More and more people are using smartwatches and smartbands. These smart gadgets monitor our heart rate, display emails and text messages, control our smart home and can even act as a payment card. – Most users are not aware of the capabilities of their devices – warns the expert and adds that even the best watch can contain errors leading to leaks and data loss. As smart devices become an increasingly common part of our lives, they will also become a more frequent target for attackers.
The Internet of Things covers an increasing part of our daily life. With each new version of a new monitoring device, manufacturers add new functions to support users in their daily activities. Most of these devices collect a large amount of data.
Health parameters, location or user data are a wealth of knowledge about our life. In addition, smartwatches can connect to the smart systems of other devices in close proximity. Therefore, it is useful to understand the potential security and privacy threats of clumsy use of modern watches and bracelets.
User location is one of the primary types of data recorded by most smartwatches and wristbands. With this information, a hacker could build an accurate profile of the movements the user makes during their routine day.
This, in turn, as ESET experts explain, potentially makes it possible to physically attack not only the user, but also their home or car when the owner is not nearby. Additionally, some devices can be used to control smart home appliances. They can even be configured to open the front door. This poses a serious security risk if devices are lost or stolen and anti-theft settings are not enabled.
– Most users do not know the capabilities of their devices. A few years ago, security researchers discovered vulnerabilities in children’s smartwatches that revealed their location and personal information. An earlier, separate investigation found that some vendors’ devices were sending unencrypted personal data of children using their products to servers in China, says Kamil Sadkowski, ESET.
The devices we carry are only part of the picture, experts admit, because in reality there are many elements: from the software of the hardware in question to the protocols used to connect the app to cloud servers. Ultimately, all of them can be vulnerable if security measures to protect privacy are not properly implemented by the manufacturer.
– In recent years, numerous vulnerabilities have been discovered in devices using the Bluetooth Low Energy (BLE) protocol, which allow nearby attackers to cause the device to crash, and in some cases even view or manipulate the data transmitted – warns Sadkowski. – Often the software on the device itself is vulnerable to external attacks due to weak security – he adds.
– Even the best watch can contain errors leading to leaks and data loss. Smartphone apps linked to smartwatches and bracelets are another possible attack vector, he points out.
- Use two-factor authentication
- Use a screen lock
- Change device settings to prevent unauthorized pairing
- Visit official app stores only
- Update your smartphone’s operating system and apps
- Never Jailbreak/Root – removing manufacturer restrictions can significantly affect the security level of the device
- Restrict app permissions
- Install reputable security software on the device
- Do not synchronize smartwatches and smartbands with the front door of your house
- Connect your devices to a guest-only Wi-Fi network
- Update software on all devices
- Make sure all factory default passwords on devices have been changed
– It’s worth taking a closer look at the privacy and security settings, making sure the device configuration meets the user’s individual needs in terms of maintaining the preferred level of privacy – says l ‘expert.
As smart devices become an increasingly common part of our lives, they will also become a more frequent target for attackers. – Before buying, check the reviews on a given device, and after launching it, check the security and privacy settings – he summarizes.