CES 2020: McAfee discovers how hackers can break in through your garage door

McAfee uncovered a security flaw in a popular connected garage door opener and a security design issue in an NFC smart ring used to unlock doors.

CES 2020: McAfee discovers how hackers can break in through your garage door

TechRepublic's Teena Maddox talked to Steve Povolny of McAfee at CES 2020 about potential threats in the Internet of Things and how attackers can use smart locks and garage door openers to access your home. The following is an edited transcript of their conversation. 

Steven Povolny: We're here... Advanced Threat Research with McAfee with the release of two security research findings. One of them is related to a very popular garage door company, which is Chamberlain. Many people know that name and their myQ garage door opener. Specifically, this is an interesting kind of attack scenario. We released details on how to jam the over-the-air signals that communicate with the user's app, allowing them to remotely open or close the garage door. This allows us to confuse the state of the application and actually get the homeowner to be tricked into opening the garage door remotely for an attacker in a scenario.

SEE: CES 2020: The big trends for business (ZDNet/TechRepublic special feature)

The other one that we released is actually a really interesting attack against a wearable device. When I say wearable, I'm talking about an actual ring that goes on your finger that supports NFC--NFC stands for near-field communications. It's a very common protocol used on your iPhone or other phones typically for mobile payment or authentication. This device is actually using NFC and can be paired with a smart home lock to gain access to the home through the smart lock. We found a way to compromise the security of that ring, pull off the credentials and identifying information for that ring, and use it to program a card that allows us to unlock a smart lock and get into the home. The security flaw here is in the design of the NFC ring itself and not the smart lock, but because these two products are used in combination, it allows for an interesting attack scenario.

This is an interesting one because the attack itself is somewhat complex. The attacker has to have a special knowledge of advanced radios, and Wi-Fi communications, and RF or radio frequency signals, and they're actually blocking or jamming those signals as they transmit over the air. But in reality for the consumer, the situation is that they may be away from their home just at work or on vacation and because they have this application that allows them to control the garage door remotely, they rely just on the notifications from that app to know whether their garage door is open or closed. Now, because this myQ app actually works with delivery services as well for package delivery, there's a scenario where a courier might come up, deliver a package to the home, close the garage door while the attacker is jamming that signal, and the user at work or on vacation is incorrectly notified of the state of their garage door.

When they go to fix that and close the garage door, they're actually doing the reverse and opening the garage door unbeknownst to them, and that allows someone down the street, an attacker, to walk into the garage or into the home potentially through the garage in a scenario where they really shouldn't be able to.

For consumers, this isn't all doom and gloom. This is a product that's designed with security in mind. It enables visibility for homeowners when they're away, it gives them remote control where they might not have it otherwise, and allows ultimately more secure delivery of packages and access to their garage. Unfortunately, with the advancement and increase of technology in these platforms, sometimes it introduces new attack surfaces that consumers aren't aware of. That's why we're here today to explore some of those unknown or uncommon attack scenarios that attackers are interested in researching just the same way as we are.

Also see