• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Does Your New Virtual Assistant Device Pose a Security Risk?

April 21, 2017 By The Editor

echo

Hey Siri, do “always listening” virtual assistants carry serious security and privacy risks? According a recent CSO Online article, nearly 50 percent of IT professionals think so. Though these products provide a ton of convenience and are just flat out cool, experts are wary about the amount of private or confident information they might be privy to.

Here’s what Marc Laliberte, WatchGuard’s information security threat analyst told CSO Online: “IT should treat virtual assistant devices just like any other IoT device that records sensitive information and sends it to a third party. These devices should not be operational in locations where potentially sensitive information is verbally passed. Furthermore, IoT devices should be segmented from the rest of the corporate network to provide additional protections if they become compromised.”

Manufacturers like Amazon, Google and Apple claim that conversation data gathered by these devices are never sent to their servers until the virtual assistant is explicitly requested to perform a task, and there is no evidence to discredit this claim. That said, the threat to privacy is still there if these manufacturers ever decide to change their stance or if a malicious hacker gains control of the device.

As with any IoT product, virtual assistant devices are also a potential hideout spot for malicious hackers to infect with a remote access Trojan (RAT) and launch further attacks from throughout the network. IoT devices are rarely monitored, which could allow an attacker to hide an infection and remain undetected for months. If an attacker did compromise a virtual assistant device, they could then effectively control a listening device capable of eavesdropping on any conversations in the room. This is a serious threat that shouldn’t be ignored.

Read the full article on CSO Online, Network World,  ITWorld, IT News and CIO for more from Marc and other security experts. To learn about how hackers might be able to gather data from one tech product most of us own, but few would suspect, check out this Daily Security Byte from Corey Nachreiner, CTO at WatchGuard.

Share This:

Related

Filed Under: Editorial Articles, Featured Tagged With: cyber security, IoT, Security breach

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use