Saturday, May 27, 2023

The Top 3 Cyber Risks To Your Wearable Device

 


I am not one to mention abut my personal lifestyle on my blogs, but today, I want to share with you something.  Ever since the beginning of this year, I was diagnosed with acute congestive heart failure.  It got so bad one time that I was in the hospital for a week as the doctors and nurses tried to drain out the fluid build up in my lungs. 

I am doing OK now, but now I have been told that 65% of my heart is actually dead, and only 35% of it is actually working.

This simply means I do not know how much longer I have.  But I am trying to live each day to the fullest that I can.  The reason why I bring this up is that if things don’t improve much, my cardiologist is seriously thinking of implanting a pacemaker in me. 

I am not afraid of that per se, but it is considered now to be an IoT device….and of course, that brings up some huge Cyber risks.

But it is not just that, just about all sorts of implanted medical devices, and even wearables that keep track of your health and daily movements are now posing a huge Cyber risk for the people that use them.  Consider some of these stats:

*On a global basis, there have been well over one million who have been at grave risk from having their devices tampered with, even endangering their own lives.

*This market is going to be a prime target for Cyberattackers – as it will have a market value of over $265 billion by 2026.

(SOURCE:  https://www.marketsandmarkets.com/Market-Reports/wearable-electronics-market-983.html#:~:text=Updated%20on%20%3A%20March%2029%2C%202023,a%20highest%20CAGR%20of%2039.12%25.)

But keep in mind that there are two distinctions to be made here – the implanted medical devices, and the normal technological wearables that people use.  In terms of the former, the Federal Government is already taking aggressive steps to protect people. 

For example, the FDA has been making announcements that it plans to implement much more stringent guidelines for the implementation of security in these devices, which to me is great news.

Then there is the latter – those devices that let you know how many steps you are taking, your heartbeat, oxygen rate, etc.  Here are the Cyber risks that are posed to them:

1)     It is made of the latest and greatest:

Those wearables that I have just mentioned come with the best technology available.  Meaning, they can track more information about you than you realize.  While you might think it is just collecting the basic info about you, more than likely it is getting a lot more than that.  Unfortunately, the vendors that make these devices don’t reveal what is being collected per se.  The best bet to protect yourself in this situation is to try to find the privacy settings, and try to restrict the stuff that is being collected from there.  Also keep in mind that wearables are very small devices, and they can be lost or stolen even easier than your smartphone.  For that matter, the vendors in this regard have been proactive.  They have implemented the use of MFA, in which you have to present at least three or more authentication details about yourself before you can use it. If your device offers the use of Biometrics (such as Facial Recognition or Fingerprint Recognition), use it.  That is much more secure than using a password or PIN number.

2)     Make sure encryption is being used:

Encryption is simply a fancy term for the scrambling of data so that it remains in a garbled, and meaningless state until it is descrambled.  But in order to do this, the person needs to have a private key to unlock it.  This is a strong safety mechanism which ensures that if your health data does fall into the wrong hands, the chances are greatly minimized that nothing bad will happen to it (like being sold on the Dark Web, being given out to the public, etc.).  So the bottom line here is that the next time you go shopping for a wearable device, make sure that not only it has MFA on it, but that the data which it will store about you will also remain encrypted as well.

3)     Use the remote wipe:

Along with the above security features that you need to be sure about, also make sure that the wearable device you are thinking of buying also comes with what is known as a “Remote Wipe” feature. This is where you can actually delete your private data in case you lose your device.  For example, if you are out jogging somewhere, and your wrist device accidentally falls out, through your smartphone or even any other wireless device, you can issue a command that will automatically delete the data that resides in it. But keep in mind that this is only a temporary solution.  Stored information is really never truly deleted, and if the Cyberattacker is smart enough, they will find a way to access it.

My Thoughts On This:

As mentioned earlier in this blog, wearable devices are part of the IoT ecosystem.  Meaning, as they get more advanced in terms of technology, they will become that much interconnected to other things, in both the physical and virtual worlds.  In fact it is even predicted that there will be well over 29 billion of them by the year 2023. (SOURCE:  https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/)

So this means that the effort you have to take to protect yourself is only increasing significantly.  Obviously, you can start with the steps outlined here, or better yet, the best protection is just don’t even use them.  When you go outside for that walk or jog, just simply enjoy the nature and beauty of the outdoors.

That is what I do, and in the medical I am in, it works wonders.

 

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...