Hackers can hijack your house through your light bulb, researchers discover

Homes and businesses that use smart light bulbs are at risk of being hacked and even spied on, new research has revealed.

The vulnerability, which affects the market-leading Philip Hue smart bulb, was discovered by researchers at security firm Check Point, who claim cyber criminals could use it to plant spyware or ransomware on home networks.

It works by exploiting a flaw with the popular ZigBee protocol, which is commonly used within wireless networks.

"Many of us are aware that smart devices can pose a security risk, but this research shows how even the most mundane, seemingly 'dumb' devices such as light bulbs can be exploited by hackers and used to take over networs, or plant malware," said Check Point researcher Omri Herscovici​.

"It is critical that organisations and individuals protect themselves against these possible attacks by updating their devices with the latest patches and separating them from other machines on their networks, to limit the possible spread of malware."

The researchers informed Philips of the vulnerability, who have since issued a security patch through its website. Check Point urged owners of the light bulb to update their devices immediately.

The research once again raises questions about the security of internet-connected devices that are increasingly used in people's homes.

Everything from toasters to baby monitors have been discovered with serious flaws that endanger the people who use them.

A recent investigation by UK consumer watchdog Which? revealed that thousands of smart security cameras could be vulnerable to hackers.

Smart light bulbs, which have limited capabilities compared to other smart appliances like fridges and TVs, may seem relatively harmless as a technology, but Check Point's research is not the first time issues have been discovered with them.

Last year, researchers at the University of Texas discovered security holes in popular smart bulb brands that cause them to leak information when exposed.

"Think of the bulb as another computer. Any data can be stolen: texts or images. Anything that is stored in a computer," University of Texas professor Murtuza Jadliwala said at the time.

"These bulbs are now poised to become a much more attractive target for exploitation even though they have very simple chips."