Did you know it is technically possible to spy on wearable devices in a gym or coffee shop? Fortunately, as Wareable’s David Nield points out, it’s highly unlikely that anyone who isn’t a security researcher is actually going to bother to try – for now.
“The few drops of data available are not worth the challenge of trying to grab them – it’s too much effort for too little reward,” Nield explains.
However, the threat level against vulnerable wearable devices is likely to steadily increase with time.
“Current wearables have a limited attack surface,” Liviu Arsene, senior e-threat analyst at Bitdefender told the publication. “Future wearables will likely behave as current mobile devices, making them far more appealing for a cybercriminal.”
More specifically, says Arsene, cybercriminals will find wearables more of an appealing target when the fitness tracker and smartwatch market matures. In the interim, Arsene recommends users focus on privacy and understand where and how their data is being shared.
Nevertheless, it is clear that the current approach to wearable security must evolve if manufacturers are to stay one step ahead of cybercriminals and other nefarious actors.
“For most of these organizations, securing the communication is secondary to actually making the devices function,” Martin McKeay, a security expert and advisor told Warables. “There’s a lot to be concerned about with wearables going forward. I haven’t seen evidence that there’s been any major breaches yet, but there will be… it’s going to be where the data is at and that’s where the bad guys go.”
Commenting on the above-mentioned report, Zainab Al-Shamma, a security marketing manager at Rambus, recommended manufacturers adopt a hardware-based strategy – beginning at the SoC level itself – to securing wearables and other mobile devices.
“Firstly, a hardware-centric approach will help ensure the SoC powering a wearable device remains secure during the manufacturing process. Secondly, embedding the appropriate security IP core into a wearable SoC will go a long way in helping companies design devices that remain secure throughout their respective lifecycles.”