The Dark Side of Smart Lighting: Check Point Research Shows How Business and Home Networks Can Be Hacked from a Lightbulb
February 05 2020 - 6:00AM
CPX – Check Point Research, the
Threat Intelligence arm of Check Point® Software Technologies Ltd.
(NASDAQ: CHKP), a leading provider of cyber security solutions
globally, has today revealed vulnerabilities that would enable a
hacker to deliver ransomware or other malware to business and home
networks by taking over smart lightbulbs and their controller.
Check Point’s researchers showed how a threat actor could
exploit an IoT network (smart lightbulbs and their control bridge)
to launch attacks on conventional computer networks in homes,
businesses or even smart cities. Researchers focused on the
market-leading Philips Hue smart bulbs and bridge, and found
vulnerabilities (CVE-2020-6007) that enabled them to infiltrate
networks using a remote exploit in the ZigBee low-power wireless
protocol that is used to control a wide range of IoT devices.
In an analysis of the security of ZigBee-controlled smart
lightbulbs that was published in 2017, researchers were able to
take control of a Hue lightbulb on a network, install malicious
firmware on it and propagate to other adjacent lightbulb networks.
Using this remaining vulnerability, our researchers decided to take
this prior work one step further and used the Hue lightbulb as a
platform to take over the bulbs’ control bridge and ultimately,
attacking the target's computer network. It should be noted that
more recent hardware generations of Hue lightbulbs do not have the
exploited vulnerability.
The attack scenario is as follows:
- The hacker controls the bulb’s color or brightness to trick
users into thinking the bulb has a glitch. The bulb appears as
‘Unreachable’ in the user’s control app, so they will try to
‘reset’ it.
- The only way to reset the bulb is to delete it from the app,
and then instruct the control bridge to re-discover the bulb.
- The bridge discovers the compromised bulb, and the user adds it
back onto their network.
- The hacker-controlled bulb with updated firmware then uses the
ZigBee protocol vulnerabilities to trigger a heap-based buffer
overflow on the control bridge, by sending a large amount of data
to it. This data also enables the hacker to install malware on
the bridge – which is in turn connected to the target business or
home network.
- The malware connects back to the hacker and using a known
exploit (such as EternalBlue), they can infiltrate the target IP
network from the bridge to spread ransomware or spyware.
“Many of us are aware that IoT devices can pose a security risk,
but this research shows how even the most mundane, seemingly ‘dumb’
devices such as lightbulbs can be exploited by hackers and used to
take over networks, or plant malware,” said Yaniv Balmas, Head of
Cyber Research, Check Point Research. “It’s critical that
organizations and individuals protect themselves against these
possible attacks by updating their devices with the latest patches
and separating them from other machines on their networks, to limit
the possible spread of malware. In today’s complex fifth-generation
attack landscape, we cannot afford to overlook the security of
anything that is connected to our networks.”
The research, which was done with the help of the Check Point
Institute for Information Security (CPIIS) in Tel Aviv University,
was disclosed to Philips and Signify (owner of the Philips Hue
brand) in November 2019. Signify confirmed the existence of the
vulnerability in their product, and issued a patched firmware
version (Firmware 1935144040) which is now via an automatic
update. We recommend users to make sure that their product received
the automatic update of this firmware version.
“We are committed to protecting our users’ privacy and do
everything to make our products safe. We are thankful for
responsible disclosure and collaboration from Checkpoint, it has
allowed us to develop and deploy the necessary patches to avoid any
consumers being put at risk,” says George Yianni, Head of
Technology Philips Hue.
Here is a demo video of how the attack works. The full technical
research details will be published at a later date in order to give
users time to successfully patch their vulnerable devices.
Check Point is the first vendor to provide a consolidated
security solution that hardens and protects the firmware of IoT
devices. Utilizing a recently acquired technology, Check Point
allows organization to mitigate device level attacks before devices
are compromised utilizing on-device run time protection.
Follow Check Point Research
via:Blog: https://research.checkpoint.com/ Twitter:
https://twitter.com/_cpresearch_
About Check Point Research Check Point Research
provides leading cyber threat intelligence to Check Point Software
customers and the greater intelligence community. The research team
collects and analyzes global cyber-attack data stored on
ThreatCloud to keep hackers at bay, while ensuring all Check Point
products are updated with the latest protections. The research team
consists of over 100 analysts and researchers cooperating with
other security vendors, law enforcement and various CERTs.
About Check Point Software Technologies
Ltd.Check Point Software Technologies Ltd.
(www.checkpoint.com) is a leading provider of cyber security
solutions to governments and corporate enterprises globally.
Check Point’s solutions protect customers from 5th generation
cyber-attacks with an industry leading catch rate of malware,
ransomware and advanced targeted threats. Check Point offers a
multilevel security architecture, “Infinity Total
Protection with Gen V advanced threat prevention”, this
combined product architecture defends an enterprises’ cloud,
network and mobile devices. Check Point provides the most
comprehensive and intuitive one point of control security
management system. Check Point protects over 100,000 organizations
of all sizes.
MEDIA
CONTACT: |
INVESTOR CONTACT: |
Emilie Beneitez Lefebvre |
Kip E. Meintzer |
Check Point Software Technologies |
Check Point Software Technologies |
press@checkpoint.com |
ir@checkpoint.com |
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From Mar 2024 to Apr 2024
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From Apr 2023 to Apr 2024