How SimpliSafe Protects Your Home From Hackers
Posted December 2nd, 2020 by SimpliSafe
SimpliSafe is the right security system for stopping burglars
Nothing is more important to us than your safety. We protect our own families with SimpliSafe, and truly believe that our home security system offers outstanding protection against real-world dangers. Before going into the details of how we prevent all kinds of bad guys from getting into your home and home security system, one important thing to remember is that most burglars aren’t computer wizards. They’re just crooks looking for a simple crime of opportunity. As tech expert Ry Crist wrote in CNET (emphasis added):
The most likely burglary scenario by far is the unsophisticated crime of opportunity, usually involving a broken window or some other kind of brute-force entry. According to the FBI, crimes like these accounted for more than half of all residential burglaries in the US in 2017. The wide majority of the rest were unlawful, unforced entries that resulted from something like a window or a garage door being left open. The odds of a criminal using technical means to bypass a security system are so small that the FBI doesn't even track those statistics.
SimpliSafe is not easily hacked
We know people are concerned about their wireless home security devices getting hacked. Is this something that could happen to your SimpliSafe security system? While it’s technically possible to hack into anything, calling it “easy” is extremely misleading. We’ve only ever heard of highly trained, professional security experts attempting to “hack” into our products — and even then, only in a controlled environment (not out in the real world, and not to actual SimpliSafe customers)!
Case study: a senior security consultant finds a sophisticated loophole
For example: in 2016, Dr. Andrew Zonenberg, senior security consultant at IOActive, managed to find a technical exploit for the Original SimpliSafe (an outdated model we released around 2010). Zonenberg — who has a PhD in Computer Science — purchased specialized equipment and programmed a chip by writing custom code. This programmed equipment could then be used, under very specific circumstances, to gain access to the Original SimpliSafe system. In particular, the equipment in question would need to be close to the security system, and an authorized user would also need to be disarming it while the equipment was near.
Could this happen to your wireless home security system?
Let’s be clear: this is a highly sophisticated attack. Recall that the FBI doesn’t even track this type of attack, since it’s so rare. And to date, we have never heard of one of our customers getting hacked this way — on any version of our security system. We are also not aware of this security hack happening to the systems of other major home security providers that use similar technology, either.
The newest SimpliSafe has many more ways to stop hackers
Another thing to bear in mind is that the exploit described above isn’t even possible on our 3rd generation system. The old attack relied on the fact that our old system — which is no longer sold — did not have modern-day encryption. And whenever there’s unencrypted network communication, there are more potential security vulnerabilities to consider. But the latest SimpliSafe system, released in 2018, encrypts all of its communications. That includes messages between the Base Station, Video Doorbell Pro, SimpliCam, SimpliSafe App, and our backend services. This holds true for both of our main modes of wireless communication — messages over a cellular connection, or messages through a Wi-Fi network. Finally, we can also push over-the-air (OTA) software updates on this version of SimpliSafe. We couldn’t on the older hardware of the Original SimpliSafe, which was coded using a onetime programmable chip. But if a security expert discovers a flaw in our current model — or if something goes wrong in some other way — we can patch out the issue right away. That means you get the safest, best experience possible.
Has SimpliSafe been hacked?
No. We protect over 3 million customers in the United States. In over a decade of protecting customers like you, we have yet to receive any reports of actual break-ins tied to any attempted attack on our system like those shown in a few YouTube videos of people messing around with old systems in a controlled, testing environment.
I am a security researcher with information about a possible flaw in your system. Where can I reach you?
Please use our dedicated security page to find out how you can report a new security concern. We appreciate your help in making SimpliSafe more secure for everyone.
I would like to upgrade to the improved, fully-encrypted SimpliSafe system. How can I do that?
Call us anytime at 800-549-9508 to get a great deal on a new SimpliSafe. We want to make sure you have the security system that provides the most peace of mind.
What can I do to make my home more secure? Are there any system uses I should know about?
Change your PIN code regularly. This is a good security practice in general.
Monitor notifications of your home alarm being disarmed for any unexpected activity.
Take note of any suspicious person or unidentified equipment located very near to your home as you come and go, as the concern raised requires close proximity.
If you have our 24/7 Professional Monitoring plan, disarm your system with your smartphone or webapp, which bypasses this issue.
What are some other security features built into my SimpliSafe security system?
Our system uses a cellular connection that can’t be physically cut. 1 in 5 burglars cut alarm or telephone wires before breaking in.
Burglars often smash keypads to try to prevent the alarm control box from sending signals. We separated the alarm signal from the keypad to mitigate this tactic.
Our monitoring service has six redundant monitoring centers to reduce the risk that local catastrophes might affect your coverage.
If an intruder disables your power or there is an outage, SimpliSafe’s battery backup is designed to continue to power your system.
We have a jam detection algorithm that is being constantly tuned and updated behind the scenes, which notices if someone is trying to jam your system and alerts you.
I have other security system questions. Where can I find out more?
If you need help finding something we haven’t covered, check out our Help Center for any questions about your SimpliSafe experience and security devices.August 2021