Security within smart home devices is โwoefully inadequateโ, a new report has claimed, as manufacturers rush to release products at the cost of safety.
ABI Research said many products are hitting the market with โmajor security flaws [and]โฆriddled with bugs and unpatched vulnerabilitiesโ.
Protocols such as Wi-Fi, ZigBee and Z-Wave have been identified as particularly easy to hack, making the likes of smart locks and sensors at risk of break-ins, distributed denial of service attacks, ransomware and data theft.
Dimitrios Pavlakis, Industry Analyst at ABI Research, said: โWe see an alarming increase in ransomware in smart TVs and IP cameras, code injection attacks, evidence of zero-day threats, and password eavesdropping for smart locks and connected devices. The current state of security in the smart home ecosystem is woefully inadequate. Smart home device vendors need to start implementing cybersecurity mechanisms at the design stage of their products.โ
However, Pavlakis noted that vendors such as Amazon, Apple, Google, Samsung, and Philips are taking security more seriously by building security into devices at the product design phase, using encryption key management and adding limitations to communication protocols.
This week Deutsche Telekom said its Qivicon smart home platform would be integrated with Amazonโs Alexa smart speakers.
Earlier this month, O2 launched its smart home offering, comprising thermostats, smart plugs and presence sensors.
He added: โOEMs need to first think about security at the design stage and conduct risk assessments. The next step is to ensure that proper security testing happens before the product goes to market. OEMs then need to offer continuous security support over the course of the productโs lifespan. Without these basic measures, the eventual financial and reputational costs to OEMs will be high in the wake of malicious hacking of smart home products.โ