Menu

SMART HOME FEATURE NEWS

Armis IoT Security Says Airborne Cyber Threats Are in Smart Home Hubs

By Ken Briodagh November 15, 2017

Armis, an enterprise IoT security company, today announced that popular, voice-activated personal assistant devices including the Amazon Echo and Google Home were impacted by BlueBorne vulnerabilities recently discovered by Armis researchers. By exploiting unpatched devices, hackers can take them over, spread malware, and establish a "man-in-the-middle" attack to gain access to critical data, personal information, traffic and networks. BlueBorne is especially dangerous as hackers can execute airborne attacks through any vulnerable Bluetooth-enabled device without having to fool users by clicking on malicious links, downloading a file, or interacting with them in any way. 

In the first wave of BlueBorne vulnerabilities announced, Armis said that more than 5 billion devices were subject to attack. In this new phase, researchers have confirmed the attack surface includes as many as 20 million Amazon Echo and Google Home devices running on Android and Linux. BlueBorne is the first severe airborne vulnerability found to affect the Amazon Echo; it doesn’t require an extensive physical attack. 

Device Demand Climbing
Amazon and Google voice-activated intelligent personal assistants have created a multibillion-dollar market. It is estimated that there are 15 million Amazon Echoes sold and 5 million Google Home devices sold, according to September report by Consumer Intelligence Research Partners (CIRP).  Additional estimates indicate that more than 128 million Echoes will be installed by 2020 and that they will drive more than $10 billion in revenue for the company by then.

“Burgeoning demand for digital personal assistants is expanding the avenues by which attackers can infiltrate consumers’ lives to steal personal information and commit fraud,” said Yevgeny Dibrov, CEO, Armis. “Consumers and businesses need to be aware how their devices are connecting via Bluetooth, and the networks they may be accessing, in order to take security precautions to protect their information.”

Enterprise Impact
In addition to Echo and Google-powered smart devices and assistants being present in consumers’ homes around the world, both are making their way into business environments, with usage taking place from the boardroom to the copy room. Armis data shows that 82% of its customers have the Amazon Echo in their businesses. A 2016 survey from Spiceworks revealed that almost half of IT professionals polled are either using intelligent assistants or will be within three years at their organizations. With the increased adoption of the devices, it become all the more critical that they are secured in their interactions.   

“Rising airborne threats such as BlueBorne and KRACK are a wakeup call to the enterprise that traditional security simply cannot defend against new attack vectors that are targeting IoT and connected devices in the corporate environment,” added Dibrov. “Every organization must gain visibility over sanctioned and unsanctioned IoT devices in their environments. If they don’t,  they’ll be victimized by a breach that can lead to stolen identities for customers and employees,  impact their bottom lines, and even cost top executives their jobs.”

Coordinated Disclosure
Armis coordinated the disclosed these latest BlueBorne vulnerabilities directly with Google and Amazon ahead of making the discovery publicly known. This allowed them to to release appropriate security patches and updates ahead of hackers gaining knowledge of the vulnerabilities. Google has already released patches to its partners to address the BlueBorne vulnerabilities. Both Amazon and Google have released security updates to the Echo and Home respectively. Updates are automatic and users do not have to do anything to get them.


Ken Briodagh is a writer and editor with more than a decade of experience under his belt. He is in love with technology and if he had his druthers would beta test everything from shoe phones to flying cars.

Edited by Ken Briodagh
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Editorial Director

SHARE THIS ARTICLE
Related Articles

Smart Home Solutions with Smarter Video Capabilities, Courtesy of Ayla Networks and Meari Technology

By: Alex Passett    3/7/2024

Ayla Networks and Meari Technology announced their strategic partnership to deliver innovative smart home video solutions.

Read More

Following Patent Litigation, Fractus to Continue Providing Impactful Antenna Technology for Smart Homes

By: Alex Passett    2/29/2024

Barcelona-based Fractus recently announced the settlement of its patent litigation with Vivint, a U.S. smart home security company.

Read More

Together, peaq and AYDO Bridge IoT to Web3 for Dynamic Smart Home Applications

By: Alex Passett    1/22/2024

Last week, the tech teams at peaq and AYDO announced an expansion of the former's Web3 ecosystem in order to enable real-world blockchain applications…

Read More

Origin AI Raises $15.9M in Funding to Further Smart Home Wi-Fi Sensing Capabilities

By: Alex Passett    1/10/2024

Recently, Origin celebrated a new leap when the company announced the successful completion of its latest $15.9 million Series B extension round (with…

Read More

Through Fog, a Clear Solution: Enviroblind and Essence Group Supply Peace of Mind with MyShield

By: Alex Passett    1/3/2024

Essence Group and Enviroblind have partnered to offer MyShield, a standalone security application that generates fog as part of an intruder interventi…

Read More