Joost Schellevis published an article on a national Dutch news channel with the results of a study by ethical hacker Daan Keuper (Computest) showing 17444 buildings with the systems based on the KNX standard are easily accessible to hackers. The complete article can be found here.
KNX authentication
The source of this vulnerability lies in the fact that the KNX system is opened up to the Internet with a IP-Gateway that is not properly secured. A KNX IP-Gateway can be safe when properly installed by your home automation specialist. Unfortunately this is not common practice.
Use Thinka-for-KNX bridge and Apple for proper security
Thinka developed a KNX bridge to control houses and buildings using Apple HomeKit. Each Apple device and Thinka itself is equipped with an encryption chip realising secure communication.
Thinka is HomeKit certified so all communication between your KNX installation and the Thinka is encrypted. To guarantee security and privacy, Thinka is installed inside your KNX enabled home and information from your configuration is never exposed over the internet. Thinka only communicates to
the internet for software updates and when using Alexa or Google Home.
