As we continue to see the impact of wearable devices on both consumer and enterprise markets, we’re also seeing an unfortunate but unavoidable downside. The more popular wearable technology becomes, the more security vulnerabilities there are to cause concern.ITBusiness.ca has sounded the alarm about a potential war on wearables in a recent article detailing some of the emerging security threats aimed at wearables. And while it may be premature to say that hackers have declared war, we are indeed already seeing spillover of some of the same vulnerabilities seen in standard mobile devices into the world of wearables, along with the proliferation of some wearable-only threats.
So while we’re still feeling out exactly what the role of wearables will be in the workplace, now is the time to start thinking about what steps your client needs to take in order to secure networks from potential infiltration via wearable device. In order to effectively set up your client for security in the emerging WYOD (“wear your own device”) era, keeping an eye on the following potential vulnerabilities is a must.
1. Wearable Malware
Malware scanners have become a ubiquitous part of both consumer and enterprise computing to the extent that they are generally bundled with operating systems these days. Of course, they’re not all you need in order to stay cybersecure, especially at the enterprise level, but like a properly configured firewall, they’re a basic cybersecurity foundation. For wearables, we simply don’t have that level of malware protection built in. The threat of wearable malware is one that many aren’t aware of—yet.
Proofs of concept have shown that different types of ransomware can lock popular wearables as easily as they can lock infected desktop and laptop computers. It’s truly only a matter of time until either an outbreak of traditional ransomware appears on wearable devices, or a hacker creates a type of malware targeted specifically at wearables. Either way, wearables have proven to be vulnerable to malware. It’s a threat that is developing as quickly as wearable technology.
2. Data Theft (From Wearable Devices and the Networks They Connect To)
Wearable devices collect and store an unprecedented amount of personal data about users going about their daily lives, and they do so in all sorts of different ways. Whether a wearable has an internal drive itself, operates by syncing data to a companion device (as with some popular smartwatches), sends data to the cloud, or does all three, unsecured wearables offer numerous vulnerable points of entry for hackers to steal stored data.
With so little attention paid both to the security of the points at which wearables can connect to a network and the security of the wearables themselves, we are starting to see a range of easily exploited vulnerabilities being revealed. For instance, researchers have demonstrated with some wearable devices that vulnerable points of entry into the device can be exploited from a nearby smartphone, without even requiring a malware infection or a technologically sophisticated form of system entry.
3. New, Unforeseen Device-Specific Vulnerabilities
Though Google Glass has yet to make a resurgence in its consumer market, at least one report of a security vulnerability in the device’s erstwhile heyday sticks out as a big security concern. ITBusiness.ca noted that, in 2013, security researchers discovered that Google Glass’s ability to auto-read QR codes allowed hackers to trick the glasses into visiting malicious destinations by embedding URLs into QR codes.
Google reportedly fixed the glitch, but this dangerous quirk of Google Glass shows exactly why security should be top priority with wearable devices. With devices that are so firmly embedded into the fabric of people’s daily lives, hackers will be looking for ways to exploit the completely unique behaviors of each new device for their own gain. Wearables are creative solutions to help us streamline our lives, and the security threats that emerge around them will be equally creative.
If enterprises start thinking about security vulnerabilities for wearables now, the whole computing landscape will be poised to better handle developing security threats, whatever they—or the wireless devices they attack—may look like.
What wearable security measures have you seen enterprises taking in order to address vulnerabilities?