HP Study Reveals Smartwatch Vulnerability To Attack

X

An HP study of smartwatches has found that 100 per cent of the smartwatches tested contained “significant vulnerabilities”.Smartwatches may be becoming an increasingly popular choice for consumers, however the HP study warns that security should be a foremost consideration, confirming that “smartwatches with network and communication functionality represent a new and open frontier for cyberattack”.

HP leveraged HP Fortify on Demand in assessing 10 smartwatches, along with their Android and iOS cloud and mobile application components, uncovering “numerous security concerns”.

The study found that 100 per cent of the tested smartwatches contained significant vulnerabilities, including insufficient authentication, lack of encryption and privacy concerns.

Every smartwatch tested was paired with a mobile interface that lacked two-factor authentication and the ability to lock out accounts after 3-5 failed password attempts, with 30 per cent vulnerable to account harvesting, meaning an attacker “could gain access to the device and data via a combination of weak password policy, lack of account lockout and user enumeration”.

The study also found that, while 100 per cent of the test products implemented transport encryption using SSL/TLS, 40 per cent of the cloud connections continue to be vulnerable to the POODLE attack, allow the use of weak cyphers, or still used SSL v2.

Thirty per cent of the tested smartwatches used cloud-based web interfaces, all of which exhibited account enumeration concerns, while in a separate test, 30 per cent also exhibited account enumeration concerns with their mobile applications.

Seventy per cent of the smartwatches were found to have concerns with protection of firmware updates, including transmitting firmware updates without encryption and without encrypting the update files, while, with all the smartwatches collecting some form of personal information, HP noted privacy is a concern.

“Smartwatches have only just started to become a part of our lives, but they deliver a new level of functionality that could potentially open the door to new threats to sensitive information and activities,” Jason Schmitt, general manager, HP Security, Fortify, commented.

“As the adoption of smartwatches accelerates, the platform will become vastly more attractive to those who would abuse that access, making it critical that we take precautions when transmitting personal data or connecting smartwatches into corporate networks.”

Litheaudio 728x90 HP Study Reveals Smartwatch Vulnerability To Attack
Leaderboard 728x90 1 HP Study Reveals Smartwatch Vulnerability To Attack
240215 SAV R Volution CNewsFeb Leaderboard 1 HP Study Reveals Smartwatch Vulnerability To Attack
728x90 HP Study Reveals Smartwatch Vulnerability To Attack
BEL2385 4SQ Dock Banners 4SQ 728x90 HP Study Reveals Smartwatch Vulnerability To Attack
hitachi banner 728x90 HP Study Reveals Smartwatch Vulnerability To Attack
728x90 HP Study Reveals Smartwatch Vulnerability To Attack
QUEEN 728x90 HP Study Reveals Smartwatch Vulnerability To Attack
Flick of a switch 728x90 1 HP Study Reveals Smartwatch Vulnerability To Attack
05 Channel New Banner T30S COMBO 728x90 HP Study Reveals Smartwatch Vulnerability To Attack
728x90 Iconic HP Study Reveals Smartwatch Vulnerability To Attack
PAN0029 Digital Banners Curry Leaderboard 728x90 02 HP Study Reveals Smartwatch Vulnerability To Attack
BlueAnt 4SQM X5iPartySpeaker 728x90px HP Study Reveals Smartwatch Vulnerability To Attack
4SquareMedia 728x90 scaled HP Study Reveals Smartwatch Vulnerability To Attack
ARLO MG3 2024 Banner 728x90px HP Study Reveals Smartwatch Vulnerability To Attack
Whatmough 728x90 HP Study Reveals Smartwatch Vulnerability To Attack
728x90 HP Study Reveals Smartwatch Vulnerability To Attack
728X90 HP Study Reveals Smartwatch Vulnerability To Attack
Middleton 728x90px Product HP Study Reveals Smartwatch Vulnerability To Attack
Haier 728x90 1 HP Study Reveals Smartwatch Vulnerability To Attack
Martin Logan 728 x 90 HP Study Reveals Smartwatch Vulnerability To Attack
iP16 4SQRmedia 970 x 90 px 03 HP Study Reveals Smartwatch Vulnerability To Attack


YOU MAY ALSO LIKE