Ring, SimpliSafe, and Three Other DIY Home Security Systems Vulnerable to Hacking

If you’ve seen the latest Scream movie, you might be haunted by the scene of the killer disabling a home security system to get inside a victim’s house. (Warning: the trailer is chilling.) The portrayed attack method is highly unlikely to happen in real life, but the scary scene might make you wonder just how tamper-resistant your own home security system is. And that’s a legitimate concern.To get more news about security door sensors, you can visit securamsys.com official website.

In a series of new tests, Consumer Reports found that five popular DIY home security systems are relatively easy to jam. That means a burglar can use a laptop and a portable radio frequency (RF) transceiver to block the signals from door/window or motion sensors and enter a home without triggering the alarm. It’s worth noting that any wireless device can be jammed, but there are methods and technologies that make it harder to pull off.

The systems our testers were able to jam are the Abode Iota All-In-One Kit, Cove Home Security System, Eufy 5-Piece Home Alarm Kit, Ring Alarm Security Kit (2nd gen.), and SimpliSafe The Essentials SS3-01.
Two of those systems—Cove and Eufy—are also susceptible to replay disarm signal attacks, a more complicated attack where a hacker captures and records the disarm signal from a keyfob and later broadcasts it to disarm the security system, again using a laptop and an RF transceiver.

The tests were conducted as part of our first-ever digital privacy and security tests of DIY home security systems. The tests are done in CR’s Digital Lab, which evaluates a number of digital products and services for privacy and security. Our experts in the Digital Lab design our tests using The Digital Standard, an open-source set of criteria for evaluating digital products and services created by CR with other organizations, scoring these security systems on more than 70 factors.
Owners of these systems needn’t panic, however. “If you own one of these jammable systems, you don’t necessarily need to replace it since the problem is not that common right now,” says Fred Garcia, a test engineer for privacy and security at the Digital Lab. “But we do want consumers to be aware that this is possible, and if you are in the market now for a new system, we found options that are more resistant to this issue.”

Five other systems—Blue by ADT, Ecobee, Honeywell Home, Kangaroo, and Ooma—successfully resisted jamming and replay attacks using CR’s RF transceiver technique. These results demonstrate that it’s possible to create a system that is less susceptible to these relatively sophisticated attacks.

Read on for more details on our test results. And to see how each system performed in our jamming and replay disarm tests—as well as our data privacy, data security, and standard performance tests—check out our complete home security system ratings.
As shown in the demonstration video above, all a hacker/burglar needs to successfully jam a home security system is a laptop, an RF transceiver, and knowledge of the system being used in the person’s home. With those resources in hand, they can continuously drown out the signals from door/window or motion sensors and prevent the sensors from triggering the alarm while they enter, traverse through, and exit the home. As far as the system is concerned, no intruder is detected and the professional monitoring service wouldn’t dispatch the police.

For example, the SimpliSafe system rates Very Good even though it can be jammed, because it detects jamming after just a few seconds. The Abode system earns a Good rating because it detects jamming after about a minute. Both systems alert the user, but do not trigger the alarm.

Ring earns a Fair rating for jamming, while both Cove and Eufy earn Poor ratings. The five systems that we weren’t able to jam earn Excellent ratings. You can see these scores in our security system ratings under the jamming resistance column.
What the Manufacturers Say
Consumer Reports shared its findings with the five manufacturers and asked each if it would update its systems to prevent jamming. Only Eufy explicitly said it will fix the jamming issue (the company plans to release a software update in early April). Cove said it is considering moving to encrypted sensors for a future version of its system and has “been monitoring whether the cost and complexity is justified by the threat in the field.” Ring said it has “implemented safeguards in our Ring Alarm system to help address wireless signal jamming, and we will continue inventing ways to help protect our customers,” but did not get more specific.

SimpliSafe responded that it continually refines its jam detection algorithm and releases “security updates to safeguard our system against jamming vulnerabilities.” Abode pointed to the fact that it offers jam detection as a standard feature but did not address the jamming itself.

Manufacturers that don’t currently offer jamming detection were mixed on whether they would add it. Cove said it plans to add jam detection to its system next year, but likely as an optional feature. Eufy said it would not add the feature to its system. Ring wouldn’t directly answer our question about whether it will add that feature to its system.

There may be a reason for their reluctance. “Jam detection can create false positive alerts due to interference from other wireless devices, which might be why some brands opted not to implement the feature,” Garcia says.