Advertisement

‘See where a person has gone’: Some smart watches vulnerable to hackers

Some smartwatches are extremely vulnerable to hackers, research has found.

Some smartwatches are extremely vulnerable to hackers, research has found.

Australians are being warned to watch out for smart devices that could be vulnerable to hackers, with research revealing that many wearables have “very weak” or no security defences.

Researchers from Charles Darwin University say while smart watches can be good for tracking steps or heart rates, they can also offer hackers a wealth of personal information that can be exploited.

Their study outlines concern that the Bluetooth technology underpinning the devices sacrifices security for low energy consumption.

Experts were able to hack into a variety of smart wearable devices that retail for between $25 and $150, gaining access to the personal information as well as the ability to manipulate it.

“We could bring a pulse down or up. We could see where a person has gone, where they’ve spent time and other medical readings like heartbeat, blood pressure and ECG readings,” study supervisor Bharanidharan Shanmugam said.

“This data can be pushed to medical companies, used for targeted marketing, or can be used to develop a profile on a user.”

Electronic wearables have become a huge industry over the past decade, particularly as technology companies have released ranges of smart watches that double as digital fitness assistants.

But while wearable devices have been a hit with consumers, the research found there are also security vulnerabilities with the technology that many watches rely on, particularly those at the cheaper end of the market.

So-called Bluetooth low-energy technology, which allows devices to connect with nearby smartphones, is the culprit. The study found it is remarkably easy to hack.

“[These devices are] vulnerable to various security threats, such as brute force attacks, man in the middle attacks, denial of service attacks and phishing,” the paper said.

The devices tested in the study were the Smartwatch CF-58 and the Xiaomi wristband.

Shanmugam said manufacturers needed to take these vulnerabilities more seriously.

“The assertion that smartwatch makers are not taking security seriously is a significant concern,” Shanmugam said.

“If this trend persists, it could lead to a cascade of negative consequences for both individuals and society.

“Potential consequences are increased identity theft and financial loss, as any breach could expose personally identifiable information to cyber criminals leading to identity theft, financial fraud and unauthorised access.”

Making matters worse, the types of data usually stored on wearable devices is personal, often related to health and medical information.

Shanmugam warned that if the data fell into the wrong hands, it could be used to blackmail or even physically harm users, especially for older Australians who may not realise their device has been compromised.

Even companies could be harmed if sensitive information was stolen from their workers’ wearable devices, Shanmugam said.

“Compromised devices can allow competitors or cyber criminals to steal valuable intellectual property,” he said.

“A massive volume of lawsuits stemming from these incidents could potentially bankrupt the company.”

Advertisement
Stay informed, daily
A FREE subscription to The New Daily arrives every morning and evening.
The New Daily is a trusted source of national news and information and is provided free for all Australians. Read our editorial charter.
Copyright © 2024 The New Daily.
All rights reserved.