Freelance tech writer, LinkedIn profile

Author Bio ▼

A tech writer specialising in cybersecurity, working with Redscan on this and a number of other GDPR, MDR, and ethical hacking projects.
November 20, 2019

Sign up to free email newsletters

Download

The State of Physical Access Control in EMEA Businesses – 2020 Report

Cybersecurity

Can you hack a smartwatch?

Over the years, technology has grown to such an extent that it is now more embedded into our society than ever before. While that may be seen as a good thing to many people, coupled with this adoption has been a rise in the number of cyberattacks and extreme cases of hacking or data theft.

cyberattackFirst it was computers, then it was phones, and now it’s smartwatches. Whether it be encryption versus hacking, or computer software versus viruses, good vs. evil is often a repeated theme in terms of technological advancements.

Each development now brings with it the inevitability of an eventual cyberattack, since the very nature of a wannabe hacker is to identify a system’s various weak points.

However, while hacking may make sense in terms of phone and computer software, can the same can be said of smartwatches? These miniaturised-computer systems work differently to other types of operating systems, but does that mean they’re any less susceptible to hacking?

This article will seek to provide definitive answers to both of these questions.

Yes

According to research by a team of security experts at Sophos, it is perfectly possible for smartwatches to be hacked. During their recent study, they investigated the potential harm that hackers could cause on smartwatches provided to children. Many parents like to keep track of their children during the school day after all, being able to contact them in the event of an emergency.

The study found that hackers were able to take advantage of many smartwatch security loopholes and effectively relay inaccurate smartwatch data back to parents. As one example, hackers were able to remotely access the watch’s GPS tracker and alter its geographical location, leading parents to believe their child was in a location they actually weren’t.

Similarly, by accessing the smartwatch’s SIM card, hackers were able to send a coded message to the device and listen in to what the user was saying.

No, not really

While Sophos’ research may appear fairly damning, it’s important to remember that smartwatches can vary substantially in terms of both quality and sophistication. Therefore, you tend to get what you pay for; higher-end products will typically have a much greater resistance to cyber threats than lower-end alternatives.

However, while this belief may be the case in general, Trend Micro’s investigation found that it doesn’t always seem to stand up. Back in 2015, the IT security firm released a report which highlighted a major issue with the cybersecurity of smartwatches: the physical protection of sensitive data.

Looking at devices from a plethora of leading brands, including Apple, Samsung, Motorola, LG and Asus, the team of researchers analysed how secure the devices would be if they were stolen. However, without having an effective physical protection mechanism in place, they weren’t very secure at all.

Trend Micro’s team also found that smartwatches save data locally when out of range from their associated smartphone. This effectively means that, if a watch were to be stolen, the thief would have instant access to all the data saved onto that device, including messages, contact details, photos, etc.

All it takes is a little bit of ingenuity

Trend Micro’s research may not be a ‘hack’ as such, but it does highlight a major issue with the security of smartwatches. It also pinpoints the potential issues involved when linking a smartwatch to a smartphone, since the watch can access most – if not all – the data available on the phone.

These findings correlate with the outcomes of Kaspersky’s research as well, which focused on whether smartwatch movements could be used to reveal passwords and other personal information. Taking advantage of the accelerometer housed within smartwatches, the team of Russian cyber security experts found that this was, in fact, possible; by repeatedly analysing an individual’s accelerometer data, the team could identify movement patterns and accurately predict a person’s computer password or PIN number.

However, the team did state that any wannabe hacker would still need to access the computer system or credit card to cause any kind of harmful effect. Therefore, while hacking a smartwatch may be theoretically possible, it would take a lot of hard work and effort.

So?

In conclusion, the research proves that yes – you can hack a smartwatch. They may not be the easiest device to target but, given enough time and dedication, it is entirely possible for hackers to break through and access valuable information.

In order to keep your smartwatch as protected as possible, make sure to change your unlock code frequently and update your software whenever a new bug or operating system update is released.

Alternatively, you can always stick to the un-hackable, traditional style of watch in

Free Download: Cybersecurity and physical security systems: how to implement best practices

Discover the five-step process for strengthening your cyber and physical security systems with this free resource from Vanderbilt. Learn how to choose the right equipment to stay diligent and protect your systems against cyberattack, and learn what cyberattacks mean in an interconnected world.

Related Topics

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments