Amazon’s Echo speakers and Kindle e-books are reportedly open to vulnerabilities as it allows a potential cyber attacker to decrypt data or information transmitted by the user. This was first discovered by a Slovakian cybersecurity firm ESET, which said in an article published by The Sraits Times that the cyber attackers can “exploit” and intercept the online signals of these devices.
The Echo speakers and Kindle are two of Amazon’s biggest selling products. Addressing the issue of vulnerability in its devices, an Amazon spokesperson told Marketing that it has a dedicated team to ensure safety and security of the products and has taken measures to secure the Echo speakers. These include disallowing third party application installation on the device, security reviews, secure software development requirements and encryption of communication between Echo, the Alexa app and Amazon servers.
“Customer trust is important to us and we take the security of our devices seriously,” the spokesperson said. Since the surfacing of the report, Amazon customers also received automatic security updates addressing this issue for their devices.
The security of IoT devices are heavily banked on in Singapore. Recently, Singapore’s Cyber Security Agency (CSA) worked with Government Technology Agency (GovTech) to launch a Vulnerability Disclosure Programme (VDP). This was a result of about 31 vulnerabilities found in Internet-facing government ICT systems and digital services with high user touchpoints. The new programme by GovTech and CSA aims to educate members of the public to identify and report the discovery of vulnerabilities found in all government internet-facing web-based and mobile applications used by citizens, business and public sector employees.