Home / News

Researchers Demonstrate How Smart Bulbs Can Be Hacked to Cause Mass Disruptions

An attack kit mounted on a drone was flown from a range of 350 meters to an office building in the city of Beer Sheva hosting some well-known security companies including Israeli CERT. Several Philips Hue lights were installed in one floor to test the attack.

A team of researchers have released a report detailing a new type of threat in which adjacent IoT devices, such as Internet-connected light bulbs, will infect each other with a worm that will spread explosively over large areas in a kind of nuclear chain reaction.

Researchers from Israel’s Weizmann Institute of Science and Dalhousie University in Halifax, Nova Scotia, Canada released a report today, titled “IoT Goes Nuclear: Creating a ZigBee Chain Reaction,” detailing alarming ways hackers can rapidly cause city-wide disruptions in the near future as IoT devices surge to billions in the next few years.

Footage of researchers flying a drone near the Beer Sheva building where it successfully flickers the lights via ZigBee channel, signalling SOS repeatedly in Morse code. (Click to Enlarge / Source)“The Internet of Things (IoT) is currently going through exponential growth, and some experts estimate that within the next five years more than fifty billion ‘things’ will be connected to the internet. Most of them will be cheaply made sensors and actuators which are likely to be very insecure. The potential dangers of the proliferation of vulnerable IoT devices had just been demonstrated by the massive DDOS attack on the Dyn DNS company [see report], which exploited well known attack vectors such as default passwords and the outdated TELNET service to take control of millions of web cameras made by a single Chinese manufacturer.”

— “In this paper we describe a much more worrying situation: We show that without giving it much thought, we are going to populate our homes, offices, and neighborhoods with a dense network of billions of tiny transmitters and receivers that have ad-hoc networking capabilities. These IoT devices can directly talk to each other, creating a new unintended communication medium that completely bypasses the traditional forms of communication such as telephony and the internet.”

”[E]ven IoT devices made by huge companies with deep knowledge of security, which are protected by industry-standard cryptographic techniques, can be misused by hackers to create a new kind of attack: By using this new communication medium to spread infectious malware from one IoT device to all its physically adjacent neighbors in a process resembling a nuclear chain reaction, hackers can rapidly cause city-wide disruptions which are very difficult to stop and to investigate.”

For their experiment, researchers used Philips Hue smart lights sold in large numbers since 2012, particularly in the European market. The communication between the lamps and their controllers is carried out by the Zigbee protocol, the paper indicates which is the radio link of choice in many IoT devices due to its simplicity, wide availability and low cost.

Philips Lighting has since confirmed and fixed the takeover vulnerability.

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC


Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API