All smartwatches tested by HP are vulnerable to cyberattack


Smartwatches pose significant security risks in the enterprise | Source: Kārlis Dambrāns, CC2.0

As more people buy smartwatches and bring them into the enterprise, these same devices could pose significant security risks, a new study by HP found.

HP's Fortify security unit tested 10 different smartwatches and found that all of them were vulnerable to cyberattacks. [  click to tweet]

Although HP did not say which smartwatches it tested, it did say that the testing included the devices and their Android and iOS cloud and mobile app components, indicating that the Apple Watch was one of those tested.

The top five smartwatch vulnerabilities include insufficient user authentication and authorization, lack of transport data encryption, insecure connections to cloud and mobile interfaces, insecure software and firmware, and privacy concerns.

"As the adoption of smartwatches accelerates, the platform will become vastly more attractive to those who would abuse that access, making it critical that we take precautions when transmitting personal data or connecting smartwatches into corporate networks," said Jason Schmitt, general manager of HP security at Fortify.

In assessing the security of the 10 smartwatches, HP said that it combined manual testing and automated tools and assessed the devices and components based on the open web application security project's Internet of Things Top 10 security risks presented by IoT systems.

For more:
- see the HP release
- read the full report [pdf]

Related Articles:
Apple Watch gets thumbs up from early adopters
Smartwatches dominate enterprise wearable interest, 451 Research found
Quantum introduces smartglasses interface to make navigation through AR easier