The concept of our technology spying on us is nothing new. The smarter our tech gets, the more it can do to capture information about our lives. Twenty years ago, we faced viruses within e-mails that could invade our computers and wipe them out or steal our private information. Now, we have “always-on” devices with webcams and microphones that have the ability to record us and then send the information back to interested parties, without us ever knowing about it. In response to this, the FBI has issued its first-ever warning on their website about hackers infiltrating your home’s smart tech and how to keep yourself safe.
Advanced Persistent Threats
The FBI’s Portland office expressed its worries that smart tech can make you a long-term target of hackers. “A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the backdoor of your router,” the published memo said.
This precise and long-term hacking of your system is different from the malware of yesteryear that grabbed your information in a quick hit-and-run instance of identity theft. Instead, it belongs to a group of crimes known as Advanced Persistent Threats (APTs).
“These are intrusions that are developed over time, using sophisticated attack methodologies that are directed at specific targets,” said Professor Paul Rosenzweig, Professorial Lecturer in Law at The George Washington University Law School. “Think of them, if you will, as the guided missiles of cyberspace. Once inside a system, the APT might stay resident in the target for a long period of time, and, in effect, make the target computer vulnerable to continuous monitoring from the outside.”
If You’re Targeted, at Least You’re in Good Company
One of the most famous APTs in world history began in 2008 and targeted the Dalai Lama. It was called Gh0stNet, stylized with a zero replacing the “o” in “Ghost.”
“It began with malware hidden in an email that was addressed from a trusted source—freetibet.org—and which contained a real document: a directory of friends of Tibet,” Professor Rosenzweig said. “It looked completely innocent, but it contained a Trojan horse program that avoided the Dalai Lama’s intrusion-detection system to insert itself into the operating system of the Dalai Lama’s servers. This program, in turn, communicated with controller servers operated by someone outside of the Dalai Lama’s organization.”
Professor Rosenzweig said that those who operated the Gh0stNet program in secret took control of the Dalai Lama’s computer systems, including the ability to turn on cameras and microphones in his offices without anyone knowing. Keeping in mind the tense relationship between the Dalai Lama, who has lived as a refugee in India since the failed Tibetan Uprising of 1959 against the Chinese government, and China itself, this cybersecurity disaster had major international implications.
According to Professor Rosenzweig, it took a firm in Canada more than a year to trace Gh0stNet back to its origins.
Cybersecurity fears are nothing new—even smart tech concerns are well-storied—but with the FBI finally stepping into the ring to warn about Smart TVs, cyber warfare may soon change forever.
The Federal Bureau of Investigation announced concerns over Smart TVs for the first time, according to their website. The Portland, Oregon, office of the FBI recently issued a warning that internet-connected televisions may pose a cybersecurity risk. Here are the concerns.
f you just bought a smart TV on Black Friday or plan to buy one for Cyber Monday tomorrow, the FBI wants you to know a few things.
Smart TVs are like regular television sets but with an internet connection. With the advent and growth of Netflix, Hulu and other streaming services, most saw internet-connected televisions as a cord-cutter’s dream. But like anything that connects to the internet, it opens up smart TVs to security vulnerabilities and hackers. Not only that, many smart TVs come with a camera and a microphone. But as is the case with most other internet-connected devices, manufacturers often don’t put security as a priority.
That’s the key takeaway from the FBI’s Portland field office, which just ahead of some of the biggest shopping days of the year posted a warning on its website about the risks that smart TVs pose.
“Beyond the risk that your TV manufacturer and app developers may be listening and watching you, that television can also be a gateway for hackers to come into your home. A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the backdoor through your router,” wrote the FBI.
The FBI warned that hackers can take control of your unsecured smart TV and in worst cases, take control of the camera and microphone to watch and listen in.
Active attacks and exploits against smart TVs are rare, but not unheard of. Because every smart TV comes with their manufacturer’s own software and are at the mercy of their often unreliable and irregular security patching schedule, some devices are more vulnerable than others. Earlier this year, hackers showed it was possible to hijack Google’s Chromecast streaming stick and broadcast random videos to thousands of victims.
In fact, some of the biggest exploits targeting smart TVs in recent years were developed by the Central Intelligence Agency, but were stolen. The files were later published online by WikiLeaks.
As convenient as it might be, the most secure smart TV might be one that isn’t connected to the internet at all.
Professor Paul Rosenzweig contributed to this article. Professor Rosenzweig is a Professorial Lecturer in Law at The George Washington University Law School. He earned his J.D. from the University of Chicago Law School and then served as a law clerk to the Honorable R. Lanier Anderson III of the United States Court of Appeals for the Eleventh Circuit.