In our homes we have more and more devices connected to the Internet, also home automation and IoT devices. Devices with the passage of time evolve and add new functionalities. An example could be the smart plug, which has added new options such as the scheduler to consume less energy, and in addition, some models can offer us our consumption in real time. Today our protagonist are the locks that have gone through many changes and technological advances. Security is a growing concern for homeowners and they can choose from a variety of lock types. In this article we are going to talk about smart locks, how they can be hacked and if they are safe.
Smart or traditional locks
Smart locks are designed with the convenience of users in mind. In that respect, the idea that we have to carry a key or remember a code is obsolete. Nowadays people prefer to use their smartphones as keys. That’s why smart lock technology was created, however keep in mind that this doesn’t make them better, it just makes them more convenient.
The problem with these smart locks is that they use technology to connect to our home via WiFi. In this aspect, we must understand how they work and know their vulnerabilities against certain types of attacks, since it can largely determine the security of our home.
An important point is that these smart locks are not 100% secure, but they can be better than traditional locks. That means that if we opt for one of these new locks we will have to choose a quality one, because not all of them are the same. You may be interested in protecting your smart home from attacks.
how can they be hacked
One of the procedures that they can use to hack our smart locks is the bluetooth tracking. The main communication protocol for many locks of this type is Bluetooth, for which you can use from very simple tools to the most advanced technology designed specifically for this purpose. Another thing to keep in mind is that Bluetooth is a short-range communication protocol, which means that whoever wants to hack our lock has to be physically quite close to it.
In 2016, security researcher Anthony Rose and Ben Ramsay discovered a bug in the Bluetooth authentication protocol used by a large number of smart locks. Currently, it is already fixed but that does not mean that new vulnerabilities can be found in the future.
Another option is by violation of our Wi-Fi network since through it they could access our smart lock. An example of this attack was reported by Bitdefender, which reported one such case regarding August Smart Lock as it did not have strong authentication. Also, as in the previous case, the thieves have to be close to our wireless network.
An outdated firmware or lock application used to control them can be a starting point for hacking. In the case of companion applications, it may be because they are not compatible with the latest firmware updates. On the other hand, in the case of firmware, they can take advantage of vulnerabilities already found to open our smart locks.
What should we take into account when buying a
Smart locks are usually more secure than traditional ones, however, they are still vulnerable as we have seen before. This does not mean that we do not buy a lock of this type, it only means that when buying one we have to look at new aspects.
In this aspect, when making your purchase, we must pay attention to whether it meets these characteristics:
- Be from a recognized brandperhaps we can find cheaper ones but they are not worth it, because they may have fewer security protocols and be easier to hack.
- Update the firmware as soon as possibleIn addition, if we have bought a prestigious brand, it will receive more updates and will have more years of support.
- has to have minimum 128-bit AES encryption to ensure our safety.
- Supports two-factor authentication. Even if they get our password, they will need a second step to access our lock.
- have a ANSI grade rating of at least 1.
In short, smart locks can be very convenient and secure, as long as we buy a good quality one that meets the above requirements.