Hackers can hijack your house through your light bulb, researchers discover

Market-leading Philip Hue smart bulb could allow cyber criminals to spy on users

Anthony Cuthbertson
Wednesday 05 February 2020 12:04 GMT
Comments
Check Point researchers demonstrated how the vulnerability gave hackers access to people's home network
Check Point researchers demonstrated how the vulnerability gave hackers access to people's home network (Check Point)

Your support helps us to tell the story

This election is still a dead heat, according to most polls. In a fight with such wafer-thin margins, we need reporters on the ground talking to the people Trump and Harris are courting. Your support allows us to keep sending journalists to the story.

The Independent is trusted by 27 million Americans from across the entire political spectrum every month. Unlike many other quality news outlets, we choose not to lock you out of our reporting and analysis with paywalls. But quality journalism must still be paid for.

Help us keep bring these critical stories to light. Your support makes all the difference.

Homes and businesses that use smart light bulbs are at risk of being hacked and even spied on, new research has revealed.

The vulnerability, which affects the market-leading Philip Hue smart bulb, was discovered by researchers at security firm Check Point, who claim cyber criminals could use it to plant spyware or ransomware on home networks.

It works by exploiting a flaw with the popular ZigBee protocol, which is commonly used within wireless networks.

"Many of us are aware that smart devices can pose a security risk, but this research shows how even the most mundane, seemingly 'dumb' devices such as light bulbs can be exploited by hackers and used to take over networs, or plant malware," said Check Point researcher Omri Herscovici​.

"It is critical that organisations and individuals protect themselves against these possible attacks by updating their devices with the latest patches and separating them from other machines on their networks, to limit the possible spread of malware."

The researchers informed Philips of the vulnerability, who have since issued a security patch through its website. Check Point urged owners of the light bulb to update their devices immediately.

The research once again raises questions about the security of internet-connected devices that are increasingly used in people's homes.

Everything from toasters to baby monitors have been discovered with serious flaws that endanger the people who use them.

A recent investigation by UK consumer watchdog Which? revealed that thousands of smart security cameras could be vulnerable to hackers.

The Philips Hue smart bulb 'could allow hackers to plant spyware' within people's homes (Philips )
The Philips Hue smart bulb 'could allow hackers to plant spyware' within people's homes (Philips ) (Philips)

Smart light bulbs, which have limited capabilities compared to other smart appliances like fridges and TVs, may seem relatively harmless as a technology, but Check Point's research is not the first time issues have been discovered with them.

Last year, researchers at the University of Texas discovered security holes in popular smart bulb brands that cause them to leak information when exposed.

"Think of the bulb as another computer. Any data can be stolen: texts or images. Anything that is stored in a computer," University of Texas professor Murtuza Jadliwala said at the time.

"These bulbs are now poised to become a much more attractive target for exploitation even though they have very simple chips."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in