China says Wearable Tech Could Leak Secrets

MAIN-China-Army-smart-watch-ban.jpg

The Chinese military said fitness trackers and watches could send private and strategic data to hackers who've gained access to the vulnerable devices. China’s military released an ominous warning recently, telling troops and the wider public that network-connected wearable devices pose a national security risk when used by military personnel.

Published in the People’s Liberation Army Daily, “The moment a soldier puts on a device that can record high-definition audio and video, take photos, and process and transmit data, it’s very possible for him or her to be tracked or to reveal military secrets,” says the message, without mentioning any specific products.
The PLA cites a recent case in which an unnamed soldier from Nanjing tried to use a smart watch to take a photo with his comrades. The story may not actually be real: Even the smartest watches don’t usually have cameras, and the quote from the unwitting soldier, ”Come on, let me use my new smart watch to take a photo of everyone!”, seems too convenient to be true. But it’s plausible enough for the PLA to make its point about security.
In fact, the PLA and militaries the world over are probably less afraid of intentional acts like photographing and distributing classified information, and more worried about the passive data collection and transmission happening on these devices. The PLA’s warning says that fitness trackers and watches, if compromised, could send data on soldiers’ locations, movements, and even health conditions to whoever has gained access.
The warning doesn’t mention an outright ban of wearables by the PLA, but does cite China’s National Administration for the Protection of State Secrets, the Communist Party’s arbiter of classified information, as saying that “the use of wearables with internet access, location information, and voice calling functions should be considered a violation of national security provisions when used by military personnel.”
Indeed, such devices are not just bad for China’s military. The US in 2013 issued FitBit wristbands to soldiers as part of a trial fitness program. And the PLA would surely want, for its own purposes, data on the health conditions of all of its soldiers at any point in time.
Nevertheless, wearable tech is now on the growing list of cyberwar battlefields, alongside email inboxes and USB drives.
DefenseOne:  http://bit.ly/1Ac6CB1

« "Skynet" is Real and Could Flag You as a Terrorist
NSA Snowden is a 'hero' but not in the UK »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Q-CERT

Q-CERT

Q-CERT is the National Computer Security Emergency Team of Qatar.

Global Information Assurance Certification (GIAC)

Global Information Assurance Certification (GIAC)

GIAC provides certification in the knowledge and skills necessary for a practitioner in key areas of computer, information and software security.

NetExtend

NetExtend

NetExtend services include backup and recovery, endpoint protection, network monitoring, cloud portal and billing and payment solutions.

StackRox

StackRox

StackRox delivers a container-native security platform that adapts detection and response to new threats.

Appvisory

Appvisory

Appvisory by MediaTest Digital is the leading Mobile Application Management-Software in Europe and enables enterprises to work secure on smartphones and tablets.

Smarttech247

Smarttech247

Smarttech247 deliver a range of cyber security solutions, including cognitive security services using IBM Watson for Cybersecurity, SIEM, Compliance & Governance, and Penetration Testing.

Privacera

Privacera

Privacera enables consistent data governance, security, and compliance across all your data services - on-premises and in the cloud - so you can maximize the value of your data.

Trenton Systems

Trenton Systems

Trenton Systems are committed to providing high-performance computing solutions to customers running mission-critical applications in harsh settings worldwide and across various industries.

Luta Security

Luta Security

Luta Security implements a holistic approach to advance the security maturity of governments and organizations around the world.

SoftwareONE

SoftwareONE

SoftwareONE is a leading global provider of end-to-end software and cloud technology solutions.

TempoCap

TempoCap

TempoCap is a European growth-stage technology fund with offices in London and Berlin. We invest across a variety of high- growth sectors including cybersecurity.

Illustria

Illustria

Illustria is your agent-less “watchdog” for all open source libraries. Our mission is becoming a dev-velocity company, enabled via cyber security.

Reken

Reken

Reken are building a new type of AI platform and products to protect against generative AI threats.

RST Cloud

RST Cloud

RST Cloud is a cutting-edge technology company that specialises in threat intelligence solutions for businesses of all sizes.

ZEST Security

ZEST Security

The ZEST platform natively integrates into your technology stack to make efficient risk remediation possible.

Sandfly Security

Sandfly Security

Sandfly focuses on Linux security that is high performance, high stability, high compatibility, and low risk.