The FBI Warns That Smart TVs Can Be a Gateway for Hackers to Enter Victims’ Homes

If you’re the proud owner of a new smart TV—or even if you’ve had one for some time—the FBI advises you to be aware of the privacy implications and risk of cyberattacks. Smart TVs can reportedly open the door to hackers who want to spy on homes, steal information, or even actively harass their victims. Learn ways to better protect yourself and your loved ones from a potential digital home invasion.

The Biggest Device in Your Home May Be Unsecured

The FBI has reported risks related to smart TVs ranging from hackers entering systems to change channels or show inappropriate content, or in worst-case scenarios, to use cameras and microphones to cyberstalk victims in their own homes. Just ask the Milwaukee couple who arrived home to find their thermostat set to 90 degrees and an unfamiliar voice talking to them through the speakers.

And the FBI isn’t alone in its assessment.

Consumer Reports found that millions of smart TVs can be controlled by hackers exploiting well-known security flaws. And at the 2019 Defcon hacker conference, a security researcher demonstrated how a drone could be used to take over a smart TV and display phishing messages to steal login credentials, run malware, or capture the user's remote button presses.

Experts say that even after years of warnings, the biggest device in many consumers’ homes is largely unsecured.

Smart TVs and Data Privacy Implications

User data collection by smart TV makers has also come into question in recent years.

One example is an industry-standard feature on many smart TVs called “automatic content recognition.” Using this feature, smart TVs can essentially monitor themselves and send information back to the TV manufacturer, sometimes as frequently as once per second.

In one prominent case, the Federal Trade Commission (FTC) cracked down on smart TV manufacturer Vizio for using automatic content recognition to collect detailed information without properly notifying consumers. Vizio reportedly tracked data on programs watched, IP addresses, Wi-Fi access points, and MAC addresses, and it also appended other data, including sex, age, income, and marital status.

The FTC has since specified that smart TV makers must seek permission before collecting consumer’s viewing data, but experts worry that users may not fully understand the implications or their options to disable or limit data collection.

Ways to Build a Digital Defense for Your Smart TV

Experts say that using a smart TV carelessly can put personal privacy and safety at risk, as it could be a gateway for hackers to enter the victim’s home. Learn steps to better protect your home and family from a potential digital home invasion.

  • Change default settings and passwords - The FBI advises consumers not to rely on the default security settings of smart TVs. Consider changing any default passwords, ideally to a passphrase, which is considered more secure, and enabling multi-factor authentication, if it’s available. Limit administrative functionality to adults who live in the home.
  • Pay attention to data-sharing permissions - Review the privacy settings and policies of your smart TV and streaming services to ensure you know what data is being collected and how it will be used and stored. In some cases, you may be able to disable automatic content recognition in order to limit collection of personal data. Consumer Reports provides a guide for turning off automatic content recognition on various devices.
  • Get familiar with the features of your smart TV - The FBI advises consumers to learn how to use the specific features of their TV, especially relating to the camera and microphone functions. The agency recommends conducting an internet search using the TV model number and the keywords “microphone,” “camera,” and “privacy.”
  • Consider disabling the camera and/or microphone - Research whether you can disable the microphone and/or camera on your smart TV. If you can’t turn off the camera, consider placing a simple piece of black tape over the camera eye when it’s not in use.
  • Be wary of devices that are “always-on” - Always-on devices are those that wait for motion or voice to activate, and they can often be abused by hackers. Consider limiting the use of always-on speakers, and be cautious where you enable voice service integrations in case they could be accessed from outside the home.
  • Create a separate network for smart home devices - Consider creating a separate wireless network for connecting your smart TV and other smart home devices, as hackers may use these less secure devices in an attempt to access other parts of the network.
  • Create safe spaces - Consider keeping smart TVs and other smart home devices out of the most private areas of your home, such as bedrooms and bathrooms.
  • Secure your existing smart TV - If you already have a smart TV but want to change or limit data collection, Consumer Reports provides a guide.

If You Believe You’ve Been a Victim of Cyberfraud

If you believe you have been the victim of a cyberattack, report it to the FBI’s Internet Crime Complaint Center at www.IC3.gov or contact your local FBI office.