Who’s watching whom? Is Your Smart TV Spying on You?

Like something right out of George Orwell’s 1984, it turns out that Big Brother, or Big Hacker in this case, may in fact be watching you—through your television. Recent research shows that Smart TVs are just as vulnerable to a hacking attack as your home computer.

After months of research and working with Smart TV manufacturers to address the issue, Aaron Grattafiori and Josh Yavor of iSEC Partners shared their findings at last week’s Black Hat network security conference in Las Vegas, where they displayed just how curious a Smart TV can get—snooping on your web searches, accessing your app data, even spying on you in your own living room through your television.

How exposed is a Smart TV?

Here’s the problem: although quite evolved from their tube-stuffed, square-shaped, bulky (and quite weighty) predecessors, these intelligent entertainment boxes now have an IP address which provide the capabilities to connect you to a number of web apps such as Facebook, YouTube, and Skype that run off common computer code (Javascript or HTML5) just like your home computer, smartphone or tablet. And this type of code is susceptible to everyday malware attacks when left unprotected.

Yes, they’re technically television sets, but some of these Smart TVs have just as strong of a resemblance to a laptop, integrating Internet-connected apps, video streaming, microphones and even internal cameras. While these features may enhance the viewing experience and provide convenience, they also could leave you exposed to snoopers.

Harmful code can be inserted into chat messages such as those on Skype or Facebook or through a browser search performed on your TV, opening your unprotected television to several types of spyware. Once the code is installed, a hacker could take complete control over your television and access almost anything including your TV’s cameras and microphones. They can essentially turn your camera back on you, watching you as you… well, watch it.

According to manufacturers, fixes have been issued to reinforce the exposed code. However, you’re only as safe as your searches. Just like with your home computer or smartphone, there are a number of steps you can take to ensure your high-IQ television stays untouched by hackers:

  • Frequently change passwords on your TV apps. Keep your passwords fresh and you’re more likely to shake cybercriminals. If offered through an app on your Smart TV, set up two-step verification to give your logins extra protection.
  • Search cautiously and avoid suspicious sites. Watch out for a lot of spelling mistakes on pages, or any attempt to lure you to click on a link with promise of a deal that seems “too good to be true.”
  • Regularly install updates to your TV apps. There are a lot of bugs outside waiting to get in, don’t let one of your web apps become the hole in the screen that opens you up to infestation. Keep your apps up to date and you’ll keep yourself safe.
  • Use social media sparingly on your Smart TV. Video-streaming sites such as Netflix pose less of a threat on your TV than social media sites, where identity thieves will try to harness you in with fake offers and targeted “phishing” messages. When possible keep social media use off the TV and on other devices (computer, smartphone or tablet) that can be protected by comprehensive security, like McAfee LiveSafe™ service, which protects all of your devices, your identity and your data.

Your television may be too clever for its own good, but that doesn’t mean you need to let it catch you unaware. Stay on top of the latest security threats to your home and entertainment devices by following us on Twitter @McAfeeConsumer and Facebook.

 

Leave a Reply