Story image

Smart TVs the latest hacker weapon

12 Jan 2016

Hackers may be able to gain full access to home networks via a household’s television, new findings from security vendor Check Point Software Technologies have found.

Check Point has identified network security vulnerabilities with EZCast, an HDMI dongle-based TV streamer that converts non-connected TVs into smart TVs.

The findings show a hacker’s ability to gain full, unauthorised access to an EZCast subscriber’s home network, thereby compromising personal information and taking control of home devices.

The EZCast dongle runs on its own Wi-Fi network and controlled through a smartphone device or PC. IT currently has around v5million users.

According to Check Point, the device represents unique security challenges increasingly facing consumers and businesses in the wake of the Internet of Things.

Highlights of the Check Point report include:

  • Attackers can enter through the Wi-Fi system, allowing easy access into both the EZCast and home networks.
  • Once in, the attackers can move around the networks undetected, providing the ability to view confidential information and infect home devices.
  • The attacks can be initiated remotely; hackers can execute malicious code anywhere.

“This research provides a glimpse of what will be the new normal in 2016 and beyond – cyber criminals using creative ways to the exploit the cracks of a more connected world,” notes Oded Vanunu, security research group manager, Check Point.

"The Internet of Things trend will continue to grow, and it will be important for consumers and businesses to think about how to protect their smart devices and prepare for the wider adoption of IoT,” Vanunu says.

The IoT is comprised of a diverse range of device types – from simple consumer gadgets to cars to sophisticated industrial systems. The EZCast dongle is an example of an IoT-connected device as it enables data transfer over a network without requiring human-to-human or human-to-computer interaction, Vanunu explains.

“The IoT market is growing exponentially and will change not only the way all businesses, governments and consumers interact with the physical world – but also how they secure it.”

Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.