See the light: Philips Hue smart bulbs can be hacked and used to install malware

A recent report from cybersecurity researchers at Check Point identified a bug in Philips Hue smart bulbs that potentially allows hackers to access the home networks of users.

Using a similar glitch from 2017, researchers said that they were able to access the bulbs and their corresponding “control bridge,” which led them to the users’ home networks.

Though the process seems a bit difficult, the researchers said their work shows how it is possible for Internet of things (IoT) devices to expose crucial aspects of someone’s home network and beyond. In particular, their research demonstrates how even the most mundane IoT devices, such as smart light bulbs, can be exploited by hackers to plant malware or take over networks.

To infiltrate a network, the researchers first exploited a bug that remained active from a previous study, which allowed hackers to control aspects of a smart bulb, like its brightness. Once they gain control of the bulbs, hackers lower and raise its brightness in an attempt to trick the user into thinking that there is something wrong with the device and prompt them to reinstall it. Once the compromised bulb is reinstalled, it can offload malware to the “control bridge.”

Fortunately, Philips Hue was notified of the flaw in November 2019, and the company has since issued a patch for its products that should have been automatically downloaded.

Despite the fix, revelations about the vulnerabilities of smart bulbs should raise concerns over what kinds of devices people allow in their home networks. Individuals and organizations must protect themselves against these possible attacks by updating devices with the latest patches and separating them from other machines on their networks to limit the possible spread of malware.

“In today’s complex fifth-generation attack landscape, we cannot afford to overlook the security of anything that is connected to our networks,” the researchers said. (Related: How to Get Rid of Cyber Security Issues Almost Instantly.)

Improving home network security

Many homeowners share the misconception that their home networks are too small to be at risk for a cyberattack, or that their devices are “secure enough.” Most attacks are not personal in nature and can occur on any type of network, so here are some tips to help improve security from malware and ransomware.

1. Update your software regularly. Software updates are the most effective steps you can take to improve the overall cybersecurity of your home networks and systems. Software updates often include critical patches and security fixes for newly discovered threats and vulnerabilities.
2. Remove unnecessary services and software. Disable all unnecessary services to reduce the attack surface of your networks and devices, including your router. Unused or unwanted services and software can create security holes in a system, which could lead to increased attacks.
3. Change default log-in usernames and passwords. Most network devices come with pre-configured default administrator passwords to simplify setup. These default credentials are not secure, and can even be readily available on the internet, so change the default log-ins with strong passwords and usernames to secure your devices. Additionally, you should not use the same passwords with multiple accounts to minimize the risk of breaches.
4. Install a network firewall. Installing a firewall at the boundary of your home network can help defend against external threats. A firewall can block malicious traffic from entering your home network and alert you of potentially dangerous activities. When properly configured, network firewalls can serve as a barrier against external threats, preventing malicious software from reaching out to the internet. Most routers come with configurable, built-in network firewall that includes additional features such as access controls, web-filtering, and denial-of-service (DoS) defense that you can use to tailor-fit your networking environment.
5. Mitigate email threats. Phishing emails are among the most common initial attacks employed by hackers for malware delivery or credential harvesting by persuading you to click on a link or open an attachment. Be more cautious and familiarize yourself with common elements of a phishing attack.

Learn more about how to keep yourself safe from internet attacks at Cyberwar.news.

Sources include:

DailyMail.co.uk

US-Cert.cisa.gov