If Criminals Turn on Your Lightbulb, What Can They See?

If Criminals Turn on Your Lightbulb, What Can They See?

Manufacturers are working frenetically to connect chip-driven lighting products and make them talk to one another and to broader networks. Thus, today’s Wi-Fi-powered lights can turn on or off on a schedule, when you enter a room, receive a Facebook message or when your favorite basketball team scores.

And, with smart lightbulbs becoming more feature-rich and affordable with each model, the global smart lighting market is projected to exceed US $47 billion by 2020.[1]

But did you know that the light bulb was one of the first IoT gadgets to get hacked? Fortunately, the most notable hacks are the work of researchers. Three years ago, hacking was done by teenage pranksters that disturbed devices’ functionality, just for the fun of it. Users perceived it as annoying, but not as a real threat to personal security or property. After all, what danger could an innocent lightbulb pose?

Vulnerabilities come to light

As more IoT vulnerabilities are exposed in the media, people are beginning to realize the real danger – connected lighting can open the door to your increasingly intelligent home.

Poor authentication and faulty encryption practices are two common vulnerabilities exploited since the emergence of IoT. A device can be manipulated to trust another malicious device and connect to it. More specifically, an attacker can replicate the hotspot created during the setup process of the device and fool the Android application looking to establish a connection. The new hotspot is listed on top of the authentic one and, if the app connects to it, attackers can obtain the username and password of the victim's Wi-Fi network.

Once inside the network, intruders can see all the traffic sent in clear, including passwords, financial data, images and other sensitive data. It’s not easy, but it can be done and the privacy risks are significant.

What is the best way to protect devices?

IoT devices are immensely diverse and so is their firmware. Even if a traditional AV solution would work on some of them, the idea of installing agents on each device is time-consuming and troublesome. That’s why approaching security at a network level is one of the most effective ways to handle this.

Bitdefender BOX is a new, all-inclusive cybersecurity solution design to protect the entire network and anything connected to it: from phones, coffee makers, washing machines, headphones, lamps, wearable devices to almost anything else you can think of.

This means your iPhone, iWatch and other Apple devices are also safe against malware, viruses, hacks, phishing, online fraud, and spying and data theft. And with the embedded Private Line feature, it secures the connected devices even when outside the home perimeter.

To top it off, it looks like the perfect addition to your home: sleek and elegant. Go find out more more on the Bitdefender BOX site.

[1] http://www.strategyr.com/MarketResearch/Smart_Lighting_Fixtures_Controls_Market_Trends.asp

Subscribe to the Best of Macworld Newsletter