Hackers can hijack your smart home tech using just a laser pointer

Hackers can hijack your smart home tech using just a laser pointer

Did you know cybercriminals can speak to you through smart speakers, turn off lights or even mess with your thermostat? Click or tap here for the story of a couple who’s smart home was invaded by a hacker.

But those are small pranks. Imagine the damage hackers could do if they could disable smart locks or garage door openers. These systems are designed to be much harder to hack, but a newly discovered, low-tech solution could make it easy for anyone to enter your smart home without your knowledge.

Researchers discovered almost every smart home product on the market is vulnerable to lasers and can be remotely commanded. Will this discovery open the door to a wave of dangerous smart home hacks?

Hackers can zap your smart home into submission

According to new reports from Business Insider, a team of researchers from Tokyo’s University of Electro-Communications and the University of Michigan have found some of the most common smart home devices on the market can be hijacked with a simple laser pointer.

When a laser is directed at the microphone array of a smart speaker, the sensitive electronics interpret the light as sound, so hackers can remotely give specific commands to the device.

 

Related: Nest camera hacked with terrifying results.

 

For their tests, the team used a number of common devices with smart home or virtual assistant capabilities. These included Google Home, several Amazon Echo models, Apple’s HomePod and Facebook’s Portal. The team also tested several smartphones, including  an iPhone XR, a Samsung Galaxy S9 and a Google Pixel 2.

Of the tested devices, all smart speakers were easily hijacked by lasers; however, the smartphones required additional verification to continue. The iPhone test revealed it would not follow a command unless a wake word was issued.

To demonstrate their findings, the team put together a video showing how the speaker interprets lasers for a variety of commands.

Most concerning was how the team was able to perform laser hacks through barriers, like windows, and from distances of up to 360 feet. This means anyone standing outside of a home with a line of sight on smart speakers could flash a laser and take control.

Google and Amazon have been looking at the research and both plan to review the findings for security implications.

How can I keep my home safe from “laser hackers?”

So far, there’s no evidence anyone has attempted to hack smart home devices with lasers other than the research team. The published findings are the first instance of anyone trying the hack and succeeding — but that doesn’t guarantee your safety. Now that the cat is out of the bag, hackers and cybercriminals may start using the technique.

To keep yourself safe, simply keep vulnerable smart home devices hidden from open windows or nearby mirrors, which can reflect the light of a laser.

This research highlights the fact that we have a long way to go to secure the tech we bring into our homes. One great example of insecure devices is how light bulbs can serve as dangerous gateways for hackers, just click or tap here to learn how.

Tags: Apple, Apple iPhone, cybercriminals, security