Has anyone seen or read anywhere any real proof of a customers home security system has indeed been hacked or jammed? We have been seeing articles in reference to the Simply safe system has been hacked. I am looking for real life cases in which this has happened. Let me know if anyone of you guys has any specific real time data?
The Qolsys , as well as the systems used by Comcast and other cable companies, and other IoT systems are more susceptible than the 2GIG.
2GIG requires a complicated process to intercept the unsecured 345mhz frequencies using a special and expensive software defined radio (SDR).
Qolsys, Comcast, and ioT panels on the other hand, do not. They can be compromised through a ZigBee protocol vulnerability which prevents those type sensors from properly reporting status.
Qolsys, Comcast, and ioT panels on the other hand, do not. They can be compromised through a ZigBee protocol vulnerability which prevents those type sensors from properly reporting status.
Qolsys does not use Zigbee for nearly all sensor communication. It does not use 2.4 zigbee for anything. It uses 900mhz zigbee for the image sensor alone.
Qolsys sensor communication is 319 GE.
Qolsys does not use Zigbee for nearly all sensor communication. It does not use 2.4 zigbee for anything. It uses 900mhz zigbee for the image sensor alone
Are you sure that the Qolsys panel is not using the primary ZigBee 2.4mhz communication protocol, and optional 915mhz for the Image Sensor?
Quote from Surety Feb 3, 2016: (Source)
Zigbee uses an optional 900Mhz range but is primarily in the 2.4ghz range like home wifi.
Yes. Qolsys does not use Zigbee 2.4.
That quote specifically refers to Zigbee communication, not Qolsys
Ahh, my bad. I also saw that Qolsys states the IS operates under 802.15.4 (which is a range of three frequencies for Zigbee…868mhz, 915mhz, and 2450 (2.4mhz)).
If it operates only under the 915mhz band, it may not be vulnerable to the ZigBee issue (but then again, it may be that the entire ZigBee communication protocol (wireless standard) is vulnerable. Particular attention has only been publically disseminated in regards to 2.4mhz as it is the most common band used by IoT devices).
From what I gather, it is implied that the ZigBee communication protocol in general is compromised and vulnerable, and if that is the case, then that infers that all ZigBee frequency radio bands, including the 915mhz frequency used by Qolsys, may also be vulnerable.
EDIT
It appears that the ZigBee protocol “Security Key” was compromised which would infer all transmitting frequency bands using that security key would be affected. (In much the same way wireless 802.11 WLAN router WPS was compromised. it doesn’t matter the radio band you use (e.g., 5Ghz or 2.4Ghz), WPS keys are still compromised)
From what I can find with a quick Google search, there are currently two ways to compromise ZigBee regardless of the radio frequency used (e.g., 868, 915, 2.4)
The compromised zigbee security architecture (finding the secret key) :
SNIFFING: (ZigBee sniffers appear to be freely obtainable, or for low cost online SOURCE)
and here is a full presentation on how to compromise ZigBee (glanced through it only): Blackhat 2015 ZigBee Exploited
This is why security companies use the Zwave and not the Zigbee, Zigbee is older tech and is prone to hacking. We had our IT team try to hack the Qolsys and could not do it. We do get questions from customers about hacking and we have not had any documented cases of any hacking on any of the panels mentioned.
Speaking of Z-wave. Recent News.
Panel manufacturers look to have another avenue for security device integration now.
Most commercial (Honeywell Lynx, Simon XT/XTi, 2Gig GO! Control, Qolsys, and most other wireless alarm systems that utilize the 319, 415, 433Mhz frequencies.) wireless alarm panels are the market today are susceptible to hacking with an SDR radio. There are tons of YouTube videos showing the process. If you do not have a bi-directional communication network for your wireless alarm system, your system can be exploited!