February 3, 2021 Zachary Kitchen

How Amazon Sidewalk is Complicating Network Security

How Amazon Sidewalk is Complicating Network Security

If you use a certain Echo or Ring device, do you know that it could be sharing your network bandwidth and data with other users right now?

A brand-new concept in shared public networks has been launched by Amazon to extend the capabilities of its IoT devices. It’s being done by taking bandwidth from networks of compatible devices and sharing them in a “community pool.”

This new low-bandwidth neighborhood network is called Amazon Sidewalk, and it has many cybersecurityexperts concerned about potential security problems.

IoT devices themselves are already known to be one of the larger security threats when it comes to network endpoints. In the 2020 Unit 42 IoT Threat Report, it was found that 57% of IoT devices are vulnerable to medium or high-security attacks. 

Now imagine those IoT devices deciding to share your network with strangers on their own. That’s what Amazon Sidewalk does.

What is Amazon Sidewalk?

At the end of December 2020, owners of select Echo Devices and Ring security cameras began being opted into a new network called Amazon Sidewalk. This was an automatic opt-in, without users doing anything.

Amazon Sidewalk is a new shared network with the goal of extending internet connectivity to certain smart devices past the reach of a typical home or building Wi-Fi.

Benefits touted for the network are:

  • Being able to place smart security cameras, floodlights, and other devices farther from your building
  • Ability to use trackers like Tile more fully to find lost keys or pets
  • Ability to use your Echo device in more areas around your property or neighborhood and keep internet connectivity

The Sidewalk Network is powered through what Amazon refers to as Sidewalk Bridges. These are basically devices that can connect to the network (Echo, Ring devices, etc.).

Sidewalk works by:

  • Using a portion of the bandwidth (80kbps per Sidewalk Bridge) of users’ Wi-Fi networks
  • Using up to 500MB of data per month per user account
  • Pooling that “borrowed” bandwidth and running it through Amazon’s server to turn it into a shared network around each bridge device

Amazon Sidewalk Security Concerns

Shared Networks Are Often Hacked

Publicly shared networks are prime targets for hackers. Even with the 3-layer encryption that Amazon is using for Sidewalk, there is still a big chance of a breach.

Because this concept at this scale is so new, it’s not yet known if a breach would result in a breach of participating user networks, the data they’re sharing through the Sidewalk network, or both.

Remote Employees Can Put Data at Risk Without Realizing It

Since the pandemic, many businesses in Houston and around the country are using more remote employees than in the past. In 2021, the number of permanent remote employees is expected to double.

Even with good employee cybersecurity awareness, if someone has an Echo voice speaker anywhere in their home, it could leave a big security vulnerability without them realizing it because of the automatic opt-in. 

Voice assistants like Echo Dot, Echo Dot for Kids, Echo Show, and others have been exploding in popularity, both in homes and offices. So, there’s a good chance that at least one Sidewalk Bridge device would be present somewhere on a network being used for your business data.

Third-Party Developers Are Being Invited to Join

When you’re dealing only with Amazon devices, that’s one level of security risk. But when you have multiple third-party developers adding Sidewalk connectivity to their devices, that’s a whole new level of risk.

Currently, the only devices that can connect to Sidewalk are select Echo and Ring devices, but Amazon is inviting third-party developers to add Sidewalk Bridge capabilities to their products.

For those that like the idea of the network, this expands how many devices you can use on it. However, those in IT security know that the more developers, the more risk there is of a code vulnerability.

Users Can Give the General Vicinity of Their Device

One feature that is designed to make it easier for those looking to connect to an available Amazon Sidewalk network is to allow people to see the general vicinity of a Sidewalk Bridge device.

This feature also makes it easier for hackers to find networks to target.

How To Disable Sidewalk Connectivity

For those wishing to turn off the connection to Amazon Sidewalk, here are the steps:

  • Open your Alexa app
  • Open the More option
  • Select Settings
  • Select Account Settings
  • Select Amazon Sidewalk
  • Turn the feature to Off

Amazon notes that turning off your device’s (and network’s) participation in Amazon Sidewalk will not impact the performance of the device.

Get an IoT Device Security Review from Digital Crisis

IoT devices are becoming a larger part of both in-office and remote work networks. Digital Crisis can help your Houston area business ensure yours are properly secured. 

Contact us today to schedule a consultation. Call 713-965-7200 or reach us online.

Let's make IT better.

Providing superior, high-quality, and professional I.T. services in the Houston Area.

Digital Crisis LLC

P.O. BOX 6527
Houston, Texas 77265

✉ contact@digitalcrisis.com

☎ (713) 965-7200

Business Hours
Mon-Fri 9 am-5 pm CST
Saturday & Sunday: Closed
Emergency Support: 24/7