Until recently, smart door lock Malaysia were regarded as futuristic technology in the country. However, according to a recent survey, 55 percent of households are comfortable with smart security devices. Because smart locks rely on wireless technology, it’s natural to wonder if they can be hacked.
But smart locks can be compromised. Hacking is a risk with any wireless technology, and smart locks are no exception. However, if they are properly installed, their software is kept up to date, and your passwords are kept safe, they are extremely difficult to hack. Rather than the locks themselves being insecure, it is usually the wireless connection that allows hackers access. Because smart locks require a wireless connection (Bluetooth, Wifi, etc.), it is critical that this connection be completely secure in order to keep your smart lock safe.
Hijacking of Passwords
Password hijacking is the most straightforward method of hacking a smart lock. This usually occurs after a thief or hacker has stolen your smartphone. They can jailbreak into your cloud files once they have control of your device. When you sync your smartphone with your smart lock, it may contain files containing your passcode, fingerprint, or voice recognition audio.
Bluetooth connectivity is available in the majority of smart locks. This opens up a rare but still viable attack vector for a hacker to use a Bluetooth sniffer to gain access to the lock. This is uncommon because it requires the hacker to be extremely knowledgeable about code and a few pieces of complex computer hardware to “sniff” the information out of your device via Bluetooth. Another factor complicating this is that a hacker would need to be physically close to the lock in order to do so due to Bluetooth’s limited range.
Voice Command Exploit
Controlling your smart locks with voice commands is certainly convenient and futuristic, but it can leave the door (literally) open to a very simple hack.
When you ask a smart assistant like Google or Alexa to unlock your door, most smart locks require you to enter a pin code. Z-Wave-enabled locks are an exception. Setting up your smart lock to not require a code every time is convenient, but it is also extremely insecure. Anyone who knows the correct voice command can control your locks without a code. Using a transducer, you can even do this from outside your home.
Problems with Software Updates
Another potential issue that could render your smart lock inoperable (bricked) is software/firmware updates. Smart locks, like most other pieces of computer hardware, require regular updates from the manufacturer. These typically address minor software bugs and/or add new functionality. This is usually a good thing, but consider what will happen if the updated software fails. This could theoretically (and in practise – see below for the LockState issue) render the lock inoperable.
While this will not automatically open affected smart locks, it may mean that if the lock was in the unlock state when updated, you will be unable to lock it, and vice versa, if it is locked, you will be unable to unlock it. In either case, you will be left with an unsafe property or you may not even be able to enter it!
Breaching of WiFi
Hackers may be able to compromise a smart lock by gaining access to your home WiFi. If someone does gain access to your home network, they will have a lot of work to do. They must be able to access the lock through your account or hack into a vulnerable smart hub to hack a smart lock via your WiFi connection.
To obtain your access information, they would need to gain access to a computer or device on your network that has saved your credentials.