With CES this week, the connected home and future of what our homes will look like will take centre stage. Analysts project that 10 billion devices will be connected to both home and increasingly government and enterprise networks in 2016.
[su_note note_color=”#ffffcc” text_color=”#00000″]Phil Bosco, Security Consultant at Rapid7 :
Phil and his team discovered that by causing a failure condition in the 2.4 GHz radio frequency band, the security system does not fail closed with an assumption that an attack is underway. Instead, the system fails open, and the security system continues to report that, “All sensors are in-tact and all doors are closed. No motion is detected.” Rapid7 has determined that there are any number of techniques that could be used to cause interference or de-authentication of the underlying ZigBee-based communications protocol, such as commodity radio jamming equipment and software-based de-authentication attacks on the ZigBee protocol itself.
There does not appear to be a limit to the duration of the failure in order to trigger a warning or other alert. In addition, when Bosco demonstrated the issue, he determined that the amount of time it takes for the sensor to re-establish communications with the base station and correctly report is in an open state can range from several minutes to up to three hours.
At this time, Rapid7 has determined that there are no practical mitigations to this issue. A software/firmware update appears to be required in order for the base station to determine how much and how long a radio failure condition should be tolerated and how quickly sensors can re-establish communications with the base station.[/su_note]
Additional information about this disclosure can be found HERE.
[su_box title=”About Rapid7″ style=”noise” box_color=”#336588″]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.