Hackers can stealthily issue commands to smart speakers from more than 150 feet away, even through windows, simply by pointing a high-powered laser at the device's microphone, new research suggests.
Researchers from the University of Michigan in Ann Arbor and the Tokyo-based University of Electro-Communications performed a series of experiments to test the method. According to a resulting paper, these laser "attacks" can be successfully carried out on several models of the Amazon Echo and Google Home from a distance of about 164 feet, while the Facebook Portal, iPad and several smartphone models could be hacked from between 15 and 65 feet away.
The findings could pose major privacy concerns to the many healthcare organizations that have begun to integrate voice assistants into care delivery. With lasers able to remotely issue "inaudible and potentially invisible commands" to smart speakers, they could be programmed to provide incorrect and potentially harmful information to both patients and providers.
In statements issued to Wired, both Google and Amazon said they were reviewing the research and exploring its implications for the security of their devices.
More articles on cybersecurity:
DNA-testing company informs consumers of data breach
Maine provider alerts 30,000 patients of data breach
How hospitals should approach cybersecurity