ESET report: The pitfalls of smart accessories


It’s not just smart phones that are popular. Now smart watches and other wearables are flooding the market. How you will ensure the protection of your personal data?

These devices increasingly connect us with people who are far away, support our daily needs and desires, enable us to manage some data and, of course, are a… resounding fashion statement. “The collaboration of technology with fashion may be what attracts some people to these devices, but we all need to understand the risks involved in using such a device,” say experts from digital security company ESET.

As diverse as a fashionista’s wardrobe

According to an ESET announcement, wearables can have many forms and functions, from smart watches used to support the functions of our phones, to rings or fitness belts used to monitor our pulse or oxygen levels, or glasses that can enhance our reality by artificial means. Yet, variety comes with increased risks.

According to a recent survey, the wearables market is expected to grow by 12.9% from 2023 to 2030, with its current size already standing at US$71.91 billion. The best-selling products are devices worn on the hand, head, and eyes.

It is obvious that now we all need to be aware of the security risks of using such electronic devices. “These devices present even greater security risks than smartphones, not only for consumers but also for businesses,” say experts from ESET.

Your health information – accessible to all

Modern times require a modern risk assessment, which is why we should be more aware of the problems that these devices can cause from a safety point of view. As long as people choose mobile devices that can connect to the internet, cybercriminals will try to access personal information on or through these devices.

Many people like to run around wearing the most sophisticated sports watches and smartwatches, with the annual increase in sales of these devices having reached 30%. The fact that these devices can monitor and report their owners’ health metrics is just one of many concerns.

Previously, such health data was only useful to the users themselves or their doctors. Today, however, this data may end up in the hands of third parties, who may sell the information or use it to create personalized ads. In the worst case, a criminal can misuse this data to very accurately track the location the person is in, their habits, and other details.

At the same time, the potential connection of mobile devices to the company’s networks can create unnecessary risks to business security, as these wearables often share their connections with phones, creating a potential carrier for cyberattack.

The same thing happens with phishing, vishing or smishing attacks that spread throughout the digital world they are also a threat to portable watches, since, very often, their functions now approach those of a phone.

Further safety concerns

Many security experts warn that smartwatches too often don’t have adequate user authentication methods, as they don’t prompt users to create strong PINs or passwords to unlock their devices.

But even if they do, these measures are often weak, as the devices in question do not offer the same set of processing power to provide complex authentication measures, such as telephones. Still, even a simple password is better than having no password.

Another thing of concern is data storage. This is because smart watches now have their own drives, and the data stored on them often lacks encryption or, even worse, uses cloud solutions to transfer said data, which could be hacked relatively easily by a MITM (man in the middle) attack, for example.

Such a thing we can say that it also applies to the Bluetooth connection between the watch and the phone, since simple data detectors are able to intercept the transfer of data from the watch to the phone or vice versa.

What you can do

Fortunately, there are ways to make using your mobile devices more secure. As with anything else, user error is the most common cause of successful attacks, so training in practical ways to mitigate this phenomenon can be of great help.

Two more cents on the matter from the NEMECYS team

Some smart devices do not encrypt data, which can make it easier for hackers to intercept and steal your personal information.

  • Weak passwords: Many people use weak passwords or PINs to secure their smart devices, which can make them more vulnerable to hacking.

  • Malware: Smart devices can be infected with malware just like any other device.

  • Lack of security updates: Some smart device manufacturers do not provide regular security updates, which can leave your device vulnerable to new threats.

To protect yourself from these risks, you can take some steps such as:

  • Use a strong password or PIN to secure your device.

  • Turn off location tracking when not needed.

  • Be cautious when downloading apps and only download from trusted sources.

  • Check app permissions.

  • Regularly update your device’s software to ensure that any security vulnerabilities are patched.

Moreover, smart cybersecurity accessories, such as password managers, two-factor authentication devices, and virtual private network (VPN) services are widely preferred, as people seek to protect their online identities and sensitive information from hackers and cybercriminals. However, there are several pitfalls associated with them that users should be aware of. Here are a few:

  1. False sense of security: While smart cybersecurity accessories can help protect your online data, they can also give you a false sense of security. It is essential to remember that no security measure is foolproof, and hackers can still find ways to breach even the most advanced security systems. Therefore, it is essential to remain vigilant and use multiple security measures to protect your online information.

  2. Dependence on technology: Smart cybersecurity accessories can create a dependence on technology that can be problematic if the technology fails. For example, if your password manager crashes or your two-factor authentication device is lost, you may be locked out of your accounts. It is crucial to have backup plans in place to ensure that you can access your accounts even if your technology fails.

  3. Cybersecurity risks associated with third-party providers: Many smart cybersecurity accessories are provided by third-party vendors, and there is always a risk that these providers may be hacked or compromised. For example, a VPN service may be hacked, and your data could be exposed. It is essential to choose reputable vendors and do your research to ensure that your information is protected.

  4. User error: Even the best cybersecurity accessories are only as good as their users. For example, a password manager is useless if you use weak or easily guessable passwords. Similarly, two-factor authentication can be compromised if you use the same device for both authentication factors. It is essential to use these accessories correctly and follow best practices to ensure that they are effective.

In summary, smart cybersecurity accessories can be a useful tool in protecting your online information, but users should be aware of the potential pitfalls associated with them. It is essential to remain vigilant and use multiple security measures to protect your data.