27 Jul Smartwatches Vulnerable Says HP Study
A HP study has shown that smartwatches are vulnerable to attacks.
With the increased popularity of wearables devices corporate environments need to continue to be wary of security breaches.
Assessing ten of the most popular smartwatches, and their Android and iOS cloud and mobile applications, HP uncovered a handful of security concerns.
The study identified five key areas of vulnerability.
User Authentication
Tested smartphones were paired with a mobile that did not use two-factor authentication and the device was not locked after a series of incorrect password attempts.
Encryption
Whilst encryption is used on all devices tested 40% of cloud connections were open to attacks.
Interfaces
One in three devices used cloud-based web interfaces that were easily able to identify user account details.
Firmware
70% of the tested smartwatches did not use encryption when updating firmware. Whilst updates were signed to prevent the installation of contaminated files, the files could be downloaded and analysed by a third party.
Privacy
All smartwatches kept personal information that due to weak security and passwords could be collected.
As the adoption of smartwatches accelerates, the platform will become vastly more attractive to those who would abuse that access, making it critical that we take precautions when transmitting personal data or connecting smartwatches into corporate networks. Jason Schmitt, General Manager of HP Security.
Whilst the wearable device market continues to grow corporate security is always a concern.
Take a look at our article “Wearables and the Threat to Corporate Security“.
Please also share your comments regarding wearables and corporate security.