EXECUTIVE SUMMARY:

Wireless-connected ‘smart’ doorbells have become a favorite among homeowners and renters alike. They can increase home security, enable individuals to check on mail deliveries, and help determine who’s at the door. As the holiday season approaches, an increasing number of consumers are seeking out smart doorbells as gifts for family and friends.

How secure are smart doorbells? 

Recent findings by UK-based security company NCC Group and consumer advocacy organizations suggest that consumers should take a closer look at the security features of these devices. NCC Group-Which? found a total of 11 vulnerabilities in the smart doorbells being sold through popular platforms such as eBay and Amazon.

What are the most significant security concerns? 

  • The largest concerns stem from the fact that smart doorbells are commonly sold by obscure vendors via third-party sites.
  • Researchers found that some of the devices were storing sensitive data on insecure servers.
  • Security flaws could allow remote attackers to break into the connected wireless network through stolen login credentials.
  • A critical bug could allow attackers to intercept and manipulate data on the network.

While Amazon and eBay monitor the products sold on their sites, their security standards fall short of researchers’ expectations. Last year, Amazon’s popular Ring doorbell attracted concern from US lawmakers.

Smart doorbell devices could leave consumers vulnerable to cyber intrusions on their home devices and networks. These recent findings serve to remind holiday shoppers of the vigilance required when shopping for devices.

To learn more about potential vulnerabilities in smart doorbells, see this article by CyberScoop.