Spyware in my TV?

By David Noguer Bau, Head of Carrier Ethernet and Multiplay Marketing for EMEA. Juniper Networks

“Last evening I could not watch the football match as I had a virus in my television” - It may sound like science fiction but users could be confronted with this reality sooner than expected. With the growth of IPTV services across Europe, subscribers can enjoy a range of new and innovative services but could security breaches challenge this new opportunity?

It took less than 10 years, but nowadays, a PC without Internet access is a very rare beast. The evolution of the television is following in a similar direction, especially with the advent of IPTV. Almost all European countries have today at least one commercial IPTV service and although still in its infancy the number of subscribers is growing rapidly… IPTV subscribers are enjoying a new set of advanced services, bringing the TV experience to a different level by introducing innovations like interactive services (polls, pay per view, adds, online shopping…) or personalised content (video on demand, on net personal video recorder, time shifting…). But could security vulnerabilities derail this new world before the train is out of the station?

Viruses and spyware in the world of the PC have become the unacceptable yet realistic face of today’s Internet access, sometimes causing mild annoyance but in many cases causing real harm: erasing files and email, opening popup windows when browsing the net, phishing for bank accounts details and passwords or simply reducing the overall system performance.

Traditionally, television sets have received content through antennas, satellite or cable but now, with the advent of IPTV content is also being delivered over the same connection as the PC Internet service. The TV screen becomes the central point of multimedia content in the digital home; the TV is connected to the world but at the same time is now exposed to all of the risks the internet has to offer!

A large number of telecommunication service providers in Europe have created and deliver own IPTV services. They have launched Triple-Play bundles, packaging Internet, Voice and IPTV together with the broadband service. The model is called on-net or walled garden service. In parallel, the innovative dotcom companies have started to provide video offers by using a PC or set-top box (Google’s Youtube, Apple TV, Microsoft’s Xbox Live, BBC’s iPlayer, Joost…). These ‘over the top’ services are using the Internet as a bidirectional channel to provide interactivity and global reach. Both, the service provider on-net IPTV Services and the over the top services are competing directly with the cable and satellite platforms.

What’s different on the IPTV security?

They main security concern on the IPTV has been traditionally the copyright protection of the content, which is solved in a similar way as the traditional cable and satellite models. But IPTV networks differs from cable and satellite the main content and signalling channels are based on the Internet protocol (IP), so are exposed to the same or similar risks that PC’s using the Internet are.

The main risks are:
Denial of Service (DoS) attacks that can shut down the IPTV service of a subscriber by delivering malicious code to the set-top box. In case of a successful DoS attack against the server or the network infrastructure, the IPTV service could be taken out of service completely for may 1000’s of users.
Spyware can be installed through trojans or viruses in servers or subscriber set-top boxes. In this case, the IPTV may be affected in multiple ways: slowing down the service, automatic involuntary channel changes (eg a poltergeist phenomenon), changing the package attributes including new channels or subscribing to unsolicited pay per view VoD. Spyware may also maliciously monitor subscriber activity… and could even damage the STB itself by exploiting configuration bugs.

Network based services such as on net PVR or EPG might also be attacked altering its configuration or simply putting out of service.
The hackers could set themselves up as a spoof TV broadcaster injecting their own content or adds instead of the expected content, again causing disruption to the consumers viewing.

The above will sound very familiar to the PC security community (DoS, spyware, viruses, spoofing and impersonation…). The list of security issues in the TV world have a lot of different implications but could become even more annoying and expensive than a virus in the PC.

The security procedures and systems differ from the traditional Web protection due to the nature of the services. The traditional security based on firewalls will protect part of the systems. A more complete protection requires each infrastructure component of the network to be secured (STB, CPE, access, metro and core networks…) but also the signalling mechanisms such as join and leave multicast messages as an example. The security protection implemented can affect the overall network performance dramatically reducing the scalability of the service translating it to additional costs not only in network in security but also in network infrastructure.

The reality

Coming back to the reality of today’s world, the majority of IPTV subscribers still have access at least to the terrestrial channels which could be considered as a backup method. So, although the risks are there, the implications are still not as dangerous as described above.

However with the increasing ‘IPification of all content and media delivery IPTV providers need to think and plan carefully in terms of their brand reputation and the harm caused from service outages or degradation caused by viruses in this new world.

The design of today’s IPTV networks and systems should be designed from the very beginning with the afore mentioned vulnerabilities in mind, implementing the contingency plans before it becomes an emergency. In other words, service, network and security have to be considered as ONE.