Thanks to high-definition smart TVs with cameras, microphones and innovative interfaces geared towards a better user experience, these devices have found their way to many homes. It has become very popular. According to Statista statistics, more than 114 million smart TVs were sold globally in 2018, and smart TVs account for the largest proportion of televisions sold today.
In addition, consumers also have the option of converting "conventional" TVs with HDMI input to "smart" devices by connecting them to external streaming devices to convert the content of smart devices to ordinary TV. Three popular streaming devices are Google Chromecast, Amazon’s Fire TV, and Apple TV. However, there are dozens of TV boxes or broadcast devices that offer similar features.
Not surprisingly, Android TV - which includes exclusive Android apps and manufacturer-modified versions - is the most popular operating system for smart TVs. With Android and Android TV sharing the same hardware infrastructure, many malware strains that target your Android smartphone or tablet are completely capable of causing damage to your Internet-enabled TV.
How can smart TV be compromised?
Cyber criminals are usually financially motivated. This means they want information they can sell, data they can use to blackmail people, devices they can hijack, or computing power they can harness. Smart TVs can provide all of these opportunities making them attractive targets.
There is an arsenal of tools that attackers can integrate and use to wreak havoc on a digital and real victim's life. Malware, social engineering, vulnerabilities, wrong or weak settings, and physical attacks against smart TVs in public places are among the most common techniques used to control smart TVs.
Certainly the security related to Android operating systems has improved from previous days. The platform, released more than a decade ago, has become more flexible to exploit, sandbox technology has been improved, and the attack surface has been reduced to reduce the number of root privileged operations.
However, its open source character and great popularity, coupled with the incorrect scanning of Google Play apps, made the platform and its users an attractive target. With the expansion of Android systems with regard to the Internet of Things IoT risks are clearly beyond the touch-screen mobile devices.
Malware
There are cases of smart TVs that have fallen prey to ransomware similar to Simplocker attacks and the "police virus" - threats that instruct victims to pay to regain access to their devices. In 2018, a destructive worm called ADB.Miner took over the computing power of thousands of Android devices, including several smart TVs, and used them to extract cybercoins for attackers. This threat is an example of how malware designed to extract cryptocurrency has become more complex, gaining the ability to self-deploy and install itself on Android devices by exploiting open debugging ports.
Complicating matters is the fact that many users root their devices and install software from outside the Google Play Store for Android TV. Once a device is restarted, the app can run loose and if harmful, it can take advantage of elevated permissions to steal information from accounts in other apps, implement a keylogger, or neutralize overall system security guarantees.
Poor configuration
As has been hinted earlier, another potentially looming threat is related to the wrong configuration of your smart TV. This may be the fault of the vendor, who has modified the underlying operating system to add new functionality, may be due to your negligence, or it may be a combination of both.
The most common methods that have led to poor device configuration and that eventually pave the way for a cyber attack include keeping ports open, using unsafe protocols, enabling debugging mechanisms, relying on poor or default passwords (or no passwords at all), as well as using non-secure Necessary and as a result expands your attack surface.
Lest they be forgotten, unsafe settings paved the way for an ADB.Miner disease outbreak, as the worm was scanned for devices that had Android Debug Bridge (ADB) open for telecommunications.
Weaknesses
Smart TVs are also known to have security vulnerabilities that can make them easy prey for hackers. This includes flaws that make it possible to remotely control certain TV models using APIs or generic vulnerabilities that allow attackers to run arbitrary commands on the system.
Other concept attacks or actual attacks that rely on the use of HbbTV (Hybrid Broadcast Broadband TV) commands to obtain administrator permissions and perform harmful actions. One of our previous articles listed a large number of them.
Smart TVs have a built-in voice recognition receiver and a connection to a variety of IoT sensors, opening up another vector of potential attack. The large amounts of information they deal with, as well as the hubs of endless sensors, only increase their appeal to cyber criminals.
Attacks through USB ports
Although it can correct security vulnerabilities, users can educate themselves to proce
0 Comments