Smart Doorbell Disaster, Many Brands Vulnerable to Attack
Doorbells that have been created to allow homeowners to see and protect themselves from unwanted visitors can potentially cause more security issues than they protect from. Last week, the NCC group published a report assessing smart doorbell models made by Victure, Qihoo, and Accfly, and three other vendors. The report shows issues with developing secure devices and that there are devices being sold and issued with many vulnerabilities.
There are features that could be exploited by hackers and there are issues with the communication and safety of the mobile app features that connect to the doorbell. Encryption is essential to protect sensitive information including usernames and passwords which can be found in data communication between the devices. In addition, there were also issues discovered with the hardware physically attaching the doorbell to the house which allows the doorbell to be easily removed. Notably, Ring Video Doorbell and Nest were not in the report, yet clones and different vendors of the smart doorbells were addressed.