Light bulbs are some of the least dangerous items in your home. Unless you drop or break them or touch them while they're on, it's difficult to imagine many scenarios where a light bulb could hurt you.
But that's all changing because light bulbs are now getting smarter. Research now shows that web-connected light bulbs, such as the Philips Hue, can be hacked and controlled remotely.
To explain how this is possible, we'll need to get a bit technical. Using a technique called an "IoT Worm," hackers are able to install malicious software onto these web-connected devices. Once installed, the worm can then spread to other devices that are connected to the same network, infecting them as well. It may sound complex, but the entire process only takes a few minutes from start to finish.
Taking control of the smart light bulbs throughout your home could be as harmless as a prank (flashing lights on and off), or as serious as something that devastates your entire home network. And, if enough gadgets are infected, those devices could be turned into a weapon that assaults Domain Name Systems (DNS), ultimately overwhelming them and shutting them down.
Don't believe this is possible? It actually just happened back in October, when a DNS named Dyn was targeted by a cyberattack. The occurrence was caused by a DDoS attack, which essentially means that hundreds of thousands of hacked devices worked together to overwhelm the system until it collapsed. As a result, millions of residents along the East Coast were unable to access websites such as Amazon and Netflix.
And that was just the beginning. The first attack was resolved within a few hours, but a second attack launched later that afternoon. The second attack affected web use across the nation, and even in some areas globally.
Smart light bulbs have only recently been added to that list, thanks to new findings by researchers. In a paper titled, "IoT Goes Nuclear: Creating a ZigBee Chain Reaction," researchers Eyal Ronen, Colin O'Flynn, Adi Shamir and Achi-Or Weingarten outlined what makes these smart devices so dangerous.
The paper's introduction explains, "In this paper we describe a new type of threat in which adjacent IoT devices will infect each other with a worm that will spread explosively over large areas in a kind of nuclear chain reaction."
To test their theory, the researchers developed an infection and experimented with a Philips Hue smart lamp. The findings were shocking.
"The worm spreads by jumping directly from one lamp to its neighbor's, using only their built-in ZigBee wireless connectivity and their physical proximity. The attack can start by plugging in a single infected bulb anywhere in the city, and then catastrophically spread everywhere within minutes, enabling the attacker to turn all the city lights on or off, permanently brick them, or exploit them in a massive DDOS attack."
The best thing you can do to protect your devices is to ensure that your router is locked down. Read the articles below for step-by-step instructions on checking for flaws, updating your password and securing your home Wi-Fi network.