• About
    • About Us
    • Our Expertise
    • Meet The Team
    • Careers
  • Microsoft Sentinel
  • Managed Services
    • Overview
    • Monitoring & Detection
    • Protection
    • Response
    • Training
  • Cyber Assessments
  • Consultancy
    • Consulting Services
    • Cyber Executives
  • News & Resources
    • In the News
    • Blog
    • Resources
  • Contact
Can We Help?
  • About
    • About Us
    • Our Expertise
    • Meet The Team
    • Careers
  • Managed Services
    • Overview
    • Monitoring & Detection
    • Protection
    • Response
    • Training
  • Cyber Assessments
  • Consultancy
    • Consultancy Service
    • Cyber Executives
  • News & Resources
    • In the News
    • Blogs
    • Resources
  • Contact
  • Can We Help?

The Security Risks Of Smart Speakers

The IoT, or Internet of Things, encompasses everything connected to the internet, but is increasingly used to describe objects that communicate with one another, from smartphones and smart watches, to smart TVs, smart kitchen appliances and smart speakers. However, it doesn't stop there, as the race to connect everything to the internet continues - at present, there are over 27 billion devices connected to the internet.

The rise of smart speakers

IoT’s popularity is thanks to how easy it is to manage day-to-day tasks or make your home more automated when your devices can connect together and share data. For example, when your alarm goes off in the morning, you can program your lights to come on at that time or your coffee machine to start brewing, and even program your heating to turn on when you're a certain distance away from home. The possibilities are nearly limitless, although this enormous advancement in technology understandably comes with increased concerns about personal data privacy and security.

Let's talk about smart speakers. The main players are Amazon Echo, Google Home, and Apple HomePod, but there will be even more in the near future. A smart speaker is simply a speaker that’s connected to the internet and has a built-in voice assistant system such as Alexa, Google, Cortana, Siri, or Bixby.

• Thin clients, or ‘dumb terminals’ capable of accessing a remote desktop, fall under the scope of the scheme when connecting to your organisation’s data or services.

There's nothing easier than saying, "Alexa, play Radio 1," or, "Alexa, turn on the lights," but everything you say to your smart speaker is recorded, but that’s not all. For your smart speaker to work properly, it has to be listening all the time, waiting for a wake up command such as "Alexa," or "OK Google." If it wasn’t, then it wouldn’t hear any of your commands. So does this mean everything you say around your smart speaker is being recorded? The answer is yes, despite manufacturers' claims to the contrary.

What are they listening to?

The way that the three major smart speaker manufacturers (Amazon, Google, and Apple) use these recordings has drawn scrutiny and attention. It has been revealed that employees at Amazon, Google, and Apple listen to smart speaker recordings in order to improve their voice recognition algorithms. Users have since reported dropping their voices during conversations to prevent their smart speaker from listening in, while others have gone as far as moving their smart speaker to another room, or turning it off entirely, to avoid being spied on.

In 2019, Amazon employees who transcribe and analyse Alexa recordings reported hearing recordings that were intimate and private, as well as some that raised suspicions of criminal activity. In the same year, some of Google's recordings, including secret and private information such as medical and commercial information, were released. According to reports, 153 of these leaked recordings were made without the wake up instruction, such as “Hey Google,” ever being said. Following the Google leak, an Apple employee also reported hearing recordings of personal information, sexual acts, and drug dealings.

Turning off active listening is the simplest approach to preserve your privacy, but you'll have to turn it on again if you want to use voice commands. If you don’t want your smart speaker constantly listening to you, or if you just want to have a private conversation without Alexa or Siri eavesdropping, this might be your only option. Here’s how to do it:

Amazon

To disable active listening on your smart speaker, press the microphone mute button, which is normally located on top of the device and looks like a microphone with a line through it. Once pressed, the light should turn red and the device is no longer listening to voice commands. You can also prevent Amazon from manually reviewing recordings by: opening the Alexa app, looking for the menu located in the top left corner of the screen, selecting the ‘Settings’ option, selecting ‘Alexa privacy’, selecting ‘Manage how your data improves Alexa’, switching off the toggle next to ‘Help improve Amazon services and develop new features’, and then switching off the toggle next to ‘Use messages to improve transcriptions.’

Google

To disable active listening on your smart speaker, press the microphone mute button, which is either located at the back or on the side of the device, depending on which model you have. You can also prevent any of your recordings from being saved on the Google server by: opening the Google Home app, selecting the ‘Accounts’ tab, selecting ‘Manage your Google account’, selecting ‘Manage your data & personalisation’, selecting ‘Voice and audio activity, and switching the toggle to off.

Apple

This smart speaker doesn’t have a physical button to mute the microphone, but Apple says you can turn off active listening by using the voice command, “Hey Siri, stop listening.” The smart speaker will then be unresponsive to any voice commands except for the one to resume active listening, which is “Hey Siri, start listening.” You can also disable active listening through Apple’s Home app. Open the app, select the ‘Rooms’ tab at the bottom of the screen, swipe to the room that contains your HomePod, press and hold the HomePod icon, and then toggle the switch for ‘Listen for Hey Siri’ to off.

Smart speakers have come a long way since the first one was released, getting better at simplifying everyday life and granting more and more access to all the information you could ever need on the internet. It’s no surprise they’ve become so popular! The only downfall, though, is that having one can mean handing over your privacy and security to big businesses. If you’re worried about your data falling into the wrong hands, then don’t hesitate to get in touch with our team of cyber security experts to see how we can keep you and your home secure.

Related articles

Posted on December 16, 2021

CSA Awards of the Year 2021

As we near the end of year, an incredibly busy year for our teams in terms of growth and innovation, we wanted to take a moment to…

Posted on December 14, 2021

Cyber Essentials Changes: Here's Everything You Need To Know

Rapid digital transformation, mass adoption of cloud-based services and migration to home-working were necessary changes for businesses…

Posted on December 8, 2021

CSA 12 Days of Cyber Christmas

As the end of the year fast approaches, we wanted to share a little refresher on ways to ensure your technology and data remains…

Posted on December 1, 2021

Planning To Shop Online This Holiday Season? Here Are The Cybercrimes You Need To Be Aware Of

Black Friday and Christmas are considered a blessing and a curse within the retail industry. It’s a time where retailers…

Posted on October 20, 2021

This Apple “AirTag” Vulnerability could be harvesting your credentials

During late September, the headlines were hit with the news of a vulnerability within Apple’s AirTag…

Posted on October 13, 2021

September Security Roundup

Currently, the world faces not one pandemic but two: Coronavirus and the rise of ransomware attacks…

Posted on October 10, 2021

Is Data More Valuable Than Jewels? The A-List Cyber Heist That’s Putting Ransomware Attacks On The Map

Cybercriminals don’t discriminate. It doesn’t matter how famous you are, if your information is vulnerable…

Posted on October 6, 2021

CSA adds Lookout Mobile Endpoint Security to growing solutions portfolio

Following the global pandemic, the mass migration to remote working was a necessary move…

Posted on September 15, 2021

​​The Rising Popularity of NFTs and The Rising Security Threat

The art world is known for being ahead of the curve, adopting new and interesting technologies to…

Posted on September 7, 2021

TG1021 (Praying Mantis): The new threat actor group that could be targeting your IIS servers!

Recently, an infamous threat actor group going by the name of TG1021 or Praying Mantis…

Posted on August 19, 2021

Is Cyber Training and Education working?

The report from the ICO on the ‘surprising’ decline in personal data breaches…

Posted on August 13, 2021

How did an unknown hacker steal over $600M in cryptocurrencies in the biggest ever crypto based cyber-attack?

On 10th August 2021, Poly Network announced in a tweet that it had been attacked…

Posted on May 12, 2021

How to Prevent a Ransomware Attack

According to a 2020 survey by Sophos, 51% of organisations were hit by Ransomware in the last year…

Posted on March 23, 2021

Is your Microsoft M365 service secure from attackers? Are you sure?

The mass migration to remote working as a result of the coronavirus pandemic has…

Posted on January 10, 2021

Covid-19: How to prepare your staff
for remote working

Since the initial Covid-19 outbreak, the nation’s workforce had to learn to quickly…

Posted on December 13, 2020

Covid-19: Cyber Criminals Launch
Their Own ‘Virus’

Whilst the world is currently preoccupied with public health, cyber attackers have taken…

Posted on November 20, 2020

The rise of Covid-19 phishing scams

Whilst the rollout of the Covid-19 vaccine across the UK brings with it the good news…

About

  • About Us
  • Our Expertise
  • Meet The Team
  • Careers

Managed Services

  • Overview
  • Monitoring & Detection
  • Protection
  • Response
  • Training

Consultancy

  • Consulting Services
  • Cyber Executives

News & Resources

  • In the News
  • Blog
  • Resources

Cyber Assessments

Can We Help?

Partner Portal

Contact

Head Office Unit 11, Wheatstone Court, Waterwells Business Park, GL2 2AQ
©2022 Cyber Security Associates. All Rights Reserved.
Terms of Use Privacy Policy
Powered by P1C
This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Privacy Policy.
Cookie settingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT