A recent study made by researchers from Check Point has discovered that Phillips Hue Bulbs, a product related to smart lighting can be hacked by hackers if the users fail to upgrade their firmware with the latest.
However, the good news is that Phillips has already rolled out a security patch to cover the vulnerability. And so, the onus is now on the users to upgrade their software as quickly as possible through the security measures suggested in the official website.
Technically speaking, the vulnerability allows hackers to inject malware into the homes that use the Hue Bulbs by flossing the Zigbee standard and exploiting the hue bridge as soon as the user deletes a disorientating bulb from the app.
As Zigbee acts as a common communication medium between two connected devices, even if the devices are from 2 different manufacturers, hackers might tamper the radio frequencies of the Zigbee antenna to spread malware into the network after taking full control of the operational bridge.
Currently, they are over 400 registered members and 2,500 devices operating on ZigBee alliance and this includes some of the noted devices such as Amazon Echo Plus, Samsung SmartThings, Belkin WeMo, Hive Active Heating and accessories, Phillips Hue, Yale Smart locks, Honeywell Thermostats, Bosch Security Systems, IKEA Tradfri, and Samsung Comcast Xfinity Box.
Check Point researchers say that the only way to keep the systems isolated from the cyber-attacks is to patch the devices on a complete note by customizing them in such a way that they automatically download the latest updates as soon as they are available. Also, it is better if office IoT devices are connected to a separate network i.e. VLAN.