Z-Wave updates security of its smart home wireless standard

Following a massive DDoS attack in October that utilized IoT devices to attack a domain name server, Z-Wave has announced that it is working on bolstering the security of its wireless standard. The new security framework is called "Security 2" or S2, and it will improve encryption for transmissions between devices like security cameras and thermostats.

The update also introduces new pairing procedures. Each device will require a unique pin or QR code. CNET points out that this approach is one already practiced by Apple in its HomeKit devices.

This security update directly addresses the problems found with the recent DDoS attack. The attack exploited the fact that devices like IP cameras would often never get an updated password. A unique, device-specific PIN also a degree of separation from the network can keep intruders from gaining access to everything connected to a single network.

Z-Wave engineers told CNET that S2 is backwards compatible with current versions of Z-Wave. Most devices on the market now should be able to be updated without any hit to performance. Many of the more affordable IoT devices coming out of China today rely on Z-Wave, so the improved security should come as good news. The other popular wireless smart home standard is ZigBee. Some of the more prevalent China products using Z-Wave and ZigBee today are lower-cost devices like smart lights and sockets.