As we add more connected devices to our homes, it seems like we’re increasingly at risk of being hacked through our doorbells and thermostats. You can now add smart TVs to the list of vulnerable devices – only this time around, turning off your internet connection won’t save you.
Security consultant Rafael Scheel demonstrated an attack on a couple of Samsung smart TVs, in which he was able to gain root access to them. He told Ars Technica that this sort of breach would allow hackers to do things like “attack further devices in the home network or to spy on the user with the TV’s camera and microphone.”
Scheel, who developed this method for Swiss security consulting company Oneconsult, explained that he used a cheap transmitter to embed malicious commands into a Digital Video Broadcasting – Terrestrial (DVB-T) signal.
Most TVs are tuned to DVB-T stations, and the transmission standard contains a vulnerability that Scheel was able to exploit in order to target known security flaws in the Web browsers that the smart TVs run in the background to enable access to online content.
That’s scary because such attacks can target several TVs at once, without the need to physically tamper with them. And while it sounds like all that’s needed is a firmware update, manufacturers aren’t always quick to patch the devices they sell in a timely manner.
However, you may not have to worry about having your TV taken over just yet. Engadget notes that only certain countries use DVB-T, and a smaller subset continue to support the hybrid broadcast broadband TV format needed to execute this exploit.
Plus, you’ll not only have be connected to the Web, but also have a DVB-T channel locked in. As such, most folks in North America who are tuned into ATSC channels won’t be affected. That’s a relief… right?