Is your TV watching you?

Credit: Evgeny Glazunov | Dreamstime.com

The adoption of connected entertainment devices, and in particular smart TVs, has grown exponentially. In fact, connected entertainment device adoption including smart TVs grew by 50 percent in Australia in 2017, according to Deloitte’s latest Mobile Consumer Survey 2017.

Much like mobile phones, smart TVs have become internet-connected ‘computers’. However, the internet connectivity of smart TVs and the vulnerable state of security in the IoT space in general has opened the floodgates to a deluge of threats to consumer privacy and security. The key issue is that smart TVs and other IoT devices for the home and office don’t have the same authentication standards of computers, and security is often treated as an afterthought. 

Research has shown that various attacks against smart TVs are not only possible, but that they often require no physical access to the device or interaction from the user. It has also been demonstrated several times that, once compromised, an Internet-enabled TV can serve as a springboard for attacks on other devices within the same network, ultimately targeting a user’s personal information stored on more lucrative targets such as PCs or laptops.

Even more concerning is the ability for malware to turn smart TVs into bugging devices. In this attack vector, hackers create legitimate looking apps that, once downloaded, release malicious updates onto the smart TV, turning the built-in microphone into the perfect eavesdropper.

It goes without saying that the risks rapidly increase when such devices are used by businesses due to the lucrative nature of their data. In this scenario, the window of opportunity for attackers to breach organisations through less secure connected devices such as smart TVs in the boardroom creates a major concern. While cyberattacks against both consumers and businesses via smart TVs are not a current concern, it may only be a matter of time before cyber criminals begin exploiting their security flaws on a mass scale.

The history of smart TV spies

You probably enjoy watching your smart TV, but chances are that you don’t want it to watch you, too. However, “watching its watchers” is precisely what a smart TV can do.

Back in 2013, research revealed that by exploiting security holes in some models of Samsung’s internet-capable TVs, it was possible to remotely turn on the built-in camera and microphone. In addition to converting the TVs into all-seeing, all-hearing devices, they were able to take control of embedded social media apps, posting information on the users’ behalf and accessing their victims’ files.

Credit: Sergey Rasulov | Dreamstime.com

From the consumer perspective this poses obvious privacy and security concerns. For the enterprise, this is also a major worry as it means hackers have the potential to spy on teleconferences and meetings to extract highly confidential information.  

In 2014, it also came to light that there was a loophole in a widely used interactive TV standard known as HbbTV. It emerged that attack code could be buried in ‘rogue’ broadcasts that could target thousands of smart TVs in one fell swoop, hijacking these as well as other devices in the network, stealing logins, displaying bogus adverts, and even sniffing for unprotected Wi-Fi networks.

Concerns about the implications of smart TVs on privacy grew even further in 2015, when issues with Samsung’s ‘voice recognition’ function, enabling the use of voice commands, came to the fore. The company warned its customers who use the voice activation feature on their smart TVs that their private conversations would be among the data captured and shared with third parties. However, the voice information picked up in such ‘official snooping’ was not always encrypted, enabling the possibility of intruders to listen in on private conversations.

So have we become smarter about smart TV safety?

The short answer is no. In February, the results of hack tests on internet-connected TVs of five major brands, each of which use a different smart TV platform, were released.  The devices were found to be susceptible to rather unsophisticated hacks that would enable an attacker to remotely flip through channels, crank up the volume to blaring levels, install new apps, and knock the device off Wi-Fi. 

The review also found that users need to consent to the collection of very detailed data about their viewing habits – unless they’re ready to forgo the smart features of their new smart TV. Over the years, several manufacturers have been found to engage in behind-the-scenes acquisition of, and trafficking in, data about the viewing habits of consumers.

Issues with HbbTV were in the spotlight again in 2017. A security researcher demonstrated a technique for deploying a rogue over-the-air signal to compromise internet-enabled televisions. Once taken over by the attacker, the TV could be used for an apparently endless list of malicious actions, including to spy on the user via the TV's microphone and camera, and to burrow deep into the local network. As many as 9 in 10 smart TVs sold in recent years were estimated to be prone to this hack. According to one projection, over 750 million smart TVs will be in use worldwide by the end of 2018. With attacks growing increasingly sophisticated by the day, and more and more consumers snapping up smart TVs, the security conversation surrounding them is here to stay. Much like mobile phones, smart TVs have become internet-connected ‘computers’. It would no doubt help if we thought of them as such and protected them accordingly.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitysmart TVsNick FitzGeraldSmart Homes

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?