Unsecured automated homes provide an easy access to data about home owners and could be used by burglars seeking access to properties, German researchers have found.
In a series of experiments, IT security experts from the University of Saarland proved that eavesdropping on wireless home automation systems doesn’t require extensive knowledge of the system and could be easily carried out by a determined attacker equipped with a simple PC.
‘Non-encrypted systems provide large quantities of data to anyone determined enough to access the data, and the attacker requires no prior knowledge about the system, nor about the user being spied on,’ said Professor Christop Sorge, who led the Saarland University team.
‘The data acquired by the attacker can be analysed to extract system commands and status messages, items which reveal a lot about the inhabitants’ behaviour and habits.”
Using the data extracted from a home automation system installed in a house of two volunteers, the researchers were able to determine absence times and identify home ventilation and heating patterns. Such information would be enough for an unscrupulous burglar to determine the best time to break into a house.
Read more: http://eandt.theiet.org/news/2014/jul/home-automation-system-hacking.cfm