The Federal Bureau of Investigation announced concerns over Smart TVs for the first time, according to their website. The Portland, Oregon, office of the FBI recently issued a warning that internet-connected televisions may pose a cybersecurity risk. Here are the concerns.
The concept of our technology spying on us is nothing new. The smarter our tech gets, the more it can do to capture information about our lives. Twenty years ago, we faced viruses within e-mails that could invade our computers and wipe them out or steal our private information. Now, we have “always-on” devices with webcams and microphones that have the ability to record us and then send the information back to interested parties, without us ever knowing about it. In response to this, the FBI has issued its first-ever warning on their website about hackers infiltrating your home’s smart tech and how to keep yourself safe.
Advanced Persistent Threats
The FBI’s Portland office expressed its worries that smart tech can make you a long-term target of hackers. “A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the backdoor of your router,” the published memo said.
This precise and long-term hacking of your system is different from the malware of yesteryear that grabbed your information in a quick hit-and-run instance of identity theft. Instead, it belongs to a group of crimes known as Advanced Persistent Threats (APTs).
“These are intrusions that are developed over time, using sophisticated attack methodologies that are directed at specific targets,” said Professor Paul Rosenzweig, Professorial Lecturer in Law at The George Washington University Law School. “Think of them, if you will, as the guided missiles of cyberspace. Once inside a system, the APT might stay resident in the target for a long period of time, and, in effect, make the target computer vulnerable to continuous monitoring from the outside.”
If You’re Targeted, at Least You’re in Good Company
One of the most famous APTs in world history began in 2008 and targeted the Dalai Lama. It was called Gh0stNet, stylized with a zero replacing the “o” in “Ghost.”
“It began with malware hidden in an email that was addressed from a trusted source—freetibet.org—and which contained a real document: a directory of friends of Tibet,” Professor Rosenzweig said. “It looked completely innocent, but it contained a Trojan horse program that avoided the Dalai Lama’s intrusion-detection system to insert itself into the operating system of the Dalai Lama’s servers. This program, in turn, communicated with controller servers operated by someone outside of the Dalai Lama’s organization.”
Professor Rosenzweig said that those who operated the Gh0stNet program in secret took control of the Dalai Lama’s computer systems, including the ability to turn on cameras and microphones in his offices without anyone knowing. Keeping in mind the tense relationship between the Dalai Lama, who has lived as a refugee in India since the failed Tibetan Uprising of 1959 against the Chinese government, and China itself, this cybersecurity disaster had major international implications.
According to Professor Rosenzweig, it took a firm in Canada more than a year to trace Gh0stNet back to its origins.
Cybersecurity fears are nothing new—even smart tech concerns are well-storied—but with the FBI finally stepping into the ring to warn about Smart TVs, cyber warfare may soon change forever.
Professor Paul Rosenzweig contributed to this article. Professor Rosenzweig is a Professorial Lecturer in Law at The George Washington University Law School. He earned his J.D. from the University of Chicago Law School and then served as a law clerk to the Honorable R. Lanier Anderson III of the United States Court of Appeals for the Eleventh Circuit.