Smart Lightbulb’s potentially hacked

Next story

The Internet of Things is both big business and a big risk. Will security ever come first with smart devices?


Internet of Things is a hot topic as of late, as more and more household items become network connected and remote controlled. As one of the biggest and most successful of home automated Internet of Things products, Smart lightbulbs are internet connected LED bulbs that allow for lighting to be controlled remotely, or to customise and schedule lighting.

A recent paper published research detailing a ‘Lightbulb Worm’, which is an attack on Smart lightbulbs that allows the Worm to wirelessly take over the bulb from up to 400 metres away. By writing a new operating system for the Smart lightbulb, then causing the infected bulb to spread the attack to all vulnerable Smart lightbulbs in reach, until a whole city could be infected.

The researchers execute the experiment on Philips Hue lightbulbs, which is the most popular smart lighting system in the market today.

Mark James, ESET IT Security Specialist, looks into what an attack like this could do, and why an attack could happen.

“If we want to look at worst case scenarios for potential implications, then the damages could be significant.

“Apart from the obvious cases of turning off lights in very dark areas that could cause the human occupants to lose their footing and injure themselves, we need to consider the dangers of strobing led lighting that could cause epileptic seizures.

“It could also be used to cause disruption to other Wi-Fi networks using the 2.4 GHz spectrum.

“Technically, lightbulbs could be used as botnets, if enough are connected and compromised, they could be used to form a DDoS attack.

“Philips have already issued a patch to resolve this particular issue, but getting the patch is not as easy as it should be.

“These types of issues can often arise from using common technologies that may be flawed.

“It once again highlights the dangers of an interconnected world running to embrace technology, with security taking a back seat.”

Do you use Smart Lightbulbs? Are you worried about them being hijacked? Let us know on Twitter @ESETUK

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.