What is a botnet?
It is a collection of devices which are all connected to the internet, where each one is running one or more bots (autonomous program). These include any type of device that can be controlled by malware. Most of the time, the owners of these devices do not know that their devices are infected.
But why is this topic becoming more important? With more variety and cheaper devices becoming a part of ‘the internet of things’, there is a larger pool of devices which can be infected. Since many of these devices have very little security, they are easily infected and large networks are quickly made.
So, what can the hackers do with these botnets? They can take down websites with large DDoS attacks (you may have experienced these playing online games), that take down the servers by flooding their bandwidth using botnets. Secondly, they can commit click fraud, where advertisers online are led to believe people are clicking their ads. This could ultimately destroy the internet advertising model. Furthermore, they can use these their botnet network to mine bitcoins (and earn a considerable amount of money doing so).
However, another type of attack is equally frightening. The smart-LED-light system from Philips, the Philips Hue is just as vulnerable to attacks as any other device connected to the internet. These Hue lights allow the user to control their lights via the internet, with a lot of different functions. With more people adopting these type of technologies (myself included) large scale attacks can have serious effects.
Researchers from Canada were able to remotely hack hue bulbs from a distance of 70 meters using botnets, allowing them to control them. Not only is this something you obviously do not want as a consumer, but it can seriously damage an electrical grid of a densely populated area. This was all done with equipment only costing a few hundred dollars. Although the researchers worked together with Philips to improve their system, similar attacks may follow.
The Hue lights are only one aspect of a smart house. When more devices are added to your house for convenience, a hack can do a lot more damage. As a consumer who enjoys these technologies a lot, I am left to trust these large companies to improve their software to keep me protected. But to what extent can these technologies put me at risk? Are you willing to trade the risk of being hacked for the reward of “super cool lights”?
https://www.technologyreview.com/s/603500/10-breakthrough-technologies-2017-botnets-of-things/
https://www.cnet.com/news/new-study-details-a-security-flaw-with-philips-hue-smart-bulbs/
Hi Denzi, thanks for the interesting post! I’m quite surprised that it is so simple to hack these hue light bulbs. In another article I also read that they managed to hack them with a drone flying close to or over the house. If one day these light bulbs become widely adopted the worst case scenario is that you can simply blackout an entire city. But probably light bulbs should be your least concern if a smart door can be unlocked remotely with no signs of forced entry, cameras can be hacked and homes monitored without user knowledge. In general, a lot of smart home devices which are connected to the internet are not equipped with the highest standard of protection against hackers. Especially, if the number of smart homes are expected to hit 73 million by 2021, making up more than 50% of all households in the US, there is definitely a need for higher security standards.