Researchers have published a working paper detailing a proof-of-concept attack on smart lightbulbs that allows them to wirelessly take over the bulbs from up to 400m, write a new operating system to them, and then cause the infected bulbs to spread the attack to all the vulnerable bulbs in reach, until an entire city is infected. The researchers demonstrate attacking bulbs by drone or ground station. The demo attacks Philips Hue lightbulbs, the most popular smart lighting system in the market today. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS IB commented below.
Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS IB:
“Industrial IoT devices are a major concern for security researches worldwide. The implications of these devices being hackable is very alarming. From widespread outages to takeover by botnet herders, soon we will likely have smart lights and a litany of other industrial IoT devices being used to wreak havoc on a scale never witnessed before. Manufacturers need to recognise that almost anything is hackable and put appropriate protects into place. Recommendation: hire the hackers to test your systems before making them publicly available. Whatever happened to “due care”.”