The growing adoption of smart watches has attracted an increasing number of attackers to shift their focus to this new type of devices, known as the wearables.
Likewise, it has become more crucial now than ever before for users to adopt more stringent measures in protecting their information, whether it is being received or transmitted via connected smart watches.
That is based on an HP-commissioned study that found all of the smart watches currently available in the market have inherent security holes in them.
That means your favorite smart watch brands such as the Apple Watch and Android Wear — which also happened to be the widely known wearable devices on the market — could be having the vulnerabilities being referred to by HP.
These wearable devices perform critical functions such as enabling you, the user, to send and receive notifications of incoming messages and control the apps installed in your smartphone, to which the smart watch is paired. Now imagine the disaster when hackers have taken control of your smart watch and maneuver how your personal device works.
Smart watches are also part of the Internet of Things ecosystem, a concept that has also become a hot target for cyber criminals wishing to take control of your home devices and appliances that are connected to the Internet.
The HP study has revealed a wide gap between the rate of adoption of wearable technologies and the efforts of their manufacturers to secure them. HP came up with the conclusion after performing manual tests on ten models of smart watches that HP considered the leading brands in the market.
Some of security flaws discovered in the sample wearables include the lack of authentication, encryption and privacy protection. That means the devices are susceptible to various forms of account harvesting. There was also a marked insufficiency in transport encryption that uses the SSL/TLS protocols. Majority of the devices studied by HP demonstrated vulnerabilities to known attacks.
There was also an evidence that the web interfaces of some of the smart watches have account enumeration issues, which would allow attackers to locate valid user accounts by using tools that are capable of resetting passwords.
HP further found security concerns in the unencrypted firmware updates.
While smart watches bring a whole new functionality to how we live every day, their applications in our daily routines also pose increasingly great threats to our sensitive data. As consumers, you can protect yourselves by disabling smart watch functions and features that could open the door to hackers.
Leave a Reply