The number of devices that are connected to the Internet is staggering — some estimates suggest it may be as many as 6.4 billion devices worldwide.
And it’s not just computers and phones: it’s automated lighting, heating ventilation and air conditioning systems, as well as appliances such as washers and dryers, robotic vacuums, air purifiers, ovens and refrigerators. These devices make life more convenient, but that convenience is not without security risks.
Dalhousie researcher Colin O’Flynn has recently earned international media attention for a study identifying a flaw in the wireless technology used for “smart homes.” The study, conducted with Eyal Ronen, Adi Shamir and Achi-Or Weingarten, all from the Weizmann Institute of Science in Israel, identifies a security concern that makes such devices susceptible to hackers, and could potentially give them control over things like lights, switches, locks and thermostats.
The draft paper was recently covered by the New York Times, Globe and Mail, CBC, BBC, Fortune and several other international media outlets. And it’s already led to practical results: Philips, one of the companies whose devices was susceptible to the potential vulnerability, was notified about the issue and issued a patch to correct it last month.
Creating a computer worm
O’Flynn, currently a PhD student in Dal’s Department of Electrical & Computer Engineering, developed the study from his research on re-purposing low-cost Phillips Hue bulbs by re-programming them with new code.
“My first step was to understand how these light bulbs worked, and that's what really set the whole project in motion,” says O’Flynn. “I reached out to Eyal Ronen at Weizmann Institute, who had been doing similar work under his PhD supervisor Adi Shamir, and we decided to join forces to do a more in-depth look at how secure the bulbs were.”
Using the Philips Hue smart light bulb as a platform, the researchers developed a computer worm that could be easily spread to other devices. The worm spread by jumping directly from one lamp directly to one of its neighbours, using only the built in ZigBee wireless connectivity and their physical proximity.
The theory was put to the test by taking over lamps in two different “attack” scenarios. In the first, conducted at the Weizmann Institute, the researchers did a “drive-by” hack using a vehicle, and found they were able to manipulate the lights from up to 70 metres away. (Video.)
The second was significantly more elaborate — but not out of the realm of possibility by any means. The target was an office building in the city of Be’er Sheva in Israel, which hosts several well-known security companies and also the Israeli Computer Emergency Response Team (CERT). Several Philips Hue lights were installed on one floor of the building, and an “attack kit” was installed on a drone. As the drone got closer to building, lights were able to be manipulated to spell out "S.O.S." in morse code.
“We weren't too surprised at the results, to be honest,” says O’Flynn. “When we started the project we figured it would be possible with enough time, but it was very exciting as there was a probably two to three-day period where a lot of things were falling into place.”
Potential implications
Flickering lights may not initially seem like something to be concerned about, but this technology has the potential to be dangerous if placed into the wrong hands. Compromised devices could be used to jam wireless networks, attack the electrical grid or steal information.
“Hopefully we'll start to take security of all 'connected' devices seriously, and not just those connected to the Internet,” says O’Flynn. “A big part of our research was showing how such a worm could spread between the light-bulbs themselves wirelessly, independent of any internet or network connection.
“There is no doubt that devices are becoming more and more popular. But they are still new enough that there is time to fix some of these issues before they are completely ubiquitous.”
The complete findings of this study are available online.