Do we fear that a connected or smart TV could be transformed into the telescreen portrayed in Orwell’s dystopian novel 1984, demanding ever greater calisthenics? “YOU! Bend lower, please! You can do better than that,” shouts the fitness leader to Winston Smith, the main character in 1984, Orwell’s book. It’s an odd thought, yet it has been demonstrated that connected smart TVs can be compromised and taken over remotely. Given these security issues, it’s essential that users are protected with intelligent monitoring and robust online protection that extends to smart devices.
The Internet of Things (IoT) has brought connectivity to a whole range of previously standalone devices including thermostats and cameras and, of course the smart TV. So popular are they that over 220 million sets were forecast to be sold worldwide in 2017. In the U.S., according to Nielsen, just under 59 percent of homes has at least one internet-enabled device capable of streaming to a TV while 66 percent of all TV sets sold in Germany are smart TVs.
What happens in one smart TV hour
Smart TVs know a lot about their owners. In a single hour, they do a lot of snooping and informing on its household. We’ve seen TVs:
- Open three vulnerable ports to the internet
- Scan the home network for other connected devices
- Collect 750 text pages of information about the owner of the device and how they used it
- Send this information to 13 servers – many of them unknown
- Relay information to services that hadn’t been enabled and had no user accounts registered.
What’s more, it did all this when nobody in the household was actively using the device.
It’s a matter of trust
Of course, it isn’t just the smart TV that has the potential to act in this way – other smart devices can behave similarly. It should also be noted that some of this tracking can be justified – the manufacturer wants to see how well their device is working and content providers want to chart viewing habits – but it is not always clear what information is being collected or where the data goes. It is also an open question as to whether the TV owner always agrees to data being collected. Understandably, this isn’t something that most end users particularly think about and they are therefore leaving themselves open to potential security incidents.
Aggressive tracking without permission is malware
Unverified trust is dangerous. Avira has traditionally taken a strong stand against apps such as SilverPush that collected data from users without their permission and classified them as malware.
Researchers have already found that connected TVs can be hacked and taken over by a remote attacker. Given these security issues, a way to intelligently monitor and control the trustworthiness of these smart devices is needed.
Securing connected devices through Avira
We believe it is important to regulate the activities of IoT devices like the smart TV for end user peace of mind. We have built up nearly a decade of experience in identifying and blocking malware using advanced AI and machine learning techniques. By extending this expertise to the IoT, we can identify smart devices in the home, determine normal behavior patterns and then automatically enforce a security and privacy umbrella at the gateway. Installed on top of end users’ existing infrastructure at the router or internet gateway, Avira’s SmartThings technology frees your customers from any installation headaches or the need to buy additional hardware.