Loading...

Digital wearables posing unique security threats to users’ data

Digital wearables posing unique security threats to users’ data
Photo Credit: Pixabay
24 Jun, 2022
Loading...

As consumers grow more conscious of their health, medication and fitness, and are inclined to monitor themselves much closer than ever before, the market is flooded with digital wearables, including smartwatches and fitness trackers. Unfortunately, these devices are posing unique threats to the security and privacy of customer data, according to the Institute of Electrical and Electronics Engineers (IEEE), a global organisation for technical professionals. 

“By connecting a wearable to an extended ecosystem, one is exposing a larger attack surface,” cautioned Aiyappan Pillai, IEEE Senior Member.  

“Cybersecurity experts look at this as a supply chain that includes a data generator, an analytics engine and a service provider. Each link in the chain, including the connecting networks, presents a potential risk,” he added.  

Loading...

As per a document shared by the IEEE, most criminal intrusions of computer networks have a financial motive. That may lead people to conclude that wearables have a low cybersecurity risk. But wearables data, especially in healthcare settings, is often tied to financial information. 

“By connecting a wearable to an extended ecosystem, one is exposing a larger attack surface,” said Pillai. “Cybersecurity experts look at this as a supply chain that includes a data generator, an analytics engine and a service provider. Each link in the chain, including the connecting networks, presents a potential risk.”  

Most criminal intrusions of computer networks have a financial motive. That may lead people to conclude that wearables have a low cybersecurity risk. But wearables data, especially in healthcare settings, is often tied to financial information. 

Loading...

“Depending on the organisation from which it was obtained, stolen health data can be extremely valuable because it often includes so much personally identifiable information – including birthdays, email addresses and other login information that can be used for identity theft purposes,” said IEEE Senior Member Kevin Curran. 

Hospitals, for example, might maintain extensive databases of personally identifiable information for billing purposes. Hence the rise of wearables, implants and other connected devices adds a new dimension to cybersecurity risk.  

“Having such a large and diverse array of devices connected to the network will mean that there will be countless connected endpoints in each hospital. If proper visibility of the network is not achieved, then each endpoint will represent a potential vulnerability to try and exploit for cybercriminals,” he added 

Loading...

Curran recommended that consumers should try to buy wearable devices from a reputed manufacturer. According to him, the key security weakness of wearable devices can be their lack of security updates. 

“There is no legal requirement for wearable manufacturers to provide a roadmap of security updates for a specified period. However, the larger the manufacturers are, the more likely they are to provide patches in the future,” he said. 

App designers need to also ensure user-friendliness while incorporating security measures that cater to all categories of users, including older patients that may not have familiarity with newer technology.  

Loading...

Some security features that consumers should look for include “strong multi-factor authentication methods for device access, which may be biometric, such as fingerprint voice recognition, iris recognition, passwords and location-based authentication. Also, for makers of wearables, building secure products will be the key to success as security challenges grow, the IEEE paper noted.  

Needless to say, India has been witnessing massive adoption of wearable technology in recent years. According to research firm International Data Corporation India (IDC), the wearables market in India had a record-breaking double-digit growth in the first quarter of 2022, with shipments surpassing 13.9 million devices.