Researchers from the Weizmann Institute of Science have published a paper that outlines a rather unsettling (though perhaps unsurprising) scenario involving the “hackability” of internet-connected devices located in close proximity to each other.
Utilizing a flaw in the ZigBee radio protocol, which is used in thousands of consumer devices, the researchers demonstrate the explosive ease with which Internet of Things (IoT) devices can infect each other with malware, resulting in a kind of digital plague that can have catastrophic urban implications.
In their mock scenario, the researchers used a drone to wirelessly infect a Philips Hue smart lightbulb with a virus, which then visibly spread from one lamp to another in the building.
In another scenario, they spread the infection by driving a car 229 feet away.
“The attack can start by plugging in a single infected bulb anywhere in the city and then catastrophically spread everywhere within minutes, enabling the attacker to turn all the city lights on or off, permanently brick them, or exploit them in a massive DDOS attack,” the researchers wrote.
Further, the repeated flashing of lights (which manifest as sudden changes in power consumption) could have a detrimental effect on the electric grid or even induce epileptic seizures in photosensitive people on a city-wide scale.
To make this hypothetical attack possible, the researchers had to figure out a way to “yank” lamps from their current networks and to perform over-the-air firmware updates.
“We overcame the first problem by discovering and exploiting a major bug in the implementation of the Touchlink part of the ZigBee Light Link protocol, which is supposed to stop such attempts with a proximity test,” the researchers said. “To solve the second problem, we developed a new version of a side channel attack to extract the global AES-CCM key that Philips uses to encrypt and authenticate new firmware.”
The researchers used only equipment that was readily available to them and cost a few hundred dollars.
After the tests, they promptly notified Philips Lighting of its software vulnerability, and the company has since fixed the vulnerability in a software update issued earlier this month.
“We should work together to use the knowledge we gained to protect IoT devices or we might face in the near future large scale attacks that will affect every part of our lives,” the researchers concluded.
Filed Under: M2M (machine to machine)