Skip to main content

Some Smart Light Bulbs Are Vulnerable To Hackers

By February 15, 2020May 9th, 2022Cybersecurity

Hackers will take any and every opportunity presented to them, even if it means hacking smart light bulbs. Recently, security researchers at Check Point discovered a bug in the Philips Hue smart bulb that makes it vulnerable.

The bug is being tracked as CVE-2020-6007 and scores an impressive 7.9 out of 10, making it the most serious security flaw in a light bulb we’ve ever seen.

It sounds funny. After all, who would want to hack a light bulb? But it’s actually got serious implications. After all, the light bulb is just the beginning. Once hackers are ‘in’ the bulb, it gives them a beach head on the network that the bulb is attached to, and from there, they can jump to any other device they can see.

Fortunately, Philips has already published a fix for this, in the form of firmware version 1935144040. If you own one or more Philips Hue bulbs, you’ll want to check the firmware version. If yours has not already been updated, take the time to do so.

This underscores the one glaring weakness of the Internet of Things. Very few of the smart products we’re connecting to our networks have any security at all. The few devices that do boast some kind of security often have flaws like the one discovered here, which are severe enough to be considered crippling.

The net effect is to make any network that incorporates smart devices much less secure. After all, your network is only as secure as the weakest device on it, and smart devices have notoriously bad security.

That’s changing, but it’s changing at an incredibly slow rate. If you’ve got smart devices on your network, consider isolating them and minimizing the amount of contact they have with other devices on your network. That way, at least you can mitigate the impact until security improves.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.