Bitdefender–the tireless actuary of the Internet of Things–has reported discovering a backdoor into homeowner’s personal Wi-Fi networks via Amazon’s Ring doorbells, the video-enabled auto-locks that allow homeowners to remotely open the door. And as Bitdefender’s Chief Security Researcher Jay Balan told Gizmodo in a message, once a bad actor has access to a home network “it’s game over.”
Balan told us that the vulnerability was discovered following a request from PCMag to look into the device and that it’s now been patched. The process of taking advantage of the security hole was tedious, he said, as the Ring typically communicates with your device via the company’s cloud services.
The only insecure exchange between the app and device is the authentication process, so a hacker would have to kick the device off your network by aggressively sending the network de-authentication messages. The Ring would then appear to go offline. The hacker would have to wait within proximity of your Wi-Fi (like right outside your home) until you notice that the device is offline. And when you reenter your credentials on the Ring, the hacker would be able to scoop them up.
A daring hacker with the patience to do this still wouldn’t be able to use the Ring app, but an imaginative mind could still find a way into your home. “There’s no other vulnerability that we discovered, but there are a million scenarios that you can run,” Balan told Gizmodo. “Let’s say there’s a vulnerable speaker system on the home network. And many speaker systems [allow] people to connect to them, without any authentication, and accept their music. A very doable scenario is you would send an audio file to the speaker that says Alexa, open the front door.”
“There’s a fundamental problem with the way people treat their home networks,” Balan added. “Everybody believes that their home network is safe. This is why the security is much more lax on your home network, there’s no password on your TV, there’s no password on many things because people say it’s my private network. Apps are, by design, insecure on the private networks.”
Balan said Amazon was very responsive and moved to patch the devices quickly before disclosing them in November. It started the process in September but followed standard practices and waited until the vulnerability was patched to disclose it. Amazon did not immediately respond to Gizmodo’s request for comment.
This is the latest instalment in the Ring’s ghoulish recent history. Back in February, researchers at Dojo by BullGuard found that hackers could send users images through the Ring app to show a person at the door. Lately, it advertised that it monitored all of the doorbell rings on Halloween.
It’s also turned homes into patrol centres, with Amazon going so far as writing some police department’s press releases and tutoring them on how to best entice homeowners to hand over their private security footage.
As with most IoT devices, the Ring doorbells promise tech-infused solutions to a problem that didn’t really exist and it’s just causing more problems.