Is Your Smart TV A Secure TV?

Is Your Smart TV A Secure TV?

Is Your Smart TV a Secure TV?smart-tv-secure

We tend to think of security problems as the exclusive domain of computers and all too often forget about the other devices and gadgets in our homes. Phones, TVs, tablets, hi-fi systems and any other web-connected smart home appliances are all at risk of being compromised by hackers and criminals, often without the owners even being aware of the situation.

New research by Yossi Oren and Angelos Keromytis at the Columbia University Network Security Lab has now claimed that smart and interactive TVs are the most ‘at risk’ group. The ‘Red Button’ attack can be conducted quickly and discreetly from anywhere in the neighbourhood, and could quickly take control of your printer, online accounts and Wi-Fi router to severely disrupt your life.

The report found that any television which uses the new HbbTV standard is vulnerable. With almost all of Europe using the standard and with the US slowly catching up, the problem puts hundreds of millions of people at risk.

Oren and Keromytis claim that a hacker with a $250 1-watt amplifier could cover a 1.4 sq kilometre area. Oren mapped New York City neighbourhoods by population density overlaid with the locations of big digital broadcast antennas. By positioning the retransmission gear at a good height and within line of sight of a tower (for example, on a drone or tall building), a hacker in Queens could deliver malicious content via the Home Shopping Network to a potential audience of 100,000 people. With a more powerful 25-watt amp (about $1,500) the hacker can could cover nearer 35 sq kilometres, taking the reach of the attack into the hundreds of thousands of people.

A few characteristics of the method make it extremely dangerous. Firstly, neither the TV nor its owner would be aware that they are under attack. Secondly, the virus will remain active until the TV is entirely powered off. Finally, the virus is totally anonymous and untraceable because the hackers never present themselves on the internet with a source IP address or DNS server. All this means a person might be completely unaware an attack has happened until long after the event.

What can be done? The most extreme solution would be to completely cut off internet access to all broadcast-delivered HTML content, though this is unlikely to be do-able or practical for most home users. Another solution is monitoring smart TVs as a network. A single smart TV doesn’t know that its signal is being hijacked but the incoming signal data from multiple TV sets in the same area could be monitored to show abnormally high spikes in signal strength or application usage. Something as simple as asking users to confirm the launch of an app could also work.

Broadcasters would have lots of privacy issues to work out before any solution could be chosen however, and whichever method is ultimately selected will face the difficult task of acquiring an industry-wide and government-wide consensus to implement it. Do you use a smart TV? Have you taken any precautionary security measures? Let us know in the comments below.

(Infographic Source: iYogi)

By Daniel Price

About Daniel Price

Daniel is a Manchester-born UK native who has abandoned cold and wet Northern Europe and currently lives on the Caribbean coast of Mexico. A former Financial Consultant, he now balances his time between writing articles for several industry-leading tech (CloudTweaks.com & MakeUseOf.com), sports, and travel sites and looking after his three dogs.

Find out more
View All Articles

Sorry, comments are closed for this post.

Even Companies With A “Cloud First” Strategy Have Lingering Security Concerns

Even Companies With A “Cloud First” Strategy Have Lingering Security Concerns

Lingering Security Concerns Considering the cost and time-to-market advantages of SaaS applications in particular, it’s no surprise that companies are looking to the cloud to meet their business objectives. But what happens when a ‘cloud first’ company must also put security and compliance first? In a recent Bitglass survey report from a cloud access security…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

Methodically Plan Your Cloud Design First

Methodically Plan Your Cloud Design First

Are You Sure You Are Ready For The Cloud: Design For the last few months, we have been discussing getting ready to go to the cloud. We have covered topics such as Financial and Business Security reasons. We have even discussed the type of knowledge you should obtain. This month, we are going to take…

What Forecasts Of Data Breaches Should Spell To Cloud Security Practitioners

What Forecasts Of Data Breaches Should Spell To Cloud Security Practitioners

Cloud Security Practitioners And Auditors Today we have seen relatively few data breaches in the cloud despite its growing use for mission-critical workloads. However, as cloud increasingly becomes the backend for our mobile devices, for the Internet of Things (IoT) and for other daily life functions, we can safely predict that hackers will set their…

Connecting To Information With Cyber Physical Systems

Connecting To Information With Cyber Physical Systems

CPS Device Trends On The Rise It isn’t, “Do you remember who starred in XYZ Movie?” It’s, “Can you look it up please?” “Did you ever think you would sit at the dinner table, and when a question came up, someone would look up the answer and share it with everyone?” The words echoed at…

Are Cloud Solutions Secure Enough Out-of-the-box?

Are Cloud Solutions Secure Enough Out-of-the-box?

Out-of-the-box Cloud Solutions Although people may argue that data is not safe in the Cloud because using cloud infrastructure requires trusting another party to look after mission critical data, cloud services actually are more secure than legacy systems. In fact, a recent study on the state of cloud security in the enterprise market revealed that…

The Modular Drone Concept In Action

The Modular Drone Concept In Action

The Modular Drone Concept As the Internet of Things (IoT) world explodes around us, it is interesting to think about new ways of solving old problems. For example, drones allow for a potential solutions to a number of long-standing problems. Aerial drones that can carry modules are appearing. These new modular drones have a number…

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Advertising