If You Use This Popular Security System, Replace It Immediately
Recently discovered vulnerabilities have gone unfixed by the manufacturer.
Your home should always be a comforting and inviting space for you and your loved ones, but it should also be the place where you feel most safe. Fortunately, over the past decade, new technology has made it easier than ever to set up protection with easily installed cameras, smart locks, and monitors that can even allow you to keep an eye on your property from afar. But if you happen to own one popular home security system, two recently discovered vulnerabilities may be putting you at risk. Read on to see which product you may want to replace for safety's sake.
The Fortress S03 security system has two major vulnerabilities that could be putting you at risk.
If your home is equipped with the Fortress S03 security system, you may inadvertently be putting your safety at risk. According to cybersecurity company Rapid7, a pair of major vulnerabilities makes it possible for potential intruders to disarm the system using relatively simple tactics.
The company says it first discovered the security lapses three months ago and reached out to Fortress about the potential risks, TechCrunch reports. Rapid7 publicly released information on the vulnerabilities after Fortress failed to respond to messages and saw the only acknowledgment of outreach was to close a support ticket without comment.
Cybersecurity experts say the security system can be disarmed by using a homeowner's email address.
According to Rapid7, the Fortress S03 system relies on a Wi-Fi connection to maintain its motion sensors, cameras, and sirens and allow customers to check on their homes from a mobile app. It also uses a radio-controlled fob key to turn the system on and off whenever coming or going from their property.
However, the cybersecurity company found that the system relies on an unauthenticated API, making it possible for hackers or criminals to gain access to specific devices' unique International Mobile Equipment Identity (IMEI) numbers simply by knowing the email address associated with an account. This then allows them to arm or disarm the system remotely, TechCrunch reports.
A vulnerability with fobs can also be exploited to disarm the system easily.
But a potential intruder may not even need to know your personal email address to gain access to your home. Rapid7 said it also found that the system's fobs operated by using unencrypted radio signals to arm and disarm it, making it relatively easy for someone to pick up the unscrambled frequencies and replay them to shut the system down.
While the process of snooping a radio frequency might sound lofty, one expert warns that it can be done relatively easily with the right know-how. "The attacker would need to be both reasonably conversant in SDR in order to capture and replay the signals and be within reasonable radio range," Tod Beardsley, director of research at Rapid7, told Threatpost. "What that range is would depend on the sensitivity of the gear being used, but typically this sort of eavesdropping requires line of sight and pretty close proximity—across the street or so."
For more helpful tech tips delivered straight to your inbox, sign up for our daily newsletter.
Using a designated email address could help keep you safe from someone accessing your devices.
Ultimately, experts say it's unlikely that a random intruder will be able to make use of the vulnerabilities in the system. "The likelihood of exploitation of these issues is pretty low," Beardsley told Threatpost. "An opportunistic home invader is not likely to be a cybersecurity expert, after all. However, I am concerned about a scenario where the attacker already knows the victim well, or at least, well enough to know their email address, which is all that is really required to disable these devices from over the internet."
Beardsley admits that "very little" can be done about the easily exploitable fobs except to avoid using products linked to Fortress. But there's still a way you can avoid having your system exploited by someone using your email address. "We suggest registering the device with a secret, one-time-use email address that can function as a sort of weak password," Beardsley told Threatpost. "Absent an authentication update from the vendor, I feel like this is an okay workaround."