You are all well aware that your computer, tablet, and smartphone can be hacked… but have you ever wondered if someone is trying to compromise your monitor?
Probably not. It’s just a dumb display, isn’t it? I mean, all it does is sit there and light up pixels wherever your computer tells it to… right? The unfortunate truth is that monitors are smarter than we generally think they are, and that makes them a perfect target for hackers.
And Cui is the lead scientist at Red Balloon Security, and he led the team that made this frightening discovery. Like so many devices nowadays do, your monitor has a micro-controller inside it. That got Cui thinking that monitors could, therefore, be hacked and manipulated.
He was right: Cui and his team developed a working exploit. “We can now hack the monitor and you shouldn’t have blind trust in those pixels coming out of your monitor.”
Last year at Black Hat, Cui showed off a printer he turned into a remote bugging device
Once they had successfully hijacked a monitor — which involves injecting malicious firmware via a drive-by attack — the group could alter what was being displayed on the screen. How dangerous could that possibly be, you ask? Being able to re-label even a single button could allow a bad actor to inflict a huge amount of damage in the right situation. Cui gives the example of tricking someone into shutting down a power plant.
If there’s a silver lining to this cloud, it’s that it sounds pretty easy to detect. The image on a screen doesn’t refresh nearly as quickly as it would have prior to being infected. Hopefully you’d notice the difference at home.
On an industrial control console where the display is mostly static anyway? Well, it might be a lot harder to detect. It’s time to stop trusting your monitors, people!