Why Amazon Sidewalk Should Be On Your Cybersecurity Radar
Amazon is known as a company that has pushed the envelope when it comes to technology. It’s currently a leader in IoT tech, with its Echo smart speaker line holding approximately 53% of the market share.
It’s launching a new pioneering initiative in network technology, which is a shared neighborhood network called Amazon Sidewalk.
Amazon Sidewalk is designed to expand connectivity outdoors for IoT devices to extend ranges beyond where a typical home or office Wi-Fi can reach. The benefit is having the ability to use IoT more fully, such as setting up a security camera at the edge of your property.
Why should this new network be on your radar? Here are a few reasons:
- Both homes and offices now use IoT devices like Echo and Ring security cams.
- Many Silicon Valley area companies are now using remote workers (meaning home networks are now business networks).
- Amazon Sidewalk brings with it some serious security concerns.
How Does Amazon Sidewalk Work?
First, let’s start by going into how this new Sidewalk network works.
It’s powered by combining the bandwidth of user networks. If you have a compatible Echo device or Ring security camera connected to the network, that device then becomes a Sidewalk Bridge.
Amazon uses up to 80Kbps of bandwidth per Bridge device, sending that back to Amazon’s server to create this neighborhood web of internet connectivity.
Amazon uses up to 500MB of data per month, per participating user account to make the Sidewalk network operate. (You’re not compensated for your bandwidth or data, by the way.)
Users of compatible devices both share their networks and can connect their devices to the Sidewalk Bridge signal of other users. It’s like a community pool of bandwidth.
The more devices participating in Sidewalk, the stronger the network. And this brings us to some major security concerns, which we’ll go into next.
Security Concerns to Consider with Amazon’s Sidewalk Network
It’s important to note that this is Amazon, so it knows how to handle cloud encryption. The network uses three different encryption layers to protect data as it’s traveling from the endpoint to the server and back.
However, this is an entirely new scale and paradigm of wireless connectivity, where instead of neighbors (or strangers) borrowing a cup of sugar, they’re borrowing some bandwidth to connect their device to the internet.
Here are some of the security concerns that your business should take into consideration when creating IoT security policies and discussing them with your staff.
Devices Have Been Opted In Automatically
In a bold move, Amazon decided not to have users choose to use Sidewalk, instead they have to choose not to use it. In December 2020, the company began automatically enabling the Sidewalk feature in compatible devices and opting then in.
This means that your Echo or Ring device could already be acting as a Sidewalk Bridge, sharing your bandwidth with Amazon and allowing strangers to connect. You have to specifically go into the Alexa app settings to opt out of Sidewalk.
Devices that are currently compatible with Amazon Sidewalk include:
- Echo (and Dot, Kid versions): 2nd through 4th Gen
- Echo Dot with Clock: 3rd Gen
- Echo Plus: 1st through 2nd Gen
- Echo Show: 1st through 2nd Gen
- Echo Show 5, 8, 10
- Echo Spot
- Echo Studio
- Ring Floodlight Cam
- Ring Spotlight Cam Wired
- Ring Spotlight Cam Mount
Hackers Are Well Known to Attack Public Networks
Even with encryption and top security, public networks are often hacked. Man-in-the-middle attacks are common on shared public networks, which could put user data at risk of being intercepted.
Since part of a network’s bandwidth is being used by this neighborhood Wi-Fi, that anyone with a compatible device can connect to, other dangers may exist.
For example: Could a hacker using their Echo device to connect to your Sidewalk Bridge somehow use that connection to gain access to your network?
Because this is a new deployment and nothing quite like it has been done on this scale, we’re in a “watch this space” mode until network vulnerabilities are uncovered and potentially exploited.
3rd Party Developers Are Making Sidewalk-Compatible Devices
Currently, only Amazon’s own devices (Echo, Ring) can use the Sidewalk Network. However, Amazon is welcoming developers onto the bandwagon to make their devices compatible with Sidewalk.
This increases the level of security concern, due to more risk of code vulnerabilities coming from multiple developers.
Users Can Make Their Bridge Network Visible
Users have a way to make their Sidewalk Bridge visible on a map so others can connect to it. It does not give the exact address of a device, and users can’t see each other when connected, however it does give the general vicinity of the device to facilitate connections.
While this may seem neighborly, it also can lead a hacker directly to your device and shared network.
Does Your Business Have a Strong IoT Security Plan In Place?
How protected are your IoT devices? GEEK911 experts can help your Silicon Valley area business ensure your network isn’t left at risk due to unsecure smart devices.
Contact us today to schedule a consultation! Call 1-866-433-5411 or reach us online.