Smart speakers can also suffer cyberattacks
The digital assistants , which require a continuous Internet connection, use voice as a vehicle to interact with electronic devices we have at home. The arrival of the so-called smart speakers have begun to become indicators of a more important transformation in the habits of each of us.
You cannot deny that they are useful. They have the capacity, for example, to tell us, at our voice request , the weather forecast, control functions such as light or temperature in a room, even check bank statements or make direct purchases , but they may also suffer possible interference and “ hacks ” , to which you have to pay close attention, according to José Antonio Rubio, Doctor Cybersecurity Engineer from the URJC.
Anyone who has an Android mobile has a personal assistant, if you activate it, although what is beginning to become popular are the digital speakers , says Rosalía Arroyo, director of IT Digital Security. Although it recognizes its usefulness, alert of security problems , to be aware of them. “The door has been opened for these devices to be listening to us permanently, because in order for them to be activated when we require them they must be on. They are activated, but for that they have to be listening, ”he recalls. The problem is when after these devices, those who listen to us are others, with the argument of doing so to perfect the device and its features, for example. Like other devices connected to the Internet, attendees can also be hacked .
A possible gateway to a cyber attack
Attendees connect and set certain voice commands, so that they recognize and act when they receive the order. The problem is that the digital assistant can be the gateway for unwanted access to our data and social networks, for example, “in your Spotify account and change your preferences”. Also, Arroyo recalls, there is a modular amplification system so that attendees receive orders by voice, without being perceived by the human being. It is called DolphinAttack, and through it in a house with home automation, a thief with an amplifier of this type could ask the assistant to open the door, without having to force the lock.
Given all this, experts recommend activating a code protection in the voice assistant, because they understand that it reduces risks, although they recognize that it does not rule them out. Arroyo says he does not want to be an alarmist, but the cybersecurity risks of these new devices must be counted. The fact that they are not always on, for example, if we are not at home, may be, he says, a security measure, although he acknowledges that it is often not possible because they are also used to take action when we are not .
To avoid unwanted use of other people, such as minors , in access to certain pages or purchases without parental authorization , it is recommended to authenticate the identity of different users with access to the digital assistant, so that each profile has its own permissions and capabilities.