Check Point® Software Technologies Ltd. (NASDAQ: CHKP), the largest pure-play security vendor globally, today published a report identifying network security vulnerabilities with EZCast, an HDMI dongle-based TV streamer that converts non-connected TVs into smart TVs. The findings show a hacker’s ability to gain full, unauthorized access to an EZCast subscriber’s home network, thereby compromising personal information and taking control of home devices.
Currently used by approximately 5 million users, the EZCast dongle runs on its own Wi-Fi network and is controlled through a smartphone device or PC. The device represents a growing trend of connecting devices to the Internet – known as the Internet of Things (IoT) – and further introduces unique security challenges for both consumers and business. The latest Check Point research report highlights significant risks:
- Attackers can enter through the Wi-Fi system, allowing easy access into both the EZCast and home networks.
- Once in, the attackers can move around the networks undetected, providing the ability to view confidential information and infecting home devices.
- The attacks can be initiated remotely; hackers can execute malicious code.
“This research provides a glimpse of what will be the new normal in 2016 and beyond – cyber criminals using creative ways to the exploit the cracks of a more connected world,” said Oded Vanunu, security research group manager, Check Point. “The Internet of Things trend will continue to grow, and it will be important for consumers and business to think about how to protect their smart devices and prepare for the wider adoption of IoT.”
IoT is comprised of a diverse range of device types – from simple consumer gadgets to cars to sophisticated industrial systems. The EZCast dongle is an example of an IoT-connected device as it enables data transfer over a network without requiring human-to-human or human-to-computer interaction. The IoT market is growing exponentially and will change not only the way all businesses, governments and consumers interact with the physical world – but also how they secure it.
For more information, the full report ‘EZHack: Popular Smart TV Dongle Remote Code Execution’ can be found here: http://blog.checkpoint.com/wp-content/uploads/2015/12/EZCast_Report_Check_Point.pdf.
Check Point’s Threat Intelligence & Research divisions regularly investigate attacks, vulnerabilities and breaches, and help vendors think about adding security strategy to their devices to better protect consumers. For more information on other research findings from Check Point, visit: /threatcloud-central/.
Follow Check Point via:
Check Point Blog: http://blog.checkpoint.com/