Smartwatches for kids could be hacked

The Norwegian Consumer Council (NCC) carried out a test on four smartwatches for kids, in order to test their security. These watches have features such as real-time location tracking and two-way phone calls with select contacts.

The tests showed that hackers could exploit security holes in these watches, allowing them to speak with these kids, even spoofing the address to let parents think that their kids are somewhere else.

The main vulnerability for these smartwatches for kids being: Traffic is stored and transmitted without encryption. *face palm*

Want to stay up to date with security news? Please subscribe to our NEW LinkedIN group , Like our Facebook page, or join our FREE Newsletter… Or do all! It’s free and you will always be informed.

UK retailer John Lewis has withdrawn one of the named smartwatch models from sale in response to the study. At the same time, manufactures insist that these problems have been fixed or being fixed.

Wearable received a statement from Techsixtyfour’s founder and CEO Colleen Wong in reaction to the NCC Report and it says the following:

“Since we started the company in September 2015, there have been no security breaches made known to me, members of my team or any partners that we work with directly.

A report by the Norwegian Data Protection Authority was sent to us on 13 September 2017, advising us of potential and specific vulnerabilities that had been found in the software used on the Gator Watch. After assessing the contents of the report, we took immediate steps to address every potential issue or vulnerability mentioned.

We have since been working on patches and taking action to ensure that these vulnerabilities are fixed. The changes implemented will result in a complete overhaul of the app. We expect this work to be completed by the end of October 2017 and have been working every day, with all the resources available to us, to ensure this is done quickly and effectively.

We do want to reiterate that no breach has ever taken place and no personal information has ever been taken by third parties as far as we aware of in the UK or abroad. We are taking this pre-emptive action unilaterally.”

These are concerning news, especially after we learnt this week that WPA2 could be hacked.

Before you jump on the wagon and get a smartwatch for kids, make sure you look up any security concerns about these watches.

 

Sources:

BBC
Wearable

Mohamad El Hout, MBA, M.Eng., CISSP

Mohamad is an entrepreneur and a Senior Security Consultant dealing with the design and delivery of standard and complex security gateway solutions, covering a wide range of cutting edge technologies. His interests include business, technology, leadership, sports, and the continuous pursuit of knowledge.

%d bloggers like this: