Simple does not mean safe

Our lives are being made simpler by the use of smart devices and wearables. Alexa can be connected to your coffee machine so you can make coffee without lifting a finger, we never need to answer the door as our digital doorbells allow us to speak to visitors from anywhere in the world, and we can track our steps, read emails and make touch pay payments from a watch.

It’s a catch-22 situation though, as the more devices we have the simpler and more streamlined our lives can become, but on the flip side the more vulnerable we are to cyber-attacks.

Security risks of wearable devices

As with many ‘new’ technologies they are a work in progress regarding security with new features being introduced as vulnerabilities are recognised. This raises some security issues including:

  • Insecure data storage –  Many wearables store data on the device itself, with no password access and in many cases it is not encrypted. Therefore, should the device get lost or stolen all that data is accessible by whoever picks it up.
  • Encryption – As the data is not encrypted, when it is being transferred to the service provider’s servers if they don’t have the correct security measures in place the data could be accessible via third parties.
  • Insecure wireless – Many wearables connect to our smart phone using Bluetooth, NFC and insecure wireless connections which all could provide extra points of entry for cybercriminals.
  • Vulnerabilities – As wearable devices become more popular their operating systems will become a more attractive target for cybercriminals meaning that similar security measures used for laptops and desktops will be needed for wearables too.

Keeping your wearables secure

Keeping the data safe on your wearable devices should be as much a priority as on your desktop or electronic doorbell.

The first thing to do when you set-up your device is to go through all the default settings and change them. Each device is different but there are certainly some questions you could ask yourself.

  • Is the data shared on social media?
  • Is there a locator tracker? Do you really want hackers knowing your home address?
  • Do you need to have the device on all the time?
  • Are you able to set up a password or pin for your wearable?
  • When syncing your wearable to your smartphone are you able to set up multi-factor authentication?

Keeping your smart devices safe

With any devices, whether a wearable, or a smart device for the home, password protection is one of the easiest ways of keeping the hackers out.

Default Passwords – Many electronic devices have a simple default password (admin, password, 123456, guest). Yes, they are easy to remember and can get you set up and using the device quickly, but a hacker can break these in less than a second.[1]

Therefore, the best thing to do is to change the default password before you start using the device. Even using the device once with the default password leaves you vulnerable, and the hackers literally only need a second to get into your system.

Strong passwords – When you do choose your passwords make sure they are strong and not your favourite TV show (no matter how obscure). A strong password is a random selection of 8 to 10 letters, numbers and characters.

Software updates – Software updates can be inconvenient, putting a device out of action for a few minutes, and sometimes features can change following an update. But they are vital to keep  your devices safe. Updates provide all the patches required to fix known vulnerabilities. By ensuring your devices are up-to-date means they are as safe as the manufacturer can make them.

When it’s time to move on

At some point you may decide to sell your device or wearable, or you simply no longer use it. Do no forget to wipe the device and return to factory settings. If you don’t, when you sell your smart watch you could also be inadvertently passing on your data too. And in reality you don’t know who will then have access to it.

For further advice on keeping your devices and wearables secure please contact Security Everywhere, and we can fight the cybercriminals together.


[1] https://nordpass.com/most-common-passwords-list/