Recently, researchers from North Carolina State University identified a design flaw in smart home Internet-of-Things (IoT) devices. The design flaws allow third parties to stop devices from sharing important information, which can be used to prevent things like security systems alerting a break-in or uploading the videos of intruders.

Here’s what researchers found

The researchers found that third-party hackers can upload suppression malware to a home router network. Here’s what the malware does:

• Allows devices to upload signals that the device is online and running
• Blocks security signals to homeowners
• Allows hackers to gain control on-site or remotely

Essentially, this attack shows the homeowner that everything is fine at home (or rather, shows them nothing) whether or not an intruder is in the home.

Why this happens

IoT devices have “heartbeat” signals. These are the signals that show that the device is online and functioning. The problem is that many IoT devices have distinguishable heartbeat signals, so layer suppression malware can easily find them and cut them off.

Possible solutions

There are a few possible solutions, according to TJ O’Connor, one of the NCSU researchers.

1. Make heartbeat signals indistinguishable, so that malware cannot selectively find them.
2. Include more information in the heartbeat signal, which would still transmit an alert to the system even if the network layer suppression malware was able to block sensor alert signals.

While no system or technology is going to be perfect, these are security measures to be aware of to reduce risks of being attacked.