Comment: cyber expert on Amazon Alexa security flaw
August 2020 by Marc Jacob
The news that a flaw in Amazon’s Alexa smart home devices could have allowed hackers access personal information and conversation history:
The comment below from cyber-security expert Matt Aldridge, Principal Solutions Architect, Webroot:
“Security in IoT devices such as the Amazon Echo and associated Alexa voice assistant service is an important issue. These devices often have security constraints in terms of their size, cost, limited user interfaces or “always-on” functionality – making them a really attractive target for hackers.
Consumers purchasing many of these IoT devices for convenience or novelty are unlikely to be aware of basic security measures and how much of their private data is been consumed by the devices. By exploiting unpatched vulnerabilities in these devices, hackers can potentially achieve anything from data pilfering, to extortion.
The growing demand for these devices requires that manufacturers focus on their security and privacy. IoT manufacturers need to work more closely with cybersecurity professionals to ensure that device security is considered and understood at the design stage – not implemented as an afterthought.
There is a need to increase awareness around these issues, and to take a realistic approach to combine strong security with legislative restrictions if we want to ensure that these devices and our information are secured to the highest standards.
In this case it is great to see responsible disclosure and vendor patching working together to improve security for millions of users of these devices.”