DIY security: are smart security systems still vulnerable to hackers?
DIY security: are smart security systems still vulnerable to hackers?
After years of warnings about the dangers of cheap, off-the-shelf security systems the government has finally acted to address the issue. But do their measures go far enough? And how can you be sure that your own system doesn’t fall prey to hackers?
You might be tempted to buy a cheap DIY security system online and install it yourself. After all, everyone likes to save a few pounds where they can.
But doing so could prove far worse than just a false economy. What you save initially in cost, could come back to bite you – and mean you have to spend far more on repairing the damage in the long run.
We’re talking about smart DIY alarms and wireless security cameras that are likely to be inferior quality, also they could have security vulnerabilities. Why? Because they’re susceptible to hackers and snoopers. People who want to invade your privacy, steal your data, possessions and cash.
Common vulnerabilities
You don’t have to search the news for long before you see the evidence.
A recent investigation* by Which? highlighted that more than 100,000 indoor wireless security cameras - popular brands being sold on online marketplaces like Amazon and eBay - had critical security flaws in their CamHi app which put them at risk of hacking. The vulnerabilities provide the perfect opportunity for someone to spy on your business or home.
These are more than just scare stories. At ADT we’ve been warning about the dangers of DIY security systems for years. So it’s good to see it finally being acted on now.
The new proposals
In July the government published proposals for a new law to help protect smart device users from cyber criminals by raising the security standard for all smart products sold in the UK**.
The three new requirements are:
- Device passwords must be unique and not resettable to any universal factory setting.
- Manufacturers must provide a public point of contact so anyone can report a vulnerability.
- Information stating the minimum length of time for which the device will receive security updates must be provided to customers.
This is obviously a fantastic first step. Increasing the security for smart cameras, speakers and kitchen appliances in theory makes the UK a much safer place to be online.
But do these changes go far enough? Our experts don’t think so.
Our view
An ADT spokesperson said, “Accredited companies such as ADT will adhere to these requirements, but it’s likely that non-accredited installers and suppliers will not. Products sold into the DIY marketplace will be difficult for the UK government to monitor and enforce.
Whilst it’s good that the vulnerability of some products has been recognised, especially when fitted by someone who’s not qualified, how can the government enforce the new requirements on products sold online from foreign suppliers?”
Tougher, and more robust
So what else can be done? At the moment only around 13% of smart devices come with even the most basic of cyber security features***. We need even tougher laws to ensure that our products are more robust when it comes to privacy.
But in the meantime, there’s a lot to be said for using an industry-leading security firm.
“ADT provides assurance that your security system will be professionally installed and have built-in defences to combat criminal hackers. As a global company we’re able to perform penetration tests and evaluations on all the smart products we offer. It’s our reputation on-the-line so we take it very seriously.”
Leave it to the experts
With cases where your home network is in danger from hackers – where both your data and hard-earned money is at stake – it’s best to leave it to the experts.
Of the three new requirements listed above, ADT already provides the first two as standard. And because we do regular maintenance of your system, we can provide further assurance that your smart product has the latest security updates installed. That’s the third.
Add to this NSI Gold Accreditation across all our services, bank-level encryption in all our cameras, and remote engineering that means if something does go wrong we can fix it without sending out an engineer in 80% of cases, and you can see the true benefits of having a professionally installed system.
If you’re considering a wireless security camera or connected smart device, get in touch with us today.
** https://www.gov.uk/government/news/government-advances-plans-to-boost-security-of-smart-products