Dolphin attacks, and what they mean for digital assistants

Last updated: 26 January 2023

Simply put, digital assistants are nothing short of amazing. In the past couple of years, advancements in this space have been stunning. We can now rely on digital assistants to enhance, simplify and improve our lives in multiple ways, both for personal and business use.

The likes of Alexa, Cortana, Siri and Bixby (and many more) are now household names. They come with an impressive range of benefits, tricks, ever-improving software and being integrated in more and more devices. These virtual buddies/helpers can carry out a wide range of complex tasks, from scheduling appointments, creating lists, ordering taxis, booking flights, opening software, and even activating/controlling smart devices – all possible by voice commands from the user.

But this is only the beginning; as Henrik Nordmark, head of data science at Profusion, said recently in an interview with The Telegraph: “We’ve barely scratched the surface of what virtual assistants can do.” It’s clear the future holds digital assistants with significantly more power, intelligence, ingenuity and connectivity to other devices/services in our lives. This of course is exciting; it’s easy to think of all the other ways in which this will enhance our lives and the new windows it’ll open. But before we get carried away by our new virtual companions, we need to think carefully about their/our security.

Recently, researchers have discovered a new type of cyber threat related to these assistants, called ‘Dolphin Attacks’. The name comes from the fact that dolphins can hear a range of sounds that humans can’t (similarly to dogs). In essence, the concept is that commands can be hidden in high-frequency sounds that these assistants can detect, but our human ears are unable to hear. A scary thought.

And this thought is now capable of becoming a reality. A new paper from Nicholas Carlini and David Wagner of University of California, Berkley, has revealed the specifics. Crucially, they discovered that “With optimization-based attacks applied end-to-end, we are able to turn any audio waveform into any target transcription with 100% success by only adding a slight distortion.” Basically, they can disguise these hidden commands with some slight distortion, without a user realizing.

Of course, this isn’t easy; it took extensive research and effort to achieve this… but it is possible. This means that with the right opportunity, and the right knowhow, a hacker could theoretically hijack an assistant (using the speech recognition function), using it to carry out commands without a user’s knowledge. As you can see in the paper, in their case examples, it is practically impossible for humans to detect any differences in altered clips/sounds with hidden commands.

So, what does this mean?

Firstly, it’s important we don’t over analyze the situation or create unnecessary fear. While there are concerns, the researchers only tested speech recognition software, not specific digital assistants. And we should also consider how these tests were carried out in a controlled environment and aren’t guaranteed to work in a real scenario. So, it’s not time to press the panic button. However, it is certainly time to carefully evaluate the situation. Clearly, there is a threat, which could result in significant consequences for individual users or businesses.

This means that it’s more crucial than ever before that security by design, for all new technologies (digital assistants in this case), is a priority. Security and protection from threats must be at the front of our minds when we construct these new solutions and products. Perhaps this is the only way we can boost consumer confidence in IoT device security

Fortunately, the leading providers of these solutions (the largest tech companies such as Apple, Google and Amazon) are aware of this type of threat; built-in security features are now there to help protect against them. However, it is yet to be seen whether these features have the necessary requirements to stop dolphins in their tracks. Clearly, there’s still much to be realized when it comes to voice recognition security.

On a personal level, I’m well-versed with a wide range of smart home, voice-activated devices now, using them mostly to control lighting, music and heating. So far, I’ve not come across any issues or significant threats or needed to worry about any dolphin attacks. However, I do have some concerns regarding a hacker in our own home: my four-year-old son; he’s been somehow able to add his favorite toys to our family Amazon shopping cart recently, on his own. This just shows once more that digital assistants offer a (voice) user interface, that even a small child can use…

As with any new technology, new routes of attack come with it, which we’re witnessing here. That’s why it’s so important we keep security (in this case IoT Security) at the front of our minds as we design these new products/offerings. At the same time, security needs to be able to evolve and be managed over the lifecycle. If we don’t follow this approach, it’ll be impossible to stay ahead of the hackers who seek to exploit the incredible new breakthroughs and solutions that are being developed right now.

What do you think? Do you believe Dolphin Attacks are a major threat to digital assistants? Let us know your thoughts by tweeting to us @Gemalto or leave a comment in the section below.

Leave a Reply

Your email address will not be published. Required fields are marked *