Smartwatches are great for tracking your steps, heart rate, and other health metrics.
But a recent study from Charles Darwin University (CDU) warns that these handy devices could also be a goldmine for hackers looking to steal your personal information.
The study, titled “Vulnerability Analysis and Exploitation Attacks on Smart Wearable Devices,” was presented at the 2024 2nd International Conference on Advancement in Computation & Computer Technologies (InCACCT).
Researchers examined a range of smart wearable devices, priced between $25 and $150, to see how vulnerable they are to cyber-attacks.
These devices, which help users monitor their health, fitness, and even conduct medical tests, often rely on Bluetooth Low Energy (BLE) technology.
BLE is popular because it uses less battery power, but this comes at a cost—security. According to the study, this trade-off makes BLE-powered wearables an easy target for hackers.
Dr. Bharanidharan Shanmugan, a Lecturer in Information Technology at CDU’s Faculty of Science and Technology, supervised the study. He and his team discovered that they could easily connect to these devices and access, or even manipulate, the data they collect.
“We could make someone’s heart rate appear higher or lower, track where they’ve been, and view other sensitive health information like blood pressure and ECG readings,” Dr. Shanmugan explained.
This kind of data is incredibly valuable. It could be sold to medical companies, used for targeted advertising, or help hackers build a detailed profile of the user. Dr. Shanmugan highlighted the growing concern that smartwatch manufacturers are not taking security seriously enough.
“If this issue isn’t addressed, we could see a rise in identity theft and financial fraud,” he warned. “Hackers could gain access to personal information, leading to unauthorized use of your identity or money.”
The risks aren’t just financial. There’s also the danger of health data falling into the wrong hands.
This could lead to blackmail or even physical harm, especially for vulnerable individuals like the elderly. In the business world, compromised devices could be used for corporate espionage, allowing competitors to steal valuable information.
A wave of lawsuits could also threaten the financial stability of smartwatch companies.
The study was conducted in collaboration with Christ Academy Institute for Advanced Studies in Bengaluru, India.
The findings underscore the urgent need for smartwatch manufacturers to prioritize security features in their products, ensuring that users can enjoy the benefits of wearable technology without compromising their safety.