Internet of Things’ light bulb can be hacked into

Security

by Amy-jo Crowley| 04 July 2014

Other hacked items include smart printers, baby monitors and children’s toys.

A security firm has exposed a critical vulnerability in an LED light bulb that could have allowed hackers to take control of it.

Context said by gaining access into bulb manufacturer LIFX's Wi-Fi enabled master bulb, it was able capture and decrypt its network configurations.

The researchers, which found vulnerabilities in other internet connected devices, such as home storage systems, printers and baby monitors, accessed the firmware by examining the device's embedded microcontrollers to identify the encryption mechanism in use.

They then were able to monitor packets on the mesh network and identify the specific packets, which shared the encrypted network configuration among the bulbs.

Michael Jordon, research director at Context: "Hacking into the light bulb was certainly not trivial but would be within the capabilities of experienced cyber criminals.

"In some cases, these vulnerabilities can be overcome relatively quickly and easily as demonstrated by working with the LIFX developers. In other cases the vulnerabilities are fundamental to the design of the products.

"What is important is that these measures are built into all IoT devices from the start and if vulnerabilities are discovered, which seems to be the case with many IoT companies, they are fixed promptly before users are affected."

 

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.