In light of the news that more UK households now own a smart speaker than a pet rabbit, David Emm, Principal Security Researcher at Kaspersky Lab commented below.
David Emm, Principal Security Researcher at Kaspersky Lab:
“We are becoming increasingly reliant on technology and why shouldn’t we? If a smart speaker can tell you the weather, news headlines and anything else you need to know right away, this is a sure-fire way to convenience consumers.
With this being said, people need to be aware of the security implications of having a smart home. Everyone might want a new gadget, but the reality is that many developers of smart devices do little to secure them, fail to provide firmware updates, and shipping devices with default passwords that can easily be found by potential attackers. This makes smart devices perfect targets for cybercriminals – by successfully hacking these devices, criminals are able to spy on people, blackmail them, and even discreetly make them their partners in crime.
In the instance of virtual assistant devices such as Amazon Alexa and Amazon’s latest service, Amazon Key, which looks set to revolutionise the delivery market – it feels like a huge test of consumer trust. What makes the issue of Amazon Key particularly dangerous is its potential reach: if a hacker can access the database of door codes, they can gain entry to a whole street’s worth of homes. So customers need to be aware of not how Amazon (and other smart device manufacturers) will use their information, but how hackers could potentially exploit it.
This leaves the question – ‘smart’ for whom?
People need to find a compromise where they feel comfortable between achieving security and enjoying the convenience of these gadgets – and as new functions are added to smart home devices, we need to be aware of the security issues that these present. Consumers need to be generally aware of the smart devices that they use in the home and how they operate – as most of these devices communicate via a home Wi-Fi network, owners need to ensure that their network is fully secure, otherwise it could potentially become compromised. We take it for granted that everyday objects such as smoke alarms, clothing, home furnishings and children’s toys are safe to use, and the BSI Kitemark or CE marking tell us that they meet minimum safety standards. However, there’s no equivalent for digital devices. Until all device manufacturers adopt security-by-design, we need to get into the habit of changing default passwords, enabling updates and disabling functionality that we don’t need.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.