Vulnerabilities in Smartwatches

Hackers are always vigil to hack any possible electronic device. We have heard about smartphone vulnerabilities. Millions of Android phones were exposed to an easily exploitable flaw in an audio codec used in chips from MediaTek and Qualcomm. Similarly, there was a major security vulnerability found in iOS and macOS devices that could allow potential hackers complete control of a user's device, it was announced earlier by Apple.

A remote attacker can exploit the flaw by sending the target a malformed audio file, which allows the attacker to execute malware on an Android device. Now the news about the growing vulnerabilities on the Smartwatches with network and communication functionality, clearly opens a new gate for cyber-attacks.

Many smartwatches have 100% vulnerabilities, reason being insufficient authentication, lack of encryption and privacy concerns. A month back, CERT-In had warned of vulnerabilities in Apple smartwatches.

Apple Watch models that are running on operating systems older than 8.7 are at risk. As per the Government of India, Apple Watch users have been issued a warning about vulnerabilities being present in their smartwatch.

Reports claim that these vulnerabilities can help hackers in bypassing the security restrictions on Apple Watches. CERT-in has issued high-severity warnings to all the users.

As their adoption continues and the innovation of the developer ecosystem finds better and better uses for them, smartwatches will increasingly store more sensitive information such as health data, and through connectivity with mobile apps may soon enable physical access functions including unlocking cars and homes. Experts say the collected data is getting curated to use in many ways.

Attackers execute arbitrary code on any targeted device. A report says, No smartwatch the company tested had two-step authentication security enabled, while some 30% were vulnerable to account harvesting, with attackers easily gaining access to their operating systems.

While smartwatch technology supplied with biosensors has potential to be useful in a variety of healthcare applications, rigorous research with their use in clinical settings is needed.

The user of the smartwatch uses it in many ways by getting sync with their smartphone or laptop, for updating their health record or daily walking status, which has become a fashion nowadays, these connected devices are under the net of cyber crooks.

These security measures are not only important to protecting personal data, but are critical as smartwatches are introduced to the workplace and connected to corporate networks.

All smartwatches collect some personal information, such as name, address, date of birth, weight, gender, heart rate and other health information. Given the account enumeration issues and use of weak passwords on some products, exposure of this personal information is a concern.