Bose, Sonos Speakers Vulnerable To Remote Hijacking And Nefarious Network Spying

Are consumers putting too much trust into smart speakers that a monitor their surroundings and send recorded data over the web? That is a question that was recently posed, drawing a comment from the American Civil Liberties Union (ACLU) calling digital assistants and other IoT devices a "triple threat to privacy." Now just a few weeks later, security outfit Trend Micro is putting the call out for better security in IoT devices.

Trend Micro set out to see just how safe and secure (or not secure, really) today's IoT devices are, and to what extent an attacker can manipulate these gadgets. In one example, Trend Micro examined a couple of popular products, the Sonos Play:1 and Bose SoundTouch. It found a bunch of "security gaps" that ranged from simple open ports that can give anyone access to an email address linked to music streaming services, to being able to access a list of devices and shared folders that were on the same network.

Sonos Play:1
Sonos was quick to close security gaps in its Play:1 speakers after being alerted by Trend Micro. (Image Source: Sonos)

"After the tests, we reached out to Sonos, which responded quickly to fix the security gaps. The gaps addressed include a denial-of-service (DoS) bug which now returns an HTTP error code 412 (Precondition failed). A more detailed account of the updates made by Sonos can be found in the case study. We also reached out to Bose and are currently waiting for their response," Trend Micro stated in a blog post.

Trend Micro says the implications of these security gaps extends well beyond the loss of device control. The security company warns that Internet-connected speakers can expose information that can be used by attackers in malicious schemes. Furthermore, these vulnerabilities do not just pose risks for home consumers, but also enterprise networks.

IoT Attack
Source: Trend Micro

"Aside from finding an entry point, an attacker could use the exposed information for spear-phishing. By studying the target’s musical preference based on the tracks being played, an attacker can tailor-fit an email and send it to the email address linked to the target’s music streaming account. This increases the success rate of schemes to compromise businesses too," Trend Micro added.

The smart speaker market is growing, and as we saw when the IoT market as a whole started to boom, security can be lax. That's a problem when you consider all of the personal data that is collected and managed by Internet-connected products. As Trend Micro notes, securing them should be just as important as ease of use.