Researchers Sound The Alarm On Smart Home Hub Security Vulnerabilities

Researchers Sound The Alarm On Smart Home Hub Security Vulnerabilities
Story by Dave McQuilling • Wednesday
Comments

Smart devices can make life a lot easier. We may not have flying cars or robot butlers, but the ability to control electrical appliances throughout your home via an app or your voice is arguably the one sci-fi future prediction that we did get a functional version of. Unfortunately, it turns out your smart home does have its flaws, and those flaws could leave you vulnerable to attacks.


© RSplaneta/Shutterstock
A basic smart home isn't difficult or expensive to set up, and most people can live in one if they choose to. A smart speaker or hub like Amazon's Alexa isn't completely necessary, but people often center their smart home around one as it allows them to control other devices with voice commands. Other common smart devices people purchase include smart bulbs, smart plugs, thermostats, and cameras. Your smart home can even be used to start your car, provided you have a certain model or have a compatible remote starter retrofitted.

There are some downsides, and they do go beyond Alexa not understanding your slurred speech if you've had one too many to drink. In fact, there are some serious security concerns about smart homes and their abilities to fend off attacks.

One Study Shows A Type Of Smart Home Attack Could Be Up To 90% Effective
Smart home hacker trope
Smart home hacker trope
© Production Perig/Shutterstock
Researchers at the University of Georgia have used machine learning and AI to develop an app called ChatterHub, which is capable of tearing smart home security apart. The app mainly targets smart home hubs, which are often the center point of a smart home network and can be used to control most other devices. The information your hub and other devices send to each other is encrypted, but researchers discovered that they don't have to break that encryption to find out what the signals mean. Associate professor Kyu Lee explains that the team was "able to use machine learning technology to figure out what much of the activity is without even having to decrypt the information."