In Your Face – Securing Digital Displays

On Monday, a large publicly visible art exhibit in Spain that normally shows projections of modern art displayed pornography for 45 minutes.  Per this story (in Spanish), the taxi drivers who viewed the porn while waiting for riders at a nearby train station were thrilled (pun definitely intended), but most people were understandably not happy.  The gallery who runs the exhibit is investigating the root cause of the unplanned pornographic display, but have not yet confirmed what caused it.

This is reminiscent of a recent event in Augusta, GA where digital billboards were hacked and made to display alternative images.  While these images were sophomoric rather than pornographic, it further illustrates the point that many digital displays are woefully insecure.

When we conduct penetration testing at Rendition Infosec, we routinely find the computers that control the digital displays in office buildings, medical reception areas, and retail establishments to have horrible physical security.  In may cases changing the display output would be as simple pulling the HDMI cable from the legitimate computer and attaching it to a Raspberry Pi.  Of course a more damaging attack to the organization is to compromise the computer that legitimately controls the display, many of which are on the corporate network.  We routinely see these machines joined to the domain, but that’s another story for another time.

Why should organizations care?

Rendition Infosec recommends that organizations with digital signage examine the security of these often overlooked devices.  While they probably aren’t high on most organization’s threat models, perhaps they should be.  In many cases, these digital displays can cause serious reputation damage if they are compromised and made to display an inappropriate message.

At Rendition Infosec, we assess that hacktivist groups will target these displays increasingly as a venue to project their viewpoints.  There are several reasons why a hacktivist group might prefer digital signage to a traditional website defacement.  For one, the digital display itself might be easier to compromise.  The real benefit in compromising one of these systems comes from the visibility the group gets from the hack.  Media coverage of website defacements is virtually non-existent, probably due to their volume and the limited perceived brand damage.  Because digital signage bridges digital content with the physical world, traditional news media seem far more likely to cover this type of hack.

Assess the security of your digital signage

Like it or not, your digital signage is a very publicly visible part of your network.  Imagine the reputation and business impact if your digital signage were made to display hate messages or pornographic material.  How would your customers react?  Would they be confident that you can secure their confidential data if you can’t even secure your own digital signage?  If you haven’t examined the security of your digital signage (both for network and physical attacks), contact Rendition Infosec and we’ll make sure your systems are secure.