Eight cyber risks associated with the use of wearables

14 Jul 2017
2 Minutes of reading
  • The S2 Grupo team has warned that the use of this technology could expose users’ sensitive information on the Internet, that it is essential to protect to avoid being victims of cyberattacks.
  • Failure to establish proper privacy of the application associated with the device, leave Bluetooth connected or accept unnecessary permissions for its operation, could jeopardize the privacy of its owners.

Valencia, July 12, 2017.- Wearable technology is currently one of the most used and it is expected that its trend will continue to rise in the coming years. It includes devices of all kinds that people carry with them to interact in some way (for health, entertainment, sport, etc.). Its usefulness is very attractive to users since they can allow from knowing the exact location of your child to registering the exact route they do when they go running, among many other options. Therefore, S2 Grupo has warned that this exposure in the Internet of people who use the apps connected to these wearables may entail some cyber risks that it is imperative to take into account before activating them. "Just as a device of this type allows us to know where our child is, it can also serve to make this information known to a cybercriminal. In the same way, we can be at risk of others knowing the exact route we do when we run or we could be a victim of extortion if they access private talks or our gallery of images", said José Rosell, associate-director of S2 Grupo. Eight cyber risks of wearables and how to improve our cybersecurity:

  1. The security of the servers where data is stored.- Although this does not depend on the user, if the company creator of the device does not have secure servers, we run the risk of our information being accessible to possible cyberattacks.
  2. Unsafe privacy policies.- The first step in starting to use a wearable is to download the application that allows you to update and record all the information. Here it is essential to verify that it is a privacy policy in conditions that guarantee the protection of user data. We need to know what data they will store, why and how they will be processed to ensure that they are not transferred to third parties for their benefit.
  3. Unsafe configuration of the profiles.- In this type of applications the main risk is not so much the interactivity that their users have, but because they usually configure their profiles with an insecure privacy. It is important to review this to protect our information to the maximum extent possible.
  4. The information is usually public by default.- Especially in the applications of these devices related to sport, you can access by default to any other member and know their activity. In this way, the information of a user is exposed to anyone who uses the same application and a cybercriminal could prepare a targeted attack with information that, without much effort, he could find. The best thing to do is to make an appropriate privacy configuration of the profile, avoiding sharing all the information in a public way.
  5. Beware of requested permissions.- It is essential to verify that the permissions requested by the app are those strictly necessary for its operation.
  6. Be careful of passwords.- It is essential to use strong passwords to access the application if we want to prevent potential digital offenders from accessing our data.
  7. They usually need the bluetooth connection. - Once the wearable is used, many times it is necessary to connect the bluetooth to dump the data in the app and to see the progress that is made or any other information that it provides. This action really leaves the user exposed and could open a door easily accessible to the device. Once done, it is important to disconnect again to prevent it from being accessible to any digital attacker.
  8. Always be aware of the updates of the application.- As new versions appear have to be installed because they usually incorporate measures to prevent security vulnerabilities.

More information: