Home
 » ISP News » 
Sponsored

Hybrid Broadcast Broadband Smart TV’s Face Hacker Threat

Monday, June 9th, 2014 (2:12 pm) - Score 650

Modern televisions and set-top-boxes that have adopted the pan-European Hybrid Broadcast Broadband Television (HbbTV) specification, which supports Internet capable features like digital teletext, catch-up TV (IPTV), electronic programme guides, interactive advertising, games and more, could be vulnerable to a simple radio attack by hackers.

The HbbTV standard, which partly competes with the likes of YouView and is also supported by a number of devices and modern TV’s sold in the United Kingdom, can apparently be hacked by somebody who only needs access to the “roof of an appropriately located tall building” and a directional transmit antenna (directed toward the TVs under attack – potentially thousands of them at once).

But to reduce the attacker’s risk of capture and thus increase the effectiveness of the attack, the hacker could also install the relay equipment on a remote controlled-drone and fly it to an appropriate location. In all cases no Internet access is required by the attacker because their signal to access your device would instead be sent via carefully crafted broadcast (radio) messages, which the HbbTV standard is designed to intercept and understand.

According to a new report from the Network Security Lab at Columbia University (here), a hacker using this method could send malicious HbbTV payloads to the TV. The apps would be used to create applications that run “invisibly in the background” or which can completely take over the TV screen. As a result any personal details you might enter, as well as the functionality of the device itself, could be left vulnerable.

Similarly if the TV/device were connected to the Internet then it could be turned into a zombie style computer for launching simple Distributed Denial of Service (DDoS) style attacks against Internet websites and servers, as well as giving the attackers access to the owners local network.

Extract from the Security Paper

We have described a series of novel attacks on Smart TVs – a widely deployed device whose significance in our life is only likely to grow. The key enabling factor of this attack was the fact that the device can render Internet content whose source is outside the Internet. This makes it possible for a physical attacker to cause a large-scale compromise of the Internet. We qualitatively and quantitively demonstrated that the attacks we described can be cost-effectively distributed to many thousands of users, and that they have a large damage potential.

The attacks described in this paper are of high significance, not only because of the very large amount of devices which are vulnerable to them, but because they exemplify the complexity of securing systems-of-systems which combine both Internet and non-Internet interfaces. Similar cyberphysical systems will become increasingly more prevalent in the future Internet of Things, making it especially important to analyze the weaknesses in this system, as well as the limitations of its proposed countermeasures.

At this point you’re probably thinking “Oh the standards body for HbbTV will surely fix that..”, although a related story on the BBC suggests that they don’t currently consider this threat to be serious enough to require a re-write / update of the technology’s security.

Many people also thought that Wardriving would never take off (i.e. a mobile individual that hunts for wifi networks to exploit) but it did, although these days it’s a lot harder because fewer people are leaving their wifi networks open and most new devices/routers also enable reasonable security by default. Perhaps HbbTV are being somewhat short-sighted in waiting to see if the problem hurts before putting a plaster on it.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
Mark Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
0 Responses

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Onestream £19.99 (*27.99)
    Avg. Speed 45Mbps, Unlimited
    Gift: None
  • TalkTalk £21.00 (*29.95)
    Avg. Speed 38Mbps, Unlimited
    Gift: None
  • Plusnet £21.99 (*36.52)
    Avg. Speed 36Mbps, Unlimited
    Gift: £50 Reward Card
  • NOW TV £22.00 (*40.00)
    Avg. Speed 36Mbps, Unlimited
    Gift: None
  • Vodafone £22.00
    Avg. Speed 35Mbps, Unlimited
    Gift: None
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. FTTP (2902)
  2. BT (2824)
  3. FTTC (1812)
  4. Building Digital UK (1772)
  5. Politics (1710)
  6. Openreach (1665)
  7. Business (1490)
  8. FTTH (1343)
  9. Mobile Broadband (1280)
  10. Statistics (1273)
  11. 4G (1104)
  12. Fibre Optic (1085)
  13. Wireless Internet (1047)
  14. Ofcom Regulation (1042)
  15. Virgin Media (1035)
  16. EE (729)
  17. Vodafone (708)
  18. TalkTalk (690)
  19. Sky Broadband (685)
  20. 5G (569)
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact