As the International Consumer Electronice Show (CES) 2015 brings forth the next generation of devices to watch out for, it also opens issues of digital security. While new technologies and devices are always interesting, they also have the potential to burn consumers and vendors with risks to security and privacy. With these in mind, we picked out four tech trends from CES 2015 can impact your data and privacy.
Wearables and Portables
Vendors are now in a “war for your wrists” as newcomers jump in with wrist-worn smart devices that can connect to mobile devices, take calls, get reminders, answer messages, log fitness data, display social notifications, track sleep patterns, and/or even control a car system. One Bluetooth-connected bracelet can reportedly last a year on one charge by displaying your mobile notifications in E-ink.
Other types of wearables were featured as well. Notable—even quirky—ones include a smart belt that tracks your weight, a smart ring that lets you control home appliances, and a thumb-sized clip-on camera that takes photos every half-minute.
Most of these wearables connect to an app that can be remotely controlled via smartphones or tablets. As a result, they may rely on security settings afforded by mobile devices, which is rather disconcerting given that there are now a total of 4.37 million malicious and high risk apps out there, including fake ones that may allow cybercriminals access to data from wearables.
You are what you wear, but, in this day and age, you might just be what your wearable devices say you are. Seeing as wireless connections allow wearables to sync data in real time, bad guys may just get an accurate picture of your personal life to the last second—personal conversations, social shares, time of sleep, owned appliances, and photos included.
3 Security-Related Categories of Wearables
2 Ways Attackers Can Get Data on Wearables
The Most Damaging Type of Attack for Wearables
Health Trackers and Gadgets
Health records are sensitive pieces of data as they can affect many external aspects of an individual’s life, such as employment, insurance liabilities, or social standing. CES 2015 served as host to a number of digital health innovations that transfer health records, such as a diabetes tracker that can log insulin injection time and share it to your doctor, a smart scale for pregnant women, and blood pressure monitors that connects to mobile devices.
The mentioned technologies promised convenient ways of tracking one’s health but did not say what happens to the data once they’re shared to others—relatives, doctors, or other health professionals—or if there are ways to limit access to them. With the number of healthcare breaches last year, consumers who may use these products prior to ensuring their privacy and security policies may end up with stolen health data.
Innovative Smart Home Appliances
Who wasn’t impressed by the ultra-high definition screens of the 4K television sets unveiled during this year’s CES? More than these, the floor was peppered with appliances that promise a bright, smart home future. Known home kit hubs add more brands and gadgets for setting up a connected home system. A new keyless lock system connects to your Apple device, assuring end-to-end encryption and authentication.
We did see home system providers improve on security by encrypting data, but other system holes remain at risk. A new router model’s ultra-fast connection, for instance, may prove convenient for hackers. Moreover, the complex requirements of running a connected home may prove too much for households.
“Managing a household full of smart devices calls for the skills of both a multi-user IT administrator and a handyman. Let’s call this role the Administrator of Things (AoT). Ordinary users are being asked to take on this role despite scant evidence that they are ready for it.” – Geoff Grindrod, Trend Micro Director of Threat Intelligence Services
“Beyond the standard security concerns of any connected device, the primary security concern with 3D printing is around intellectual property.”– Mark Nunnikhoven, Trend Micro VP of Cloud and Emerging Technologies
With intuitive 3D printers advertised to “beginners and enthusiasts” starting to come into the market, 3rd parties will likely enforce digital rights management (DRM) to restrict what you can or cannot print on a printer. However, we have seen issues of DRM being used by 3rd parties outside their purpose.
In addition, affordable 3D scanners and printers may help consumers as much as it helps scammers. Soon the ads that have been spotted in the underground market for mass producing ATM skimmers via 3D printing may become a norm in the global threat landscape.
CES is a major technology event followed by consumers and vendors alike, one that effectively answers the question of what’s hot, what’s new, and what’s next in the world of consumer electronics. But should it stop at that? Given its vast reach, we should also think about “What Happens Next”—stoking discussions on the real-world impact of the presented technology, including the security implications to its possible users.
- CES 2015: Spotting Devices and Policies that Secure IoE Data
- IoE 101: How to Explain All Things Smart, Wearable, and IoE
- Smart Lock Devices: Security Risks and Opportunities [blog]
- The Internet of Everything: Layers, Protocols and Possible Attacks
- The Security Implications of Wearables, Part 3