As we’ve previously blogged, the Internet of Things (IoT) is embedding itself into all aspects of our culture. We’re concerned that most IoT technology doesn’t address much about cybersecurity, rather they are focused on ease of connectivity and use. That’s a nightmare we’re still facing with our more traditional computing and networking platforms.
A new paper was published by research scientists out of Israel which exposes how a popular IoT communication standard, called Zigbee, can be exploited using the Philip Hue IoT smart lighting products. The paper opens with the following statement:
″Within the next few years, billions of IoT devices will densely populate our cities. In this paper we describe a new type of threat in which adjacent IoT devices will infect each other with a worm that will rapidly spread over large areas, provided that the density of compatible IoT devices exceeds a certain critical mass.
In particular, we developed and verified such an infection using the popular Philips Hue smart lamps as a platform. The worm spreads by jumping directly from one lamp to its neighbors, using only their built-in ZigBee wireless connectivity and their physical proximity. The attack can start by plugging in a single infected bulb anywhere in the city, and then catastrophically spread everywhere within minutes. It enables the attacker to turn all the city lights on or off, to permanently brick them, or to exploit them in a massive DDOS attack.”
More on how this was done can be read here.
Adrian Colyer of “The Morning Paper” has also written an excellent article explaining to readers how this attack was put together and the ramifications of the research couched in more layman’s terms.
“What we demonstrate in this paper is that even IoT devices made by big companies with deep knowledge of security, which are protected by industry-standard cryptographic techniques, can be misused by hackers can rapidly cause city-wide disruptions which are very difficult to stop and investigate.”
The cybersecurity experts at Sentar agree with Adrian that this research, while expected, is disturbing in it’s ease of deployment and likelihood of success.
But, so what? It’s just a bunch of light bulbs, right? Even if we ignore the fact that Zigbee is used on multiple other types of IoT devices and this hack could be used as a delivery platform to take over those devices. Even if only the lightbulbs were taken over, there is st
- A Bricking attack makes the attack irreversible such that any effect caused by the worm (blackout, constant flickering etc.) is permanent. Once the worm is in place, it can determine what further OTA updates to accept if any.
- Wireless network jamming uses the ZigBee band, which overlaps with WiFi. By going into ‘test mode’ which transmits a continuous wave signal without first checking for a clear channel, it would be possible to mount DoS attacks disrupting all WiFi or other 2.4GHz traffic.
- Data infiltration and exfiltration using Philips Hue lamps demonstrated by Ronen and Shamir at a rate of about 10KB per day. Using infected lamps similar covert channels can be created at much higher rates.
- Let’s get a bit more serious… Epileptic seizures – it is possible to use the Philips Hue to trigger epileptic seizures, or to drive LEDs at frequencies that increase long-term discomfort in humans. Imagine this happening simultaneously across a whole city!
We echo Adrian’s plea: “Can we please take IoT security a little more seriously now?”
If you are concerned about the cyber security of your company, we can help! Sentar’s Subject Matter Experts spend most of their days, weeks and years upping their own game while helping the most targeted Government Agencies defend themselves against the most complex, advanced and diligent cyber attacks from the worst of nation states and dark web attackers.