Philips Hue smart lights hacked; bug fixed, but consumer beware

Two Philips Hue lightbulbs with the "Bridge" unit that connects to the router and controls the system


That shiny new smart light bulb that can be turned on and off with Alexa and change colors with the Google Assistant could be vulnerable to a hack. 

Security researchers from Check Point tested the Philips Hue models, the most popular smart lights brand, and says it successfully hacked into a home’s computer network. It went to Philips to show its findings and says Philips has now fixed the issue, but Yaniv Balmas, Head of Cyber Research at Check Point Research says consumers of off-brand lights may not be as lucky. 

Amazon lists many brands in its smart light offerings, including Philips, Wyze, Teckin and Berennis. 

Two Philips Hue lightbulbs with the "Bridge" unit that connects to the router and controls the system

Oh no:Amazon’s Ring security shares your personal data with Facebook and Google, report says

Breach:Twitter accounts of NFL, Packers, Chiefs appear to have been hacked

Balmas warns that the same protocol flaw found in the Hue bulbs is also used by other popular devices, including the Amazon Echo speakers and Belkin’s WEMO. 

The hack would enable someone to “gain entry and spread malware,” into a home or office computer network easily, says Balmas. 

If you connect anything that’s smart, it comes with risks.

“We chose Philips because it has the biggest market share,” in smart lights, says Balmas. “But if we found this in Philips, think about the vulnerabilities in other devices. Think of other bulbs and how many are made in China, with lower manufacturing costs. Would they be a much easier target to find vulnerabilities?”

The news follows months of reports of other digital products easily being hacked, from Ring video doorbells to self-driving cars. 

What’s a consumer to do to protect themselves? Start by updating software, be on the alert for out of the ordinary behavior of devices and separate the devices from others in the network on your router.

Many newer home routers let consumers create separate segments on the network, adds Balmas. This would get your light bulb off of the same network used for running your computer, and thus, the hacker wouldn’t be able to get into your system, just your bulbs. The Linksys Mesh WiFi Router AC2200 ($157) for instance, says it can separate products on three different networks. 


Source link

By Javier Manning

Javier has been in the field of content writing for almost 8 Years as he hails from the Biotechnology background. The edifying articles portray her craving towards language. His keen hobby of reading technological innovations related books or articles has sown the seed of being a well-versed editor with the current scenario of numerous industry verticals. He is one of the valuable assets to this publication. The Industry News Press has awarded him with a senior editors post based on his skillful performance to date.