A Lightbulb Worm?

Presented at Black Hat USA 2016, Aug. 4, 2016, 9 a.m. (25 minutes)

Could a worm spread through a smart light network? This talk explores the idea, and in particular dives into the internals of the Philips Hue smart light system, and details what security has been deployed to prevent this. Examples of hacking various aspects of the system are presented, including how to bypass encrypted bootloaders to read sensitive information. Details on the firmware in multiple versions of the Philips Hue smart lamps and bridges are discussed. This talk concentrates on examples of advanced techniques used in attacking IoT/embedded hardware devices.

Presenters:

• Colin O'Flynn
  Colin O'Flynn has developed the world's first open-source platform for side-channel power analysis and glitching attacks, and has spoken around the world about the application of this platform to various targets. Previously he worked with Atmel developing low-power wireless embedded systems, and continues to write about FPGAs for Circuit Cellar magazine. He lives in Halifax, NS, Canada.

Links:

• https://www.blackhat.com/us-16/briefings.html#a-lightbulb-worm
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2016/A Lightbulb Worm.mp4
• https://www.youtube.com/watch?v=R3ZVeBWNSIY
• https://www.blackhat.com/docs/us-16/materials/us-16-OFlynn-A-Lightbulb-Worm.pdf
• https://www.blackhat.com/docs/us-16/materials/us-16-OFlynn-A-Lightbulb-Worm-wp.pdf

Similar Presentations:

• May Contain Hackers (MCH2022) / A Smart Light Hacking Journey
• Black Hat Asia 2018 / UbootKit: A Worm Attack for the Bootloader of IoT Devices
• REcon 2017 / The Lightbulb Worm - A Debriefing on Philips Hue Attacks