Is your smart home secure? Philips Hue Smart Bulb hack says no

By Chris Burns/Feb. 5, 2020 11:22 am EST

Security researchers proved this week that worries about the vulnerabilities of the future Internet-Of-Everything smart home were well founded. They've shown that a hack into a Philips Hue smart lighting system would allow them access to the smart hub at the center of a smart home. With this hack, malware could be implanted, and chaos could ensue.

"Many of us are aware that IoT devices can pose a security risk," said Check Point Research Head of Cyber Research, Yaniv Balmas. "This research shows how even the most mundane, seemingly 'dumb' devices such as lightbulbs can be exploited by hackers and used to take over networks, or plant malware." You can see this hack in play in the video below.

It's all about that malicious lamp. It's in the confusion of the lost connection – of lost control – that the user really, truly loses control over their devices, their data, and their privacy.

This isn't a new situation – it's just the latest. Back in January of 2014, at CES 2014, the FTC sent word to the world of Internet of Things hardware makers and software developers. Back then they made clear the following. "Connected devices that provide increased convenience and improve health services are also collecting, transmitting, storing, and often sharing vast amounts of consumer data, some of it highly personal, thereby creating a number of privacy risks," said FTC Chairwoman Edith Ramirez (Jan 2014).

"Some observers have argued that precisely because the IoT is in its early stages, we should wait to see how it evolves before addressing privacy and security issues," said Ramirez (again, all the way back in 2014). "But I believe we have an important opportunity to ensure that new technologies with the potential to provide enormous benefits develop in a way that also protects consumer information."

So what can you do? Stop using smart devices – or at least stay informed about the potential for hacks, and keep up to date on how hackers use social engineering – like what you see above – to bypass the security protocols set in place be device manufacturers and software developers.

That includes the fix for the Philips Hue smart hub – one you'll need to download now if you've not already done so. Head over to this support release page for the Philips Hue Bridge v1 and v2 and get to downloading.