Is Housejacking the next big threat to pay TV?

Cable companies, pay TV operators and telcos are often called service providers for the principal reason that they are not selling media and entertainment – they are selling a service. One of the most valuable assets they hold is a direct physical link into people’s homes and an ongoing monthly billing relationship.  From a pure business perspective that means anything a service provider can leverage to boost bandwidth usage and ARPU is fair game.

That includes the washing machine and fridge. It includes lighting control, perhaps even the ability to run a bath at the right temperature to just the right level at just the right time for the owners to arrive home. Obviously, it includes home assistants like Alexa.

The Internet of Things (IoT) is taking off and, by trading on their existing – trusted – relationship with the consumer, media service providers are in prime position to control the gateway to the smart home, in tandem with IoT superglue giants like Amazon, IBM, Microsoft and Samsung.

But this potentially massive business has its risks. Since any security is only as strong as its weakest link, it is new devices being incorporated into the IoT which are particularly vulnerable.

Criminals could hack a consumer’s connected washing machine. Instead of holding that individual home to ransom (‘pay or you’ll never wash clothes again’) the criminal would be able to hack all models of the same brand and hold the washing machine brand to account. Except that it would be the gateway home service provider which could bear the brunt of consumer anger.

Everything with an internet connection can be compromised, and it’s not as if the consumer is unaware of the risk. Ninety per cent of us think security should be built into connected devices, according to a recent survey by Irdeto.

Pay TV operators can take as holistic an approach as they want with security around their pipe and their STB or modem but if they want to play in the smart home of the future then increasingly this is not enough.

“With increased levels of connectivity to IoT devices, often deployed outside of the security protocols of corporate IT, service providers must now think about the protection, updates and upgrades of IoT devices as a critical part of their overall security strategy,” advises Mark Hearn, director of IoT Security at Irdeto.

“The next generation of Ransomware will be about holding a company’s customers or their brand hostage in the hacker’s hopes of a bigger pay off,” Hearn warns.

To protect against cyberattacks targeting IoT technologies, Hearn points to Irdeto’s Cloakware for IoT as “a battle-proven solution” that protects customers’ IoT applications and connected devices “from reverse engineering, tampering and circumvention and keep hackers and cybercriminals out of their products.”

Trade shows like CES and IFA have long exhibited vast halls of white goods generally bypassed by media executives. Could this have a new relevance for IBC in the future?