“My wife asked me why I talk so quietly at home. I said I was afraid Mark Zuckerberg is listening. She laughed back at me. And I laughed, too. And Alexa laughed. And Siri laughed.” Have you ever wondered how often smart gadgets listen to your conversations? Scientists at Northeastern University in Boston asked that question instead of us and came to disappointing conclusions. It turned out that devices were usually activated not only by trigger words (hello, Siri; okay, Google) but also by similar ones. Smart speakers accidentally “wake up” from 1.5 to 19 times a day, recording up to 43 seconds of sound each time. Apple and Microsoft devices activate more often than others.
It’ s probably not a piece of news that smart gadgets can record conversations, but the fact that the recordings are stored on servers and can even be listened to by other people may surprise you. That’s what Apple, Google, Amazon, and Microsoft do. According to the companies, this is done to improve the services, but no one knows exactly how else these materials are used. Of course, people who listen to the recordings don’t know about the speaker, but they can hear enough details to link the voice with a specific person.
What business should afraid of?
As the business has moved to remote work, cyber-risks have multiplied. Few companies in the Ukrainian market were ready for such a dramatic change, so it was necessary to send employees home without a certain action plan, the appropriate knowledge about cybersecurity and understanding of what’s next. People work using personal devices that in the most optimistic case have pirated antivirus, use home Wi-Fi with a password of 1234578 or 11111111 and don’t even know that routers require internal software updates (“firmware”). What can we say about cyber hygiene, if we just learned how to wash hands properly? Add a home IoT to everything mentioned above, and you will receive a scary picture. But for some reason, in our Ukrainian realities, companies continue to ignore the obvious things, unlike their foreign colleagues.
By the way, I recently came across an interesting case related to IoT-devices and remote work security. British law firm Mishcon de Reya LLP, which is known by advising Princess Diana on divorce issues, sent its employees new rules of work from home. They are advised to turn off or take away all listening devices (Alexa, Siri, Google, etc.) when they talk about clients or discuss something with them.
Recommendations also apply to smart clocks, rings, TVs, speakers, and even children’s monitors. No wonder, manufacturers ignore safety even at the development stage of products. In the legal business, as nowhere else, confidential telephone conversations must remain confidential.
Companies are struggling to protect critical data – creating backups, training employees, hiring cybersecurity consultants, and some are abandoning a remote home office and setting up alternative locations for high-priority tasks. Some may say that this is paranoia, but the fact is that hackers have always used critical situations in the world to their advantage. So make your conclusions.