Your Smartwatch May Be At Risk of a Security Hack

Tuesday, December 22, 2015 by under Cyber Security/Hacking, IoT (Internet of Things), Lifestyle, Security, Smart Home

Smartwatch security has become a hot topic, especially after HP conducted a security assessment and found even the most popular smartwatches to be vulnerable to cyber attacks.From fitness tracking to home automation, smartwatches offer boundless benefits. But, embracing the wearable tech trend should be done cautiously.

Hewlett-Packard conducted a smartwatch security assessment this year that revealed nearly all smartwatches, including the most popular, are vulnerable to cyber attacks.

Research also indicates that the sensors used to track a smartwatch user’s activity can also be used to monitor hand and finger movements. By installing an app on your smartwatch, a hacker could analyze your computer keystrokes to uncover login, banking and private information.

With these risks in mind, experts suggest that smartwatch owners proceed with caution.

3 Ways Your Smartwatch Might Be Vulnerable

Researchers identified key areas of concern for devices like the Apple Watch, Android Wear and its competitors:

  1. Authentication. Every smartwatch tested by HP demonstrated “insufficient user authentication and authorization,” and lacked the ability to lock out accounts after a certain number of failed password attempts. According to the report, 30% of devices were found vulnerable to account harvesting.
  2. Encryption. The report found that while every device implemented encryption, almost half (40%) of the devices exhibit vulnerabilities that demonstrated “a lack of transport encryption protocols.” This also poses a threat to firmware, which cannot be effectively updated without secure encryption.
  3. Privacy. Smartwatch users’ personal security and privacy, according to HP, are at risk. Smartwatches, like mobile phones, collect a wide range of personally identifiable information. Due to the encryption and authorization risks noted above, consumers cannot be 100% confident in the security behind their wearable tech.

Secure Your Smartwatch and Smart Home

Smartwatches are not yet widely adopted by consumers. Experts suggest wearable tech developers invest time and funds into improving security before adoption (particularly in the corporate sector) increases. Once smartwatches go mainstream, they will become increasingly more appealing to cyber criminals.

In the meantime, there are helpful steps smartwatch owners can take to protect their personal data and information. This is especially important for homeowners who connect their watch to smart home security devices (including locks and alarm systems).

Ensure you’re following these preventative steps to maintain smartwatch security:

  • Implement strong passwords to access your smartwatch, its applications and your security system. If your smartwatch doesn’t enable encryption on its own, install a security app to encrypt sensitive data for an added layer of protection.
  • If possible, avoid using your wearable device in connection with platforms that require hypersensitive information. Opt to handle tasks like online payments from a secured mobile phone or computer.
  • Be cautious of links you share, click or download to avoid phishing attacks.
  • Keep your smartwatch securely stored when not in use to avoid theft, which could easily lead to an information leak. If your watch is stolen, contact your provider or use an application to remotely erase the device to factory settings.
  • Don’t jailbreak or root your device, as this will increase your smartphone’s vulnerabilities to a data hack.
  • Smartwatch security starts with its host device—your smart phone. Ensure all mobile devices connected to your smartwatch are secured. Furthermore, never allow your smartwatch to pair with unknown or suspicious devices.

Are you a smartwatch owner? Share your suggestions for keeping your home and data safe in the comments below!

Image Source: Intel Free Press via Flickr


Please read our commenting policy before posting comments.

comments powered by Disqus