Kuma gaskiyar ita ce babu wanda ya kubuta daga harin da "hackers" suka kai masa kamar yadda wannan labari ya nuna, inda aka bayyana wani rauni a ciki. kai tsaye yana shafar yarjejeniyar sadarwa ta Zigbee wanda Philips Hue kwararan fitila da sauran wayoyi masu amfani da gida kamar su Honeywell thermostats suke amfani dashi, Bosch Security Systems, Ikea Tradfri, Samsung SmartThings, Amazon Ring, Xfinity Box da sauransu.
A wannan yanayin matsalar ita ce mutum na waje na iya sarrafa kwararan fitilarmu, canza launi, haske ko ma kunna su ko kashewa ba tare da mun sami damar yin komai don hana shi ba. Wannan yanayin ya samu rauni ne ta Duba masu binciken tsaro na Point.
Masu amfani waɗanda ke da irin wannan samfurin na Philips suna iya tabbatar da cewa an gargaɗi kamfanin game da wannan matsalar kuma an warware shi tare da sabuntawa, kodayake gaskiya ne cewa mun ga matsala wani lokaci da ya wuce. tare da kayan aikin wasu kwararan fitila (wanda ya kasance mai saukin kamuwa da wadannan hare-hare a shekarar 2016) kuma a wannan lokacin ba a iya warware shi ba tare da sabuntawa kodayake dole ne a kuma ce ba za a iya yada shi zuwa sauran na'urorin daga gada kamar yadda lamarin yake ba wannan sabon yanayin rashin lafiyar da aka gwada a cikin kwararan fitila, saboda haka zai iya shafar wannan nau'ikan kwararan fitilar kawai.
Wannan ba batun Philips bane, matsala ce ta yarjejeniya ta samun gada, amma har yanzu ana ba masu amfani damar duba aikace-aikacen Philips Hue don sabuntawa. akwai kuma idan sun sami ɗaya, shigar da shi da wuri-wuri. Hakanan yana faruwa tare da sauran na'urorin da aka haɗa zuwa Zigbee. Yaniv Balmas da kansa, Shugaban bincike a Check Point Research, ya bayyana:
Da yawa daga cikinmu suna sane da cewa na'urori na IoT na iya haifar da haɗarin tsaro, amma wannan binciken ya nuna yadda hatta abubuwan yau da kullun da ake ganin "bebe", kamar fitila mai haske, za a iya amfani da su ta hanyar masu satar bayanai da amfani da su don mamaye hanyoyin sadarwa. . Yana da mahimmanci cewa kamfanoni da masu amfani su kare kansu daga waɗannan hare-haren ta hanyar sabunta na'urorin su tare da sabbin faci da kuma raba su da wasu na'urorin da aka haɗa akan hanyoyin sadarwar su don iyakance yiwuwar yaduwar cutar ta malware. A yau akwai nau'ikan cyberattacks da yawa don haka ba za mu iya wadatar da tsallake tsaron duk abin da ke da alaƙa da hanyar sadarwarmu ba.
A nasa bangaren lManajojin Philips Hue sun gode wa masu binciken Check Point saboda aikin da suka yi kuma sama da duka don yi musu gargaɗi game da wannan raunin (CVE-2020-6007) kafin ƙaddamar da shi a fili da haifar da tsoro ko ma matsala ga kamfanin.