How smart are you if you have a smart TV?
A conversation with a friendly cyber security expert in the merchant banking sector gave me some food for thought. How smart are you if you have a smart TV? Personally having avoided televisual technology for some considerable time - Mrs Teraknor and I have aquired a couple of ordinary lower specification televisions. Mine acts as a monitor and screen for a games console (which Son of Teraknor often hogs when home raiding our fridge), the other is connected to a couple of well known external WebTV technologies.
What many of you are blissfully unaware of is the reality that these Smart TVs are glorified low end computers - generally a stripped down Linux distribution with a nice graphical interface for navigation, YouTube and various television streaming services.
They still have a full TCP/IP stack (the bit that makes your TV interact with your home network and the Internet). The problem is that these are now being used as crude botnet zombies for DDOS attacks. In plainer english, hackers out there have found ways of encouraging your TV's to send out data packets towards a single attack destination.
One TV by itself does little and you will not notice the traffic on your home system - it is considerably lower level traffic than any Strictly Come Bake Off extravaganzas you may watch. But when 100,000 connected Smart TV's around the world are all sending data packets towards a single destination (like a bank) then we have a major issue.
Worse is the notion that some of the programming of these TV's was at best basic - trying to keep the memory and processor overheads as low as possible. Many are not armed with firewalls or mechanisms to prevent remote use of their services. As it was discovered that Smart TV's were being used to listen in, these back doors have been exploited in other ways.
While many believed that they were being smart buying a Smart TV, many other devices have overtaken this service. Yet now millions of Smart TV's are out there, insecure and connected ready to become the next botnet zombie.
What many of you are blissfully unaware of is the reality that these Smart TVs are glorified low end computers - generally a stripped down Linux distribution with a nice graphical interface for navigation, YouTube and various television streaming services.
They still have a full TCP/IP stack (the bit that makes your TV interact with your home network and the Internet). The problem is that these are now being used as crude botnet zombies for DDOS attacks. In plainer english, hackers out there have found ways of encouraging your TV's to send out data packets towards a single attack destination.
One TV by itself does little and you will not notice the traffic on your home system - it is considerably lower level traffic than any Strictly Come Bake Off extravaganzas you may watch. But when 100,000 connected Smart TV's around the world are all sending data packets towards a single destination (like a bank) then we have a major issue.
Worse is the notion that some of the programming of these TV's was at best basic - trying to keep the memory and processor overheads as low as possible. Many are not armed with firewalls or mechanisms to prevent remote use of their services. As it was discovered that Smart TV's were being used to listen in, these back doors have been exploited in other ways.
While many believed that they were being smart buying a Smart TV, many other devices have overtaken this service. Yet now millions of Smart TV's are out there, insecure and connected ready to become the next botnet zombie.
Comments
Post a Comment