Everyone is familiar with the concept of IoT, the Internet of Things, but how many of you have heard of smart lightbulbs? By using a mobile app, or your digital home assistant, you can control the light in your house and even calibrate the color of each lightbulb! These smart lightbulbs are managed over the air using the familiar WiFi protocol or ZigBee, a low bandwidth radio protocol.

Back in 2017, a team of academic researchers showed how they can take over and control smart lightbulbs and how this in turn allows them to create a chain reaction that can spread throughout a modern city. Their research brought up an interesting question: Could attackers somehow bridge the gap between the physical IoT network (the lightbulbs) and attack even more appealing targets, such as the computer network in our homes, offices or even our smart city?

And the answer is: Yes.

Continuing from where the previous research left off, Check Point’s researchers showed how a threat actor could exploit an IoT network (smart lightbulbs and their control bridge) to launch attacks on conventional computer networks in homes, businesses or even smart cities. Our researchers focused on the market-leading Philips Hue smart bulbs and bridge, and found vulnerabilities (CVE-2020-6007) that enabled them to infiltrate networks using a remote exploit in the ZigBee low-power wireless protocol that is used to control a wide range of IoT devices.

With the help of the Check Point Institute for Information Security (CPIIS) in Tel Aviv University, the researchers were able to take control of a Hue lightbulb on a target network and install malicious firmware on it.