Thermostat Hacking Heats Up

Wednesday, August 13, 2014 @ 02:08 PM gHale

With a cunning hacker, smart thermostats could end up being a spying device.

As it turns out, it only takes a USB flash drive with malicious software and 15 seconds of physical access to the device to compromise a smart thermostat manufactured by Nest, researchers said at the Black Hat USA 2014 conference in Las Vegas last week.

Black Hat: Securing Automobiles
Black Hat: Govt. ICS Attacks
Black Hat: ICS Vendors Need to Test for Security
Black Hat: A Security Plan

When Google purchased home automation company Nest earlier this year, folks voiced privacy concerns regarding the increased scope of Google’s data mining via Nest’s smart thermostats and smoke detectors.

Independent researcher Daniel Buentello, and researchers Yier Jin and Grant Hernandez of the University of Central Florida, found the OS level security checks that should prevent the installation of malware on the device can end up easily bypassed.

Nest has done a good job securing the device’s wireless communications, researchers said, but its USB port is a definite way in. Researchers showed by holding down the device’s power button, which allowed them to override the security checks (firmware signing) and upload custom malicious firmware on the thermostat.

“With Internet access, the Nest could now become a beachhead for an external attacker,” they said in a published report. “The Nest thermostat is aware of when you are home and when you are on vacation, meaning a compromise of the Nest would allow remote attackers to learn the schedule of users. Furthermore, saved data, including WiFi credentials, would now become available to attackers.”

A controlled thermostat can connect to any other device connected to the Internet, so creating thermostat-based botnets could become a reality. The attackers can use them to send out spam, but could also learn when the inhabitants are at home and when not, and then monetize that information either by acting on it themselves or selling it to others.

“The more convenient or smart something is, the less secure it is,” said Buentello, adding all manufacturers of “Internet of Things” devices should consider security paramount and work hard to achieve it now, before the use of these devices escalates.

Leave a Reply

You must be logged in to post a comment.