See the light: Philips Hue smart bulbs can be hacked and used to install malware
By maryvillarealdw // 2021-10-12
Tweet
Share
Copy
A recent report from cybersecurity researchers at Check Point identified a bug in Philips Hue smart bulbs that potentially allows hackers to access the home networks of users.
Using a similar glitch from 2017, researchers said that they were able to access the bulbs and their corresponding "control bridge," which led them to the users' home networks.
Though the process seems a bit difficult, the researchers said their work shows how it is possible for Internet of things (IoT) devices to expose crucial aspects of someone's home network and beyond. In particular, their research demonstrates how even the most mundane IoT devices, such as smart light bulbs, can be exploited by hackers to plant malware or take over networks.
To infiltrate a network, the researchers first exploited a bug that remained active from a previous study, which allowed hackers to control aspects of a smart bulb, like its brightness. Once they gain control of the bulbs, hackers lower and raise its brightness in an attempt to trick the user into thinking that there is something wrong with the device and prompt them to reinstall it. Once the compromised bulb is reinstalled, it can offload malware to the "control bridge."
Fortunately, Philips Hue was notified of the flaw in November 2019, and the company has since issued a patch for its products that should have been automatically downloaded.
Despite the fix, revelations about the vulnerabilities of smart bulbs should raise concerns over what kinds of devices people allow in their home networks. Individuals and organizations must protect themselves against these possible attacks by updating devices with the latest patches and separating them from other machines on their networks to limit the possible spread of malware.
"In today’s complex fifth-generation attack landscape, we cannot afford to overlook the security of anything that is connected to our networks," the researchers said. (Related: How to Get Rid of Cyber Security Issues Almost Instantly.)
Improving home network security
Many homeowners share the misconception that their home networks are too small to be at risk for a cyberattack, or that their devices are "secure enough." Most attacks are not personal in nature and can occur on any type of network, so here are some tips to help improve security from malware and ransomware.- Update your software regularly. Software updates are the most effective steps you can take to improve the overall cybersecurity of your home networks and systems. Software updates often include critical patches and security fixes for newly discovered threats and vulnerabilities.
- Remove unnecessary services and software. Disable all unnecessary services to reduce the attack surface of your networks and devices, including your router. Unused or unwanted services and software can create security holes in a system, which could lead to increased attacks.
- Change default log-in usernames and passwords. Most network devices come with pre-configured default administrator passwords to simplify setup. These default credentials are not secure, and can even be readily available on the internet, so change the default log-ins with strong passwords and usernames to secure your devices. Additionally, you should not use the same passwords with multiple accounts to minimize the risk of breaches.
- Install a network firewall. Installing a firewall at the boundary of your home network can help defend against external threats. A firewall can block malicious traffic from entering your home network and alert you of potentially dangerous activities. When properly configured, network firewalls can serve as a barrier against external threats, preventing malicious software from reaching out to the internet. Most routers come with configurable, built-in network firewall that includes additional features such as access controls, web-filtering, and denial-of-service (DoS) defense that you can use to tailor-fit your networking environment.
- Mitigate email threats. Phishing emails are among the most common initial attacks employed by hackers for malware delivery or credential harvesting by persuading you to click on a link or open an attachment. Be more cautious and familiarize yourself with common elements of a phishing attack.
Tweet
Share
Copy
Tagged Under:
internet hacking cyber attacks cyber security ransomware home security malware inventions smart appliances Philips Hue Smart Bulbs Philips home networks
You Might Also Like
The VPN empire built by intelligence agents
By News Editors // Share
Indian startup promotes cow dung logs for cremating coronavirus victims
By Ramon Tomey // Share
Report: Etherium still uses massive amounts of energy across its cryptocurrency network
By Franz Walker // Share
Robot dogs are now being equipped with assault rifles for military use
By Mary Villareal // Share
Hacked: Firm that routes all major U.S. carriers’ text messages reveals 5-year breach
By Cassie B. // Share
Recent News
Evidence points to VOTER FRAUD in 2024 Wisconsin Senate race
By ethanh // Share
Trump picks pro-war Zionist shill Pete Hegseth as Defense Secretary
By ethanh // Share
Undersea internet cable sabotage could unleash a worldwide disaster
By isabelle // Share