasota, Fla. Paley is the President of the Electronic Security Association of Florida and holds numerous committee positions with the national ESA.
"If the manufacturer offers
“Anything is possible,” Paley says. “With one of the providers I use, the keypad isn’t wireless and the system runs over GSM radio. So if someone hacks into the log-on or the system, it goes to their hosted server. It’s certainly more advantageous for dealers and installersto use wireless, and more practical in many instances depending on the nature of the premises. But if someone can disable the system and create a security breach, the obvious solution is for the dealer to avoid installing those devices.”Paley says it’s up to manufacturers to provide remedy so signals from their devices can’t be hacked or intercepted. “If it’s an add-on module that can do this, then it becomes the role of the systems integrator to deploy it. But it’s incumbent upon those manufacturing hardware to put in some safeguards, and the onus shouldn’t be on the dealer. If the manufacturer offers authentication and anti-hacking in the product, then it’s up to the dealer to use those safeguards, but they need the tools to do that.”
Paley says he believes the risks of this type of compromise are low, but it’s something that needs to be assessed on a case-by-case basis for each customer. “I don’t know of any instance of these breaches occurring, but you have to understand the risks and weigh those for each customer.”
He says the issue has been illuminated, and the industry needs to become better educated on the situation. “I suspect if you could hack in and get control of the keypad, then that’s a problem, but we need to know more. It’s on us to investigate it. Security dealers are on the front lines, not the manufacturers, but what I can say is that the first company that develops something to prevent that type of compromise is the one I’m going with.”
Seems this also makes another case for video verification of alarms.