If you have a Smart TV in your company conference room, break room, or spread throughout your offices as a perk for deserving employees, you may have allowed hacks, breaches, and privacy issues into your business. In December, the FBI’s Portland office issued a Smart TV warning that should concern everyone with a Smart TV. It seems that the features of these TVs which make them Smart also make them excellent portals for malware, which means you need to be concerned about Smart TV Security.
Essentially, a Smart TV is a TV with an internet connection and the ability to install “Apps” (Netflix, Disney+, etc) for viewing certain content. Many of these TVs now also include microphones to receive verbal requests for programming (“Play Game of Thrones on HBO”) and cameras to help identify who is watching so that the TV can suggest new shows.
Why Are Smart TV’s Dangerous?
So what is so dangerous about a Smart TV?
It used to be that television was one-way communication. An antenna signal came in, and it was displayed on the screen. These days, Smart TVs are actually powerful internet-connected computers, sending massive amounts of data in both directions.
And since Smart TVs are actually computers, they are open to a whole host of problems that other kinds of computers have. If you are at all familiar with cyber security, you are well aware of how bad the news is related to cyber crimes, viruses, trojans, ransomware, device hacking, cyber-spying, and other security issues. The good news about conventional PCs is that these computers have an army of companies working to protect you against all of those problems. The bad news about your Smart TV is that there is no such army.
Your Smart TV -- whether its a Vizio, Samsung, Sony, LG or other brand -- usually has one and only one company working on Smart TV security to protect that device and those who use it, and that’s the manufacturer. That makes it extremely likely that the Smart TV’s security is not as strong as it should be. Also at issue is that Smart TV manufacturers are very slow to react to any new cyber security issues, as their firmware is usually updated very infrequently, if at all.
Combine that with the fact that many of these Smart TVs have cameras and microphones, and you have a perfect recipe for cyber-stalking. If a hacker gets control of you the Smart TV in your conference room, they could watch and listen-in on your company meetings, and easily steal confidential information.
Apps Can Make Smart TVs More Dangerous
Many Smart TVs use a proprietary operating system, but some are based on Linux and Android technology, which makes them especially vulnerable. For example the Smart TVs with Amazon’s FireTV technology are based on Android. They are capable not only of loading apps for all the services and networks you know and love at home, but programmers can write other apps for them that promise they’ll do one thing, and don’t tell you that they’ll be doing something else, too.
And most people, when downloading these apps, rarely check to see what kinds of security holes they might be opening up. For example, a popular “Downloader” app on Amazon’s FireTV platform grants the app the following permissions:
- Access information about networks
- Access information about Wi-Fi networks
- Open network sockets
- Read from External Storage
- Write to External Storage
- Sending in-app billing requests and managing in-app billing transactions
Many of these permissions are things that any good Cyber Security expert would not permit on a PC, but are nearly powerless to prevent on a Smart TV.
The Bottom Line on Smart TV Security
With Smart TV Security, you need to depend on the manufacturer to protect you, and that’s just not their primary purpose. As a result, there’s no antivirus, no anti-malware, no group policies, and no way to lock down the TVs to prevent the loading of dangerous apps. So what can you do?
- First, if you’re going to have Smart TVs in the office, make sure you isolate them onto their own network. That way, if someone installs a rogue app that can access your entire network, there will be very little for it to see, and very little damage that it can do.
- Second, for any of the services on the TV, create an email address specifically for these accounts. That way, if the email credentials are breached, there is no valuable company data to be stolen.
- Third, cover the camera with tape and the microphone with some material or device especially made for this purpose. This will help to prevent you from being watched and listened-to.
- Fourth, if you don’t need a Smart TV, don’t buy one. A large, commercial quality video monitor might be all you need for your corporate presentations.
Whatever you do, don’t ignore the fact that any new device that you invite into your office network has the potential to harm you and your company. And if you don’t have the time or know-how to do this yourself, call Digital Uppercut. We specialize in Cyber Security and work with these issues all the time. Smart TV security isn’t the only problem that could be threatening your company. Contact us today online, or call us at 818-913-1335 and let’s talk about the security of your company.