Smart devices and Internet connected devices have increased greatly in popularity creating an Internet of things (IoT). One of these devices is the smart light bulb, which is used to remotely control lighting. They have been sold in great numbers and installed in a large number of homes in modern dense cities. Smart devices and their networks may be susceptible to the same types of issues as network connected computers. Given the density of modern cities and the potential range of IoT communication networks, a specific attack could possibly hop across networks to infect a large area.
Ronen et al. tested the possibility of smart light bulbs being vulnerable to a self-propagating malware attack, or a worm. They developed and tested a method for overcoming the wireless network security standard used by the Phillips Hue smart light system, called Zigbee. The Phillips Hue lighting system has a number of security systems to defend against attacks. Primarily, it uses encrypted communications and a proximity check mechanism to prevent devices outside the home from performing dangerous operations. However, the researchers were able to overcome the encryption by using a side channel attack based on an analysis of the power used in the device hardware. This attack measures the use of power through the device as the encryption/decryption operation is happening to learn more about when processing is being performed. This provides insight into how many and what type of functions are likely being performed and eventually allowed the researchers to find a feasible method of determining the encryption keys.
A bug in the code of the lights allows the device to be reset without passing the proximity test. The reset device will then connect to another network. This means that a light can be infected from another light allowing the worm to hop across networks it would have otherwise been too far away from.
The researchers created their own malicious firmware updates for the devices that were accepted as being trustworthy by the device. They also showed that it would be possible to infect a device from a distance using a more powerful transmitter or from a drone platform. To reduce the risk of a worm escaping the test environment and causing damage, the researchers did not combine all of the exploits into a fully- functional worm.
This research shows the importance of security in the development of IoT devices, their protocols and the certification processes for those protocols. Using unique encryption keys for each bulb would prevent a simple worm from spreading. These types of devices might seem low risk; however, attackers could use them to jam other devices on similar networks, transport sensitive data out of networks or potentially harm people. The increasing ubiquity of IoT increases the potential harm they could cause. Consequently, the risk tradeoff between convenience and security should be rebalanced to consider the greater harm.
IoT communication networks are susceptible to malicious exploitation, possibly providing attack vectors to or data exflitration from other more sensitive networks.