Security researchers have created a proof-of-concept IoT worm that can hijack Philips Hue lighting devices across major cities worldwide.
Philips Hue Worm Can Infect Massive Amounts of Appliances
Security researchers have devised a new proof-of-concept worm that has the ability to infect thousands of Philips Hue lighting devices across whole cities. The consequences of such an action can mean that large cities and metropolises can have their lighting disrupted.
The findings are detailed in a thorough research paper titled IoT Goes Nuclear: Creating a ZigBee Chain Reaction. The team proposes that “within the next few years, billions of IoT devices will densely populate our cities . The paper gives an overview of how one such malware threat can infect these devices and spread on a massive scale over large areas producing “nuclear chain reaction” if the density of the compatible (affected) IoT devices exceed a certain critical mass.
The team has verified that a probable infection can be used with the Philips Hue smart lamp platform. The devised worm can spread from one lamp to another, thereby infecting a huge area using the built-in ZigBee wireless network depending on the physical proximity.
The attack can be initiated by delivering an infected device anywhere in the target vicinity and then spread it through built-in worm behavior. This can enable the remote attackers to turn all city lights on and off at will, institute permanent damage or exploit them to deliver a massive DDOS attack against certain targets.
The researchers have estimated that the critical mass of installed devices for a typical city such as Paris (with an area size of about 105 square kilometers) would be around 15 000 Philips Hue devices spread out in random locations.
To make such an attack possible the researchers had to devise a way to remotely disconnect the already installed appliances from their current network and to perform a firmare update over-the-air (OTA).
The first issue was resolved by exploiting a major vulnerability in the Touchlink implementation which is a part of the ZigBee Light Link protocol. This component is actually designed to stop such attempts from happening.
The second problem was resolved by developing a new side channel attack which extracts the global AES-CCM key for each device type. This code is used by the vendor to encrypt and authenticate new firmware updates for the Philips Hue devices. The researcheres used readily available equipment to extract the key.
This demonstrates once again the IoT Security must be taken seriously.
For more information you can read the research paper here.