Hackers love the IoT. It’s a match made in cyber-Heaven. The New York Times reported that smart lightbulbs, of all things, could be a major target for hackers.
Researchers found in a study released today that a flaw in Philips Hue smartbulbs lets hackers take control. Hackers could, for example, gain access to strobe LEDs to cause discomfort and seizures. They can use one compromised bulb to access all bulbs nearby within minutes.
But the problem isn’t just the compromised bulb, as it is the swath of internet-connected devices in direct proximity. The IoT is easily accessible from this vantage point. The researchers found they could infect a building with malware from driving a car within 229 feet. They also modeled the light distribution of Paris and found that an infection could spread across the 40-square-mile area with as few as 15,000 devices in place. These are some grim results.
Compromised devices could be used by hackers to initiate attacks similar to those against Dyn two weeks ago. They can also steal vulnerable information and spam unassuming users.
The convenience and interconnectivity of the IoT comes with risks, and currently, it’s far from tough for cybercriminals to use it as a backdoor. Security experts agree that the U.S. isn’t nearly ready for a major cyberattack.
The researchers point out that it’s critically important large companies use advanced cryptographic techniques when securing even the simplest of tech. Even with Philips using standard industry measures, the researchers were able to hack lightbulbs only using “readily available equipment costing a few hundred dollars.” A small price to pay for potentially massive effects.