Enhancing Digital Signage Security: Security Findings and Recommendations from the Latest Study

Summary of the Security Study

The security study aimed to identify potential security risks in common digital signage systems and provide security recommendations for digital signage users. The security study involved conducting tests on the selected digital signages, their client-side applications and web management portals. A grey box approach was used in this security study, where the conducted test was provided with network environments, IP addresses of the digital signages, and credentials to authenticate to the management server.

Security Findings and Their Risks

The security study revealed a total of 20 findings, categorised by their risk levels:

Findings on Signage Web Management Portals

• High-Risk Findings:
  1. Sensitive Information Disclosure – Insufficient access controls allow unauthorised access to sensitive information, risking user impersonation and system compromise
  2. Insecure Password Hash – The use of unsalted password hashing makes it easy for attackers to crack passwords
  3. Outdated Software Library – Outdated software libraries with known vulnerabilities pose security risks
  4. SQL Injection – Improper input sanitization allows potential SQL injection attacks, risking database security
  5. Broken Access Control – Regular users can perform privileged actions due to inadequate role-based access control
• Medium-Risk Findings:
  6. Client-Side Validation Bypass – Client-side validation can be bypassed, allowing unauthorised changes to user data
  7. Cross-Site Scripting – Improper input sanitization leads to XSS vulnerabilities, risking unauthorised script execution
  8. Session Fixation – Unchanged session tokens after login allow attackers to hijack user sessions
  9. Files Accessible Without Authentication – Files can be accessed without authentication if the URL is known, due to lack of access controls
• Low-Risk Findings:
  10. Changing Password without Re-authentication – Passwords can be changed without current credentials, risking unauthorised changes
  11. Insecure HTTP Usage – Sensitive data is transmitted over HTTP, exposing it to interception and compromising privacy

Findings on Digital Signage Devices

• High-Risk Findings:
  12. Unauthorised Control via Infrared – Infrared sensors in signages allow attackers to control the device using remote controllers, enabling actions like turning off the signage
  13. Unauthorised Command Sending to the Signage – Attackers can impersonate the server to send commands to the signage, potentially shutting down the machine remotely
  14. Exposed External Interface Ports – Signages have multiple external ports that can be exploited for attacks, such as injecting malicious content via USB
  15. Enabled Touch Screen Allow Breakout – Touch gestures on signages can be used to exit media players or access settings, posing a security risk
  16. Display Malicious Programs using USB Device – Signages can run programs from USB devices, allowing attackers to execute malicious software
• Medium-Risk Findings:
  17. Unencrypted Data Traffic – Data traffic from signages is not encrypted, making it vulnerable to interception and man-in-the-middle attacks
  18. Disabled System’s Firewall or Anti-virus Software Feature – Some signages have disabled Windows security features, increasing the risks of unauthorised access and malware infection
• Low-Risk Findings
  19. Denial of Service (DoS) – Signages are vulnerable to DoS attacks, which can slow down or render them unusable
  20. Unnecessary Network Services Exposed – Signages have unnecessary network services enabled, increasing the risk of attacks through opened network ports

Security Recommendations for Digital Signage Users

To mitigate the security risks identified from above, the study provided several security recommendations listed below. Digital signage users can also adopt further security best practices from “IoT Security Guideline for Digital Signage” to maintain a secure digital signage environment.

Security Recommendations for Signage Web Management Portals

• Implement strict access control measures through authentication and authorization to ensure only authorised users can access privileged pages
• Use established password hashing algorithms with unique random salts to enhance brute force resilience
• Regularly update software libraries to the latest versions to mitigate known vulnerabilities.
• Use parameterised queries and implement strict input validation using a whitelisting approach to prevent SQL injection
• Ensure that only authorised users with necessary permissions can access critical functions, and restrict regular users to their assigned privileges
• Validate all inputs on the server side to prevent unauthorised changes
• Implement server-side sanitization and enforce Content Security Policy (CSP) to restrict unauthorised script execution
• Ensure that session ID tokens change upon every successful login, logout, or security context change
• Implement proper access control to ensure files are accessible only to authenticated users with appropriate permissions
• Require validation of the current password when changing passwords
• Configure the management portal to use HTTPS protocol and enable HTTP Strict Transport Security (HSTS)

Security Recommendations for Signage Devices

• Disable or block the infrared sensor if it is not needed, using physical means like tape or unplugging the sensor
• Encrypt communications between the server and signage, verify packet origins, and use timestamps and nonces to prevent replay attacks
• Restrict physical access to ports by using physical locks or disabling unused ports in system
• Disable the touch function if not in use, or restrict unauthorised access in system through touch gestures
• Encrypt all data traffic between the server and signage to prevent interception
• Ensure that both system’s firewall and anti-virus software are installed and enabled
• Apply rate limiting and detect illegitimate traffic to block it at the network level
• Disable unnecessary network services or block access in network firewall

Conclusion

The security study on digital signages highlighted attackers may possibly take advantages of various attack surfaces to compromise the device, in order to launch further attacks. By implementing the recommended security measures mentioned above, digital signage users can significantly reduce the risk of attacks and enhance the overall security of their systems. Continuous vigilance and proactive security practices are essential to safeguard digital signage systems from evolving threats.

Please click “IoT Security Study Report on Digital Signage” to download. Should users or developers have any comments or enquires about the study, they are most welcome to contact HKCERT via email: [email protected] or its 24-hour telephone hotline: 8105 6060.