If you use a certain Echo or Ring device, do you know that it could be sharing your network bandwidth and data with other users right now?
A brand-new concept in shared public networks has been launched by Amazon to extend the capabilities of its IoT devices. It’s being done by taking bandwidth from networks of compatible devices and sharing them in a “community pool.”
This new low-bandwidth neighborhood network is called Amazon Sidewalk, and it has many cybersecurity experts concerned about potential security problems.
IoT devices themselves are already known to be one of the larger security threats when it comes to network endpoints. In the 2020 Unit 42 IoT Threat Report, it was found that 57% of IoT devices are vulnerable to medium or high-security attacks.
Now imagine those IoT devices deciding to share your network with strangers on their own. That’s what Amazon Sidewalk does.
At the end of December 2020, owners of select Echo Devices and Ring security cameras began being opted into a new network called Amazon Sidewalk. This was an automatic opt-in, without users doing anything.
Amazon Sidewalk is a new shared network with the goal of extending internet connectivity to certain smart devices past the reach of a typical home or building Wi-Fi.
Benefits touted for the network are:
The Sidewalk Network is powered through what Amazon refers to as Sidewalk Bridges. These are basically devices that can connect to the network (Echo, Ring devices, etc.).
Sidewalk works by:
Publicly shared networks are prime targets for hackers. Even with the 3-layer encryption that Amazon is using for Sidewalk, there is still a big chance of a breach.
Because this concept at this scale is so new, it’s not yet known if a breach would result in a breach of participating user networks, the data they’re sharing through the Sidewalk network, or both.
Since the pandemic, many businesses in Houston and around the country are using more remote employees than in the past. In 2021, the number of permanent remote employees is expected to double.
Even with good employee cybersecurity awareness, if someone has an Echo voice speaker anywhere in their home, it could leave a big security vulnerability without them realizing it because of the automatic opt-in.
Voice assistants like Echo Dot, Echo Dot for Kids, Echo Show, and others have been exploding in popularity, both in homes and offices. So, there’s a good chance that at least one Sidewalk Bridge device would be present somewhere on a network being used for your business data.
When you’re dealing only with Amazon devices, that’s one level of security risk. But when you have multiple third-party developers adding Sidewalk connectivity to their devices, that’s a whole new level of risk.
Currently, the only devices that can connect to Sidewalk are select Echo and Ring devices, but Amazon is inviting third-party developers to add Sidewalk Bridge capabilities to their products.
For those that like the idea of the network, this expands how many devices you can use on it. However, those in IT security know that the more developers, the more risk there is of a code vulnerability.
One feature that is designed to make it easier for those looking to connect to an available Amazon Sidewalk network is to allow people to see the general vicinity of a Sidewalk Bridge device.
This feature also makes it easier for hackers to find networks to target.
For those wishing to turn off the connection to Amazon Sidewalk, here are the steps:
Amazon notes that turning off your device’s (and network’s) participation in Amazon Sidewalk will not impact the performance of the device.
IoT devices are becoming a larger part of both in-office and remote work networks. Digital Crisis can help your Houston area business ensure yours are properly secured.
Contact us today to schedule a consultation. Call 713-965-7200 or reach us online.
<div class="engage-hub-form-embed" id="eh_form_6465195693047808" data-id="6465195693047808"> </div>