Security firm shows vulnerability of smartwatches to hacker attacks

Sony SmartWatch 2

Security and anti-virus maker Bitdefender has released a warning to smarthphone users who use peripherals such as smartwatches—they're not as invulnerable as most people think, and in fact can be quite easily hacked. To prove their assertion, they filmed one of their engineers hacking into a smartwatch and released it onto the Internet.

By now, most people are aware of the dangers of saving data from their phones to the Internet—private photos of celebrities and of those who worked for Sony have made that patently clear. But what many may not be considering is data that passes between their smartphone and another local peripheral, such as a , , etc. Such devices typically make use of Bluetooth technology, which has developed a reputation as being reasonably secure. But now, that reputation is being called into question as engineers with Biddefender show that capturing that moves between a smartwatch and a smartphone isn't all that difficult.

Bluetooth devices maintain security by use of a six digit PIN, but of course, hacking such a code by brute force is rather straightforward, as was seen in the video posted by the engineers—all they needed to do was run a program that tried every single possibility. They also show that once someone has the passcode, all they need is some rather easily obtainable eavesdropping gear to capture everything that goes on between the devices, much of which is in plaintext.

What the findings by the security company don't address is whether most people really need to worry about someone going to all the trouble of hacking into their smartwatch, heart monitor or other peripheral. Clearly it might be an issue with politicians, celebrities, etc., but should it really matter to the rest of us? It might be worth noting that to carry out such a hack as demonstrated by Biddefender, the hacker would have to be awfully close to the victim, which might mean they actually know the victim or are related to them. In the future, as we all slowly adopt the "Internet of Things" will we need to worry about hackers watching transactions between our phones and our WiFi enabled toasters, , lights, etc. Perhaps, this will all become moot if someone develops a more robust, second layer of security, that's run on the phone.


Explore further

Security experts reveal weakness in WiFi connected LIFX light bulbs

© 2014 Tech Xplore

Citation: Security firm shows vulnerability of smartwatches to hacker attacks (2014, December 11) retrieved 18 September 2019 from https://techxplore.com/news/2014-12-firm-vulnerability-smartwatches-hacker.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
64 shares

Feedback to editors

User comments

Dec 12, 2014
It might be worth noting that to carry out such a hack as demonstrated by Biddefender, the hacker would have to be awfully close to the victim

Or, from a more remote location, use a higher gain antenna.

Something like end to end TLS ought to be required. But consumers aren't going to know that. So there will be little demand.

Dec 12, 2014
the hacker would have to be awfully close to the victim, which might mean they actually know the victim or are related to them

...or stading in line with them...or sitting in the same cinema / on the same bus/subway...
...or

There must be a million ways to be close to someone for some time without arousing suspicion.

What the findings by the security company don't address is whether most people really need to worry about someone going to all the trouble of hacking into their smartwatch

If you have the smartwatch you have a path to the smartphone. And that contains all kinds of juicy data (credit card numbers from past transactions ...or your home address - because when while you're being hacked you're not home. Therefore someone could just go and break in...or... )

Dec 12, 2014
Yet hackers are employed by these same security firms. Hackers make many indispensable hacks such as rooting smartphones so they may be upgraded against known exploits. The correct term is "cracker." Or does the author think thieves hack safes as well? The only way to stop the slow creep of stupid is to begin thinking

If you make something useful, it is a hack. If you are trying to trespass, it is a crack

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more