Hacking Smart TVs? Can you imagine your “smart” TV being targeted by a zero-day exploit, becoming part of a botnet, or being used to conduct espionage? How about if the TV manufacturer, an attacker, or even the CIA were to hijack the video camera in the TV? Suddenly, as you watch TV in your undies, it’s smile because you’re on spying candid camera! Eavesdropping and denial of service attacks are possible; so is stealing sensitive personal or financial information stored by TV apps. By 2016, 100 million TVs are expected to be connected to the Internet. While smart TVs are not a low hanging fruit yet, in time it may become profitable for malware writers to hone in on these devices.
Smart TVs are constantly connected online, either by Ethernet cable or wirelessly, and come with built-in apps to surf the web; they offer a plethora of online services and apps to watch video, to listen to music, for video conferencing, to act as a shopping portal, and if you were so (unwisely) inclined, then even to bank online. You can control it via a remote, voice controls or hand gestures. Like smartphones, smart TVs have similar vulnerabilities as PCs. Do you manually update the firmware on your smartphone? Not many people do, so how many do you think would patch the firmware on their smart TV?
Like most technology in its “infancy,” security will not be addressed until something bad happens to a lot of people and then security will be bolted on as an afterthought. G Data Security Evangelist Eddy Willems stated, “We think that cyber criminals are already using the freely available software development kits from the TV manufacturers to discover opportunities for attack. We expect the first proofs of concept to be published soon.”
The winners of the 2013 CES Innovation Awards video display category were announced and include the gigantic LG 84 inch Ultra HD 3D TV and Samsung 85-inch UHD TV. If you’ve been bitten by the bug to buy a big screen smart TV, then here are the hacking threats to those huge devices.
According to “Smart TV Hacking: Crash Testing Your Home Entertainment” [PDF], a Codenomicon whitepaper, the researchers conducted fuzz testing for security purposes on six popular smart TVs; all six failed the fuzzing. “Of course some basic security measures need to be there such as password protection for ensuring the users’ privacy. Nonetheless, it is impossible to determine whether your digital television has been compromised. Anti-virus for embedded devices does not work, and home firewalls cannot detect all attacks against tailor-made TV applications.”
Smart TV hacking threat scenarios:
1) Denial of service attacks: This is not new. While tinkering with his brother’s new Samsung D6000 TV, Italian security researcher Luigi Auriemma accidentally discovered he could remotely send the TV into an endless restart mode, aka a denial-of-service attack, that even unplugging the power or Ethernet cable wouldn’t fix. Before that, Gabriel Menezes Nunes, another security expert, launched a remote denial of service attack against Sony Bravia TVs.”
2) Exploits: Malicious code can be run on the TV to gain unauthorized access; detecting such a breach would be difficult since smart TVs, like non-jailbroken smartphones, do not allow users operating system level access. What if, not the TV, but the app or app store are hacked and sensitive personal and financial data connected to them were dumped on pastebin? Oh pooh it won’t happen? Eenk! LG Smart World is LG’s official app store for smart TVs. Last week, Techie Buzz reported that “@Ur0b0r0x has breached LG Smart World, and leaked email addresses and password hashes of 11,316 users.” An LG spokesperson added that “LG has been unable to verify a breach.”
After successfully hacking an Internet TV in several ways, including forcing porn to Disney channel watchers, Roger Grimes, a security researcher for Microsoft, reported, “Your TV will be hacked.” Grimes added, “Pen testing is always fun. But cracking your main target while pirating porn with your buddies and taking over the whole company? Priceless.”
3) Covert malware: Since a smart Internet-connected TV has an IP, then there may come a day when cybercrooks use malware and chain a bunch of them together to form a TV-based botnet. Codenomicon research stated, “Botnets and other espionage software can be installed and remain undetected in home entertainment systems. Hidden malware can access functionalities such as cameras (e.g. Kinect motion detection) and microphones on the TVs. As TV distribution is often very homogenous, running only a limited range of operating systems, a single instance of malware can infect and populate hundreds of millions of homes, creating powerful botnets for launching Denial of Service attacks.”
4) Loss of sensitive data. Credit card numbers are stored on the smart TV for on-demand services and could be extracted by crooks. Email and social media also store sensitive data on the TV. Additionally, intercepting traffic moving from a TV to a back-end service and replacing icons on the TV to point to a completely different service are a few of the vulnerabilities documented last year by software device security firm Mocana. CEO Adrian Turner warned, “It could be injecting a screen that says this is Foxtel or whoever your cable company is and please re-enter your credit card information in order to continue your service.”
5) Social engineering and static media: TV software “decodes movie files and displays pictures, which can be malicious and cause crashes or buffer overflows,” warned Codenomicon. Users could be social engineered and tricked into plugging in an infected USB or memory card.
If Blue Coat Systems, known for selling surveillance technology, is studying how smart TVs are susceptible to web-based security threats, then if you care about privacy it might be wise to see what Blue Coat says those threats are. “Smart TVs bring two potential risks. The first is when cybercriminals run scams to trick victims into calling premium-rate numbers in order to purchase the content they saw advertised on TV….The bigger risk is TVs that have been infected and are then used to monitor network traffic.”
Eavesdropping: Codenomicon wrote, “This research shows that the video protocols were surprisingly unstable, which is disappointing when considering that it is one of the key features a TV is supposed to handle. The DVB [Digital Video Broadcasting] protocol seems to be vulnerable throughout the tested smart TVs…Military implementations of DVB could be remotely crashed, get infected with malware, be eavesdropped upon, or at worst, get controlled by the attackers.”
Codenomicon concluded [PDF], “As shown in this study, the TV-specific protocols are likely to open up new attack vectors which can be used to attack the TV set. Zero-day vulnerabilities in communication protocols open the devices to remote compromise.”
Furthermore, TV manufacturers need an automated patch release process. Otherwise, even if these vulnerabilities are addressed, how many people who can’t even keep their PC patched do you think will tackle a “difficult” TV patching process? You could put a smart TV behind a firewall or proxy, but there’s no IDS available and not much in the form of anti-virus. F-Secure recently offered mobile security for Android-based smart TVs. FortiGuard Labs Threat Response Team told ZDNet that customers can request a “clean pipe,” meaning “clear of infection vectors,” from their ISPs to safeguard their TVs.
Still have a hankering for that big screen smart TV? Just a big flipping screen TV? Ok then, here are the best prices so far from the leaked Black Friday ads. Everyone has an opinion on what is the best display, and whether buying a TV that requires wearing 3D glasses will be outdated technology next year. But there are 3D smart TVs that don’t need glasses and new technology is coming out in some theaters that would allow movie-goers to watch 3D movies without glasses.