Head, Cybersecurity, Privacy and Data Protection KK Lim quoted in The Straits Times article titled "Amazon Echo and Kindle devices discovered to be insecure, vulnerabilities patched"

Head, Cybersecurity, Privacy and Data Protection KK Lim quoted in The Straits Times article titled "Amazon Echo and Kindle devices discovered to be insecure, vulnerabilities patched"
23 Oct 2019

Eversheds Harry Elias Head, Cybersecurity, Privacy and Data Protection KK Lim was quoted in The Straits Times article titled "Amazon Echo and Kindle devices discovered to be insecure, vulnerabilities patched". The article was first published on 17 October 2019.

Amazon Echo and Kindle devices discovered to be insecure, vulnerabilities patched

Users of Amazon's Echo speakers and Kindle readers in Singapore and around the world have been put at risk by vulnerabilities that cyber attackers can exploit to intercept the online signals of these devices and take the first step in using them as surveillance tools, said Slovakian cyber-security firm ESET.

The first generation of Echo speakers, an Internet of Things (IoT) device which records user voices to run tasks, and the eighth generation of the Kindle e-reader were found to be vulnerable to this attack.

Below is an excerpt from the article which features comments from KK Lim:

Mr K. K. Lim, head of cyber security, privacy and data protection at law firm Eversheds Harry Elias, said more often than not, security in many devices in the market is not prioritised, which gives rise to the vulnerabilities that Amazon's devices were exposed to.

"Unless the device involves safety or safety plays a huge role like devices embedded in cars, the focus is usually on the ease of use for the end customer, speed to market and cost of manufacturing and security of the device itself is not the focus," he said.

Mr Lim added that when purchasing an IoT device and deciding to use it, customers should consider the cyber-security risks they expose themselves too.

He said: "The customer should have a clear view why the IoT device itself is necessary and what functions or objectives you are trying to fulfil, and whether the security of the device is a necessary quality that you must demand for yourself."

Full article can be found here.

Source: The Straits Times

Author: Hariz Baharudin

For more information, please contact our Business Development Manager, Ricky Soetikno at rickysoetikno@eversheds-harryelias.com

Contact: 

KK Lim

Head, Cybersecurity, Privacy and Data Protection
T: 
+65 6361 9307
F: 
+65 6438 0550
E: 
kklim@eversheds-harryelias.com