Samsung Announces IoT-Optimized Exynos processor (Jun 23, 2017)
Whereas the CIA / Wikileaks stories about Samsung smart TVs being hacked were somewhat overblown (they largely affected older TVs and required physical access to sets), this hack is more worrying because it would affect newer TVs and could be delivered remotely. However, for any kind of widespread effect, it would require hacking into a broadcast or IPTV stream, which in itself would be no mean feat, and of course would only work on TVs that happened to be accessing that stream during the time when it was compromised. Still, the broader worry here is, once again, that any device connected to the internet is at least theoretically vulnerable to hacking, and devices such as TVs with less sophisticated security systems than computers and smartphones are often the most vulnerable and hardest to patch.
The specifics of this story aren’t as important as the trend that’s emerging ever more clearly – almost any device that’s connected to the Internet is potentially susceptible to hacking, and the more critical the device’s intended function is, the more serious any potential breach can be – in this case, life threatening. The challenge is that most of these devices – along with cheap web cams and many others – were not designed with watertight security built in, and it’s almost impossible to add that on after the fact. So we’ll see lots more of these stories in the coming years, which will put off potential customers, while giving an advantage to IoT and smart home vendors who prioritize security.
This is yet another story about IoT security, and the many vulnerabilities that exist in a variety of connected devices in the home. The difference this time around is that this isn’t some low-cost Chinese vendor, but D-Link – one of the larger router manufacturers, and the FTC claims its gear suffers from some of the same basic flaws that enabled the Mirai botnet attack a while back. We could still see far worse attacks taking advantage of these vulnerabilities, and with the growth of home automation gear there will be even more attack vectors. All this makes it even more important that those selling connected gear from the home bake in really serious security protections and educate users on the risks.