Belkin WeMo smart home networks in danger of hacks

February 19, 2014 – 5:20 AM

Smart home networks are rapidly gaining popularity, but some security experts worry that not enough encryption controls are coming with the products.

Security firm IOActive released an advisory (PDF) on Tuesday saying more than half a million Belkin WeMo devices are susceptible to widespread hacks. The firm uncovered several vulnerabilities in these devices, which would let hackers gain access to home networks and remotely control Internet-connected appliances.

The hacks could range from a mean-spirited prank to actually posing a danger. For example, they could be as benign as turning someone’s house lights on-and-off to something dangerous like getting a fire started.

Many of Belkin’s WeMo home automation products let users build their own smart home solutions by adding Internet connectivity to any device — like sprinkler systems, thermostats, and antennas. Once connected, users can control their appliances with a smartphone from anywhere in the world.

However, hackers could also get into these networks, warns IOActive. The vulnerabilities found by the firm would let hackers remotely control and monitor home networks, along with perform malicious firmware updates and gain access to other devices, like laptops and smartphones.

According to IOActive, the vulnerabilities would let hackers impersonate Belkin’s encryption keys and cloud services to “push malicious firmware updates and capture credentials at the same time.”

Source:
http://news.cnet.com/8301-1009_3-57619082-83/belkin-wemo-smart-home-networks-in-danger-of-hacks/