NEW DELHI: The idiot box could be spying on you. At least this is what Indian Army, the world’s second-largest army, thinks. Emergence of smart television and its rapid use in the Army have sounded the alarm bells as the Army fears that these sets can be a threat to cyber security and can leak data from sensitive locations.
Based on the inputs from the Indian Computer Emergency Response Team (CERT-In), the Cyber Security Division of the Indian Army headquarters has prepared an alert note which has been circulated to all command headquarters, formations and locations. “It is aimed at alerting users in securing smart televisions and preventing them from acting as the source of data leakage from official premises within the Indian Army. Users must refrain from installing these devices in highly-secured environment and ensure that adequate steps be taken to mitigate the cyber security vulnerabilities,” says the internal note which was accessed by Express.
And considering the fact that a majority of these smart TV sets are manufactured in China, the issue has gained utmost importance, leading to apprehension that it could be another mode of snooping by India’s eastern neighbour. The note defines the smart TV as a “device that, apart from serving the basic functions, offers Internet and provides a platform for installation of various Internet-based applications.” Moreover, these hi-tech devices provide functions like gesture control and voice navigation, for which cameras and microphones are ‘embedded’ as its hardware set-up. These devices also store large amounts of personal data both in the device’s internal memory and in the cloud. Moreover, a number of smart TV sets provide Skype functions and to enable it, the integrated camera and microphone are used with features like echo-cancelling and dynamic image boost even in low light conditions.
“The integration of a camera and microphone in the new generation smart TVs make them akin to smartphones. The proliferation of smart TVs within the office premises, operation and discussion rooms in the Indian Army can lead to cyber security threat and breach of data from sensitive locations,” the note described. While explaining the security threat scenario, it pointed out various vulnerabilities including installation of covert malware and exploits for stealing data stored on TV, remote mirroring of contents shown on the TV, remote enabling and access to inbuilt camera and microphone for eavesdropping, access and modification of remote control settings and running of malicious codes to get unauthorised access. The Cyber Security Division has also listed out some measures to mitigate the cyber threat. First, built-in cameras and microphones of televisions must be disabled to prevent its access. Second, the location setting feature of the smart TV must be disabled to hide location. Third, a comprehensive security suite to be installed that provides multi layers of anti-virus, anti-phishing, host-based intrusion prevention and firewall capabilities. Also web browsing through the smart TV should be avoided, the note said.