Internet privacy and security course
About translation
Previous Next

Chapter 85

Cyber espionage through smart TVs

The telescreen received and transmitted simultaneously. Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment.
George Orwell, 1984

Why do they hack smart TVs

Orwell is not just a writer, he is a great prophet, smart things are getting into the houses of every family every day. In 2017, the largest leakage in the history of the CIA happened, thousands of internal documents were stolen, which also contained information about the tools used for cyber espionage. The most interesting documents were published by Wikileaks later on.

And the world discovered that the security services are watching us through smart TVs and even when the TV itself is turned off (but there is access to power). However, I am deceiving you, it was well-known a long time ago, long before the Wikileaks publication. Experts regularly found vulnerabilities, alarmed about the lack of effective protection, but this did not bother anyone. They didn’t get worried after the publication, but now this obvious fact has documentary evidence, even if it’s not completely legal.

If earlier TVs could only receive a signal and transform it into an image, then modern TVs have a camera, microphone and Internet access, they can not only receive data and broadcast, but also store them.

For the purpose of cyber espionage, it is not only TVs that are hacked, malefactors are interested in video cameras, electronic nannies, and other household items that can listen, see the user, or participate in attacks on other devices. According to documents published by Wikileaks, a special department of the CIA EDB (Embedded Devices Branch) is engaged in the development of exploits for Internet things. This is their job, and they must provide, if necessary, eyes and ears in every home, including yours.

There is no doubt that the special services of other countries are also working on this, trying to get ears and eyes in each apartment. But not only special services are interested in your TV, for example, hackers make botnets from TVs, these are the networks of infected devices used for illegal actions.

Today, a botnet can include not only compromised personal computers, mobile devices and servers, more and more often coffee makers, refrigerators, washing machines and, of course, televisions are becoming part of a botnet. Such news is not rare on the pages of IT-magazines.

There are cases of blocking LG TVs with extortion programs, but resetting the settings helped to get rid of the block. TV is not a computer, users are not afraid to lose valuable information, and up to now the future of ransomware for Smart TV is pretty vague.

The future of attacks related to the advertising input looks more interesting, for example, you turn on your favorite channel, and before launching you are shown an extra ad. It seems nothing unusual, only it will be implemented by third parties as a result of hacking your TV. But so far these are only theoretical arguments, we do not know any real cases.

But cyber espionage through TVs is already a reality, and for spies the compromised smart TV is just a present...

How do they hack smart TVs

Browser attacks

You probably know that smart TVs have their own browser. As a rule, these are outdated browsers without updates, often with the included Flash Player. And in general, the security of the browsers of televisions is given incomparably less attention than browsers of computers or mobile devices. To a greater extent, this concerns Tizen (Samsung), WebOS (LG), still a pleasant exception is Android TV.

The employee of the Swiss company Oneconsult Rafael Scheel wrote two exploits to attack smart TVs and posted on his website. The first one was based on the vulnerability of CVE-2015-3090 from the archive Hacking Team, aimed at Flash. The second exploit used the JavaScript function Array.prototype.sort. As a result of such attacks, it was possible not only to compromise the browser, but also to get access to the firmware, in other words, to turn your smart TV into a smart spy.

Probably, you decide to skip this point, you do not use the browser on the TV and do not follow anywhere. Do not hurry, because you do not need to do that, it can be done for you. In addition to the exploits, Rafael Scheel published a description of the way to remotely force the TV to open any site.

The method is based on the standard HbbTV, which works with most models of modern smart TVs. The problem is that the TVs are connected to the most powerful signal, and the attacker, who is nearby, will win over cable operators. This may be a device in a car near the house or a drone soaring near the necessary floor.

The main problem is that smart TVs can get the sent commands, including making smart TV open the desired site in the background. Unfortunately, in this case you will not even know that you have been hacked. At the time of publication of the study in 2017, about 90% of smart TVs were at risk.

Physical access to the TV

This is simple, since a flash drive is inserted into the TV containing a malicious executable file that, by exploiting vulnerabilities, is installed into the firmware. The CIA and the British MI5 Weeping Angel worked in a similar way.

Therefore, if you are an interesting person for the state, it is highly likely that a special services worker will come to set up your television.

Remote attack

If your TV is connected to the Internet, an attacker can hack it, being in another part of the world, just like hacking any other devices on the network.

And if, when using a home Wi-Fi router, you do not substitute the IP address and the malefactor receives it, then by attacking the router they will have the opportunity to attack all devices connected to it. Among them it is very likely there will be your TV as well. This is another reason to take care of hiding the real IP address.

Pre-installed spyware

One of the principles of this course is not to trust anyone. Do not trust TV manufacturers too, but for sure the numerous intermediaries on the way from the manufacturer to the buyer are much more dangerous than they could be.

Check Point, a well-known company, specializing on security, conducted a research in 2017 and found malware in such popular phone brands like Samsung, LG, Xiaomi, Asus, and Lenovo. Malware was probably installed by one of the participants in the chain on the way to the final buyer.

Do you think it is possible with Samsung and LG phones, but not with TVs? It is much easier to perform this operation with televisions. Security experts give them less attention, and users do not check the pre-installed software.

A smart TV can go to a central warehouse in your country, where malefactors will install the necessary software on it to control your home.

How to protect your smart TV

Close the TV's camera if you are not using it.

We have already given this advice in relation to cameras on computers, laptops and front cameras of mobile phones (selfie cameras). Televisions are no exception, and the camera should also be closed.

Do not insert untested devices into USB and make sure that others do not insert either.

And there is nothing to add in the case. Everything is simple and banal, but it is through USB that it is the easiest way to get complete control over the device. It was through USB that the developed by the CIA and MI5 Weeping Angel was distributed, this is the most accurate and effective method of influencing.

Do not download any software from unknown resources.

This also applies to computers, but users have sandboxes, virtual systems, in case of emergency, antiviruses and Virustotal, even browsers have learned how to block plainly malicious sites. Owners of TVs have nothing.

For the sake of justice, malware for smart TVs is incomparably less than for personal computers or mobile devices.

Update your firmware in time.

This is important to do it right away when buying a device, and for this it is even recommended to temporarily connect the TV to the Internet. In addition, it is necessary to check for updates at least once every six months, and even better to check for updates from the manufacturer.

If your TV is constantly connected to the Internet, it must independently check for updates and install them. Most modern devices do this, but you should make sure that you have this opportunity.

If you have the opportunity at the hardware level, unplug the microphone and camera.

This is advice for geeks who care about their right to privacy. The advice is good, but I have no illusions that many will not be able to do it.

If you do not need internet access, do not connect a smart TV to it.

You should need it to update the device, but then it is better to turn Wi-Fi off. You should understand that any professional spyware can not only enable it on its own, but also get access to Wi-Fi in the vicinity, even without a password.

If you are obsessed with the idea of ​​security, it is better to erase the Wi-Fi module on the TV, and get updated via a USB flash drive.

Turn off the power.

Remember, the only guarantee that the TV is off is when the power is off. The shutdown button does not guarantee real shutdown. For example, the CIA developed Weeping Angel, which skillfully hid the work of the TV. You could press a button, see the screen and the lights going out, but the TV continued to follow you through the camera and overhear using the microphone or through the speakers. And I was not mistaken: the speakers also know how to listen.

Previous
3737
Next