Researchers at security company Point Check have discovered a lack of communication technology used by Philips Hue lighting home appliances based on the Zigbee protocol.

NEW DELHI: Security analysts on Wednesday warned cybercriminals that they could use the Internet of Things (IoT) network — the lights and bridges that control it — to attack common networks on home, business, or even smart city computers.website

Researchers at security company Point Check have discovered a lack of communication technology used by Philips Hue lighting home appliances based on the Zigbee protocol.

The research was conducted with the help of the Check Point Institute for Information Security (CPIIS) at Tel Aviv University, Israel, published by Philips and Signify (owners of Philips Hue) in November 2019.

The brand has confirmed the unreliability of its products and has released a secure firmware version (Firmware 1935144040) that can now be used for it.

For this study, the researchers looked at Philips Hue’s smart lights and bridges and discovered an instability (CVE-2020-6007) that allows them to access the network via remote control with a Zing Bee device.

The researchers used Hue gloves as a platform to capture bullet control on the bridge and eventually attack the anticipation of the computer network.

The use of the latest Hue equipment is unsafe, the investigation said.

“A large number of us know that IoT devices can provide security, but this research shows that more advanced devices, such as ‘dumb ’bulbs, are counterfeit and used to hijack networks or spread malware,” Yana said. Balmas, Head of Cyber   Research, Point-to-Point Research.

“It’s important for organizations and individuals to protect themselves from these attacks by updating their equipment with modern features and separating it from other technologies in the industry. Their networks, to stop the spread of malware,” Balmas said.

If there is an attack reported by investigators, the seller turns off the lights or lamps to deceive its users into thinking the lights have waves. The lights seem to be “unreachable” in the user control system, so they will try to ‘rearrange it’.

The only way to reset the light is to turn it off in the tools menu and order the control bridge to reset the light.

The bridge detects the light bulb, and the user inserts it and inserts it back into the network.

The plant-operated lights have updated firmware that will use the Zigbee protocol to reduce the flow of battery cover circulating across the bridge and to send more information.

The operation also allows hackers to install malware on bridges – these are linked to targeted networks or websites.

Malware also communicates with criminals and uses known criminals (such as Eternal Blue), who can access IP networks from bridges to hostages or spyware.

“We encourage consumers to believe that the product can obtain information about this type of firmware,” Check Point said.

Translate »