Researchers from Check Point Research, the Threat Intelligence arm of Check Point Software Technologies Ltd., a leading provider of cybersecurity solutions globally, has today revealed vulnerabilities that would allow a hacker to dispatch ransomware or other malware to home or corporate networks by practicing over smart light bulbs and their controller.
A few years ago, security researchers discovered to show up certain smart light bulbs that would allow hackers to infect them with malware. According to researchers at Check Point, hackers can build the vulnerable bridge between your physical IoT network and attack more appealing victims, like the computer network in your home, office or even smart cities with smart technology.
Researchers concentrated on the market-leading Philips Hue smart bulbs and bridge and discovered vulnerabilities (CVE-2020-6007) that enabled hacker could appropriate them and their control bridge to begin attacks on ZigBee low-power wireless protocol that is used to manage a wide range of IoT devices.
Check Point stated, “Attackers can take over the user lamp and users lost their control over his lamp. Then the user deleted his installed lamp and rediscover to find and the hacker-controlled lamp appeared. The user unknowingly installed a hacker-controlled lamp. Attackers hack the smart hub using the light bulb over Zigbee and exploit computer through the smart hub:”
Researchers from Check Point connected with Philips about a vulnerability in hue smart bulbs and Philips has issued a patch to fix it. The important thing that you make sure your smart lights are updated with the latest firmware. It’s a good idea to keep all of your devices updated. Philips advises enabling users to always open automatic updates for the Hue system to ensure you are always running the latest version.