Botnets and Smart-houses: Attack on Philip’s Hue Bulbs

15

October

2017

No ratings yet.

What is a botnet?

It is a collection of devices which are all connected to the internet, where each one is running one or more bots (autonomous program). These include any type of device that can be controlled by malware. Most of the time, the owners of these devices do not know that their devices are infected.

But why is this topic becoming more important? With more variety and cheaper devices becoming a part of ‘the internet of things’, there is a larger pool of devices which can be infected. Since many of these devices have very little security, they are easily infected and large networks are quickly made.

So, what can the hackers do with these botnets? They can take down websites with large DDoS attacks (you may have experienced these playing online games), that take down the servers by flooding their bandwidth using botnets. Secondly, they can commit click fraud, where advertisers online are led to believe people are clicking their ads. This could ultimately destroy the internet advertising model. Furthermore, they can use these their botnet network to mine bitcoins (and earn a considerable amount of money doing so).

However, another type of attack is equally frightening. The smart-LED-light system from Philips, the Philips Hue is just as vulnerable to attacks as any other device connected to the internet. These Hue lights allow the user to control their lights via the internet, with a lot of different functions. With more people adopting these type of technologies (myself included) large scale attacks can have serious effects.

Researchers from Canada were able to remotely hack hue bulbs from a distance of 70 meters using botnets, allowing them to control them. Not only is this something you obviously do not want as a consumer, but it can seriously damage an electrical grid of a densely populated area. This was all done with equipment only costing a few hundred dollars. Although the researchers worked together with Philips to improve their system, similar attacks may follow.

The Hue lights are only one aspect of a smart house. When more devices are added to your house for convenience, a hack can do a lot more damage. As a consumer who enjoys these technologies a lot, I am left to trust these large companies to improve their software to keep me protected. But to what extent can these technologies put me at risk? Are you willing to trade the risk of being hacked for the reward of  “super cool lights”?

https://www.technologyreview.com/s/603500/10-breakthrough-technologies-2017-botnets-of-things/

https://www.cnet.com/news/new-study-details-a-security-flaw-with-philips-hue-smart-bulbs/

Please rate this