Ring, SimpliSafe, and Three Other DIY Home Security Systems Vulnerable to Hacking

We don’t want to go into too much detail (and inadvertently help would-be burglars learn how to execute jamming attacks), but it’s important to understand how these attacks work at a high level.

Not all systems that can be jammed are equally vulnerable. Some systems are equipped with a jam detection feature that detects the attack and sends a notification to users (although it doesn’t trigger the alarm). Because of variations in how these systems respond (or don’t respond) to jamming, we used our Poor to Excellent ratings scale to cover the range of responses:

• Excellent: We were unable to jam the system in our lab setup.
• Very Good: We were able to jam the system in our lab setup, but it detects the jamming and alerts users in under 30 seconds.
• Good: We were able to jam the system in our lab setup, and it took more than 30 seconds to detect it and alert users.
• Fair: We were able to jam the system in our lab setup, but its more-sophisticated sensors make jamming more difficult. It does not detect jamming.
• Poor: We were more easily able to jam the system in our lab setup, and it does not detect jamming.

Consumer Reports shared its findings with the five manufacturers and asked each if it would update its systems to prevent jamming. Only Eufy explicitly said it will fix the jamming issue (the company plans to release a software update in early April). Cove said it is considering moving to encrypted sensors for a future version of its system and has “been monitoring whether the cost and complexity is justified by the threat in the field.” Ring said it has “implemented safeguards in our Ring Alarm system to help address wireless signal jamming, and we will continue inventing ways to help protect our customers,” but did not get more specific.

SimpliSafe responded that it continually refines its jam detection algorithm and releases “security updates to safeguard our system against jamming vulnerabilities.” Abode pointed to the fact that it offers jam detection as a standard feature but did not address the jamming itself.

Manufacturers that don’t currently offer jamming detection were mixed on whether they would add it. Cove said it plans to add jam detection to its system next year, but likely as an optional feature. Eufy said it would not add the feature to its system. Ring wouldn’t directly answer our question about whether it will add that feature to its system.

There may be a reason for their reluctance. “Jam detection can create false positive alerts due to interference from other wireless devices, which might be why some brands opted not to implement the feature,” Garcia says.

In addition to the vulnerabilities related to jamming, Abode and Cove had a handful of small, lower-risk security issues that we found, which they did fix.

Bruce Ehlers, vice president of product development and engineering at Cove, adds that the residential security industry doesn’t see these types of attacks as a huge issue, with millions of these systems in US homes today. The deterrence value of an affordable home security system is proven in the market and “the industry has not experienced significant real-world intrusions due to replay or jamming attacks,” says Ehlers.

Glenn Gomes-Casseres, vice president of product and design at SimpliSafe, points out that these attacks are difficult to pull off in the first place.

“In order to jam a device, one would have to perfectly execute a highly nuanced protocol with devices specifically tuned and configured for this purpose,” says Gomes-Casseres. “And even if successful, thanks to SimpliSafe’s built-in detection, customers are alerted, and cameras are queued to record and capture evidence, during jamming attempts.”

Ultimately, most burglars’ preferred break-in methods are more likely to be low-tech. 

“The good news is that the intelligence required to evaluate a home security system and jam it with a specialized RF transceiver is beyond the capabilities of the vast majority of burglars,” says Kirk MacDowell, CEO of security consulting firm MacGuard Security Advisors. Still, MacDowell adds that legitimate systems should offer jam detection, as well as encryption to prevent attackers from eavesdropping on these wireless signals.

He says good quality professionally-installed systems offer these protection features, but not all DIY systems sold at retail do the same.

"If it becomes more well-known that burglars can trivially evade certain security systems, then it seems likely more wrongdoers will be able to take advantage of this flaw," says Justin Brookman, CR’s director of technology policy. "If there are reasonable measures manufacturers can take to remediate this exploitable threat, then they should be obligated to update their systems and close this loophole."

So, how can you protect your system? First, don’t advertise what system you own with its branded yard signs and window decals. Once a burglar knows what system is being used, they can easily figure out which signals they need to jam.

“Security signs and decals can be a useful deterrent to burglars, but you should always use generic, un-branded signs and decals,” says Bernie Deitrick, who oversees CR’s home security system testing. “That way you get the same benefits without tipping burglars off to the brand of system you own.”

As noted above, the Cove and Eufy systems are currently susceptible to this type of attack, where a hacker copies the disarm signal from a keyfob and broadcasts it to disarm the security system. Both systems receive Poor ratings for replay disarm resistance as a result, while the other systems receive Excellent ratings.

This attack is more difficult to pull off than a jamming attack, as the hacker would need to be in the vicinity of your home for a while, making it more likely that you would spot them.

“It requires the attacker to be near a key fob or keypad when the user presses the disarm button so they can capture the signal,” says Garcia. “They would then have to replay the disarm signal, near the base station of the system, in order to disarm it. This is all possible, but there are many steps involved and the user would usually get notified if the system becomes disarmed.”

We also shared these findings with Cove and Eufy. Eufy said it will fix the issue in a future software update, while Cove said it’s considering using encrypted sensors (which would prevent replay attacks) in a future version of its system. Cove vice president Bruce Ehlers also said this type of attack is unlikely to occur because it requires the hacker to “stake out” your home. He added that the Cove system can also be used without a keyfob, which would eliminate the chances of this type of attack, but also remove an easy method for controlling the system.

Here are the top three DIY security systems from our tests. Keep in mind some of them score poorly for jamming, but we still recommend them because these attacks are very unlikely to happen and the systems still perform well in our other tests, such as ease of setup and data security. One notable weak spot, though, is data privacy. With the exception of Kangaroo, most of the systems we tested earn middling-to-unfavorable data privacy scores. For the rest of our test results, see our home security system ratings.