Is Your Smart TV A Secure TV?

Is Your Smart TV A Secure TV?

Is Your Smart TV a Secure TV?smart-tv-secure

We tend to think of security problems as the exclusive domain of computers and all too often forget about the other devices and gadgets in our homes. Phones, TVs, tablets, hi-fi systems and any other web-connected smart home appliances are all at risk of being compromised by hackers and criminals, often without the owners even being aware of the situation.

New research by Yossi Oren and Angelos Keromytis at the Columbia University Network Security Lab has now claimed that smart and interactive TVs are the most ‘at risk’ group. The ‘Red Button’ attack can be conducted quickly and discreetly from anywhere in the neighbourhood, and could quickly take control of your printer, online accounts and Wi-Fi router to severely disrupt your life.

The report found that any television which uses the new HbbTV standard is vulnerable. With almost all of Europe using the standard and with the US slowly catching up, the problem puts hundreds of millions of people at risk.

Oren and Keromytis claim that a hacker with a $250 1-watt amplifier could cover a 1.4 sq kilometre area. Oren mapped New York City neighbourhoods by population density overlaid with the locations of big digital broadcast antennas. By positioning the retransmission gear at a good height and within line of sight of a tower (for example, on a drone or tall building), a hacker in Queens could deliver malicious content via the Home Shopping Network to a potential audience of 100,000 people. With a more powerful 25-watt amp (about $1,500) the hacker can could cover nearer 35 sq kilometres, taking the reach of the attack into the hundreds of thousands of people.

A few characteristics of the method make it extremely dangerous. Firstly, neither the TV nor its owner would be aware that they are under attack. Secondly, the virus will remain active until the TV is entirely powered off. Finally, the virus is totally anonymous and untraceable because the hackers never present themselves on the internet with a source IP address or DNS server. All this means a person might be completely unaware an attack has happened until long after the event.

What can be done? The most extreme solution would be to completely cut off internet access to all broadcast-delivered HTML content, though this is unlikely to be do-able or practical for most home users. Another solution is monitoring smart TVs as a network. A single smart TV doesn’t know that its signal is being hijacked but the incoming signal data from multiple TV sets in the same area could be monitored to show abnormally high spikes in signal strength or application usage. Something as simple as asking users to confirm the launch of an app could also work.

Broadcasters would have lots of privacy issues to work out before any solution could be chosen however, and whichever method is ultimately selected will face the difficult task of acquiring an industry-wide and government-wide consensus to implement it. Do you use a smart TV? Have you taken any precautionary security measures? Let us know in the comments below.

(Infographic Source: iYogi)

By Daniel Price

About Daniel Price

Daniel is a Manchester-born UK native who has abandoned cold and wet Northern Europe and currently lives on the Caribbean coast of Mexico. A former Financial Consultant, he now balances his time between writing articles for several industry-leading tech (CloudTweaks.com & MakeUseOf.com), sports, and travel sites and looking after his three dogs.

View Website
View All Articles

Sorry, comments are closed for this post.

Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago.…

Using Cloud Technology In The Education Industry

Using Cloud Technology In The Education Industry

Education Tech and the Cloud Arguably one of society’s most important functions, teaching can still seem antiquated at times. Many schools still function similarly to how they did five or 10 years ago, which is surprising considering the amount of technical innovation we’ve seen in the past decade. Education is an industry ripe for innovation…

Your Biggest Data Security Threat Could Be….

Your Biggest Data Security Threat Could Be….

Paying Attention To Data Security Your biggest data security threat could be sitting next to you… Data security is a big concern for businesses. The repercussions of a data security breach ranges from embarrassment, to costly lawsuits and clean-up jobs – particularly when confidential client information is involved. But although more and more businesses are…

Digital Twin And The End Of The Dreaded Product Recall

Digital Twin And The End Of The Dreaded Product Recall

The Digital Twin  How smart factories and connected assets in the emerging Industrial IoT era along with the automation of machine learning and advancement of artificial intelligence can dramatically change the manufacturing process and put an end to the dreaded product recalls in the future. In recent news, Samsung Electronics Co. has initiated a global…

Three Tips To Simplify Governance, Risk and Compliance

Three Tips To Simplify Governance, Risk and Compliance

Governance, Risk and Compliance Businesses are under pressure to deliver against a backdrop of evolving regulations and security threats. In the face of such challenges they strive to perform better, be leaner, cut costs and be more efficient. Effective governance, risk and compliance (GRC) can help preserve the business’ corporate integrity and protect the brand,…

Beacons Flopped, But They’re About to Flourish in the Future

Beacons Flopped, But They’re About to Flourish in the Future

Cloud Beacons Flying High When Apple debuted cloud beacons in 2013, analysts predicted 250 million devices capable of serving as iBeacons would be found in the wild within weeks. A few months later, estimates put the figure at just 64,000, with 15 percent confined to Apple stores. Beacons didn’t proliferate as expected, but a few…

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

The 80-20 Rule For Security Practitioners  Everyday we learn about yet another egregious data security breach, exposure of customer data or misuse of data. It begs the question why in this 21st century, as a security industry we cannot seem to secure our most valuable data assets when technology has surpassed our expectations in other regards.…

The Future Of Cloud Storage And Sharing…

The Future Of Cloud Storage And Sharing…

Box.net, Amazon Cloud Drive The online (or cloud) storage business has always been a really interesting industry. When we started Box in 2005, it was a somewhat untouchable category of technology, perceived to be a commodity service with low margins and little consumer willingness to pay. All three of these factors remain today, but with…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully…