Christmas 2017 saw the rise of smart home devices like the Amazon Echo and Google Home. These handy assistants have so many uses to make life just that little bit easier and more entertaining, but they do also have an unwanted side effect of leaving owners vulnerable to cybersecurity risks. So how exactly do these devices work and what do they do with the information you are asking them?
Whilst their microphones are always on, the devices promise to only start listening once they have recognised your voice saying the ‘wake word’, meaning you can seek comfort that your echo isn’t listening to everything you say or do. But there have been reports that the devices can accidentally wake and start listening in response to the TV or radio, so often owners haven’t realised that they are being listened too.
Cybersecurity experts warn that some smart home technology can leave you vulnerable simply due to the fact that they are connected to the internet. The information you ask your Echo or Google Home, isn’t actually being collected and stored within the device itself, but it is pulling all the answers and information you want from the internet cloud, meaning your commands are leaving your house and being stored somewhere externally and your requests will stay on the server unless you actively delete them, which many people don’t do.
Issues have been raised that as the ‘always listening’ speakers collect vast amounts of customer data, from medical information, personal data, and even criminal activity it may have heard, it could be stored and used against you should the cloud ever be hacked, or should the government request the data. Amazon won’t say if it hands your Echo data to the government upon request and has been named as the least transparent of tech companies.
It’s not just the government you have to worry about, hackers may be able to gain access to your device through the external cloud or your internet. They may be able to command the devices in your house from a remote location, gain access to your data and even know when you are out of the house, leaving it vulnerable to burglary, depending on the activity of the device.
But this isn’t to scare you off using smart home devices, there are certainly things users can do to limit the security risks. Here are a few suggestions.
- When you are not using your device, always make sure you mute the microphone until you are ready to use it again, this means the ‘always listening’ function won’t work unless you want it too.
- Don’t connect a lot of accounts. Connecting multiple accounts to one device leaves it more vulnerable.
- Erase your old data. If you use an Echo or Google Home, you can do this through your Amazon or Google accounts where you can delete your asked questions and entire device history.
- One obvious suggestion which many people don’t do (including me), is making sure you change your internet password to a personalised password, rather than the preset password given by your provider at set up. This increases security and means your internet is just that little bit harder for hackers to access.
The smarter a device gets, the more security risks arise, but being savvy and keeping your home network secure and your device software up to date, you can protect your data as much as possible. And one last note, try not to say anything to your smart home device that could later come back to haunt you.