How does the WannaCry hack work? WannaCry is a ransomware attack that exploits a security weakness in an older version of the Windows OS. The malware basically encrypts selected content on the hard disk of your pc and demands €300 in “bitcoins” to provide you the key to unlock it.
Is this type of attack relevant to STBs?
As this particular attack was exploiting a security vulnerability in Windows OS, it does not directly affect STBs. But this category of attack is certainly highly relevant also for a population of STBs.
A modern STB is in many aspects similar to a PC in that it has a powerful processor, memory, internet access, etc. enabling it to run arbitrary applications. Security vulnerabilities in the platform, such as the one exploited in Windows OS by WannaCry, can easily be present in badly designed STB platforms as well.
In addition, there is one significant difference between PC’s and a hybrid STB population. An STB population is homogenous, where all STBs run the same software on the same hardware. This makes it very easy for hacker to scale their attack to potentially millions of devices. A hybrid STB population is the perfect base to launch not only for ransomware attacks but also to be used as a botnet for launching devastating DDoS (Distributed Denial of Service) attacks.
While it is recommended to conduct regular security patches of the OS of PCs, this is however not the recommended approach for STBs. Instead a good security design of an STB is based around protecting the application environment through various separation technologies involving both hardware mechanisms and sandboxing technologies.
Hacking poorly protected connected devices including hybrid STBs is easy and inexpensive to carry out – and a high level of knowledge about hybrid STBs is not necessary to compromise the community. Hacking kits and malware created by advanced hackers are available on forums for use by anyone who can follow a set of instructions.
A ransomware attack on a population of STBs could be a devastating blow to a pay-TV operator’s revenue and reputation. This is one of the reasons why operators should keep high focus on the right security design for their STB platforms.
Increased awareness & safety net provided by Conax As these hacks become more frequent, the general public’s interest in security will grow and eventually will demand that IoT suppliers implement the necessary precautions to ensure that their private information is kept safe.
As your content security provider, Conax has included precautions for many years. A standard element of the certification of Conax embedded STB’s, we require a Security Evaluation and assist the STB designer in optimizing the security aspects of the STB. Network protection against ransomware and other forms of hacking the box is a major focus of this effort. Conax continues to be unique in expanding the security coverage beyond traditional content protection.
For your information, I’m including a few brief articles from Conax that describe the danger of attacks on hybrid STBs:
You can also download Conax’ White Paper: Beyond Piracy – Why content protection is not enough
Please contact Conax for more information on how we keep your network secure.