Wearable technology has become so commonplace these days — one wouldn't automatically suspect their wrist to be the place where hackers would strike next.
But then again, these everyday gadgets have become so popular. The potential for an attack is just too obvious, too widespread but also too easy to miss.
ATM Passcode Cracking
In a Tech Times report on Tuesday, we uncovered how wearable devices, such as fitness trackers and smartwatches, can help criminals "guess" your ATM passcode. And by guessing, we mean actually arriving at the correct PIN with more than 90 percent accuracy after three tries. Just how did that happen?
The technique isn't even as complicated, or apparent, as one might think.
So, yes, that trusted fitness device monitoring your every heartbeat, every step, and every hand movement can give away your secrets. Here are three ways your smartphone and wearable gadgets make you vulnerable to hacking:
1. Your hand movements at the ATM can be tracked.
In the study on ATM passcode cracking mentioned earlier, researchers from Binghamton University and the Stevens Institute of Technology analyzed how wearables track hand gestures with great precision, even as you make a quick trip to the ATM.
This close monitoring gathers data on which digits your hands touch (as you type on the ATM keypad or screen). The data is based on the millimeter differences between each touch and the direction of each hand movement. All this is then picked up by the motion sensors embedded in the wearable.
The researchers matched the data with "guesses" made by a computer algorithm and turned up passcodes with an accuracy rate of more than 90 percent after three attempts.
What this means is that common everyday movements of the hand can be read and deciphered by wearables with surprising precision. And this can be exploited by an attacker.
2. The firmware inside your gadget can be attacked by malware.
This one is a classic move in any gadget-based attack: infecting the firmware of your smartwatch or fitness activity tracker with malicious software.
The firmware is simply the software that runs in that tiny device. Because firmware attacks are nothing new, manufacturers have gone on to create more robust software to prevent any corruptions taking place within a device. Of course, we can't say the same about most other cheaper (read: run-of-the-mill) wearables, which might not put so much premium on beefing up the insides of the device. Perhaps these brands are only out to make a buck off unassuming buyers?
3. Wireless connectivity can be compromised.
Sometimes, the vulnerability isn't even in the wearable itself but in the smartphone used to link up the wearable. As Gary Davis of McAfee reminds consumers: wearables sync up with your mobile phone over the short-range wireless spectrum of Bluetooth. Through this wireless connection, malware-infected mobile apps can infest your smartwatch or health tracker via your mobile phone. And that's when the malware starts taking over and stealing your personal data.
Keep reading Tech Times as we uncover ways to stay secure in a world of connected gadgets.