China says Wearable Tech Could Leak Secrets

Uploaded on 2015-05-20 in INTELLIGENCE-Hot Spots-China, GOVERNMENT-Defence, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Developments

MAIN-China-Army-smart-watch-ban.jpg

The Chinese military said fitness trackers and watches could send private and strategic data to hackers who've gained access to the vulnerable devices. China’s military released an ominous warning recently, telling troops and the wider public that network-connected wearable devices pose a national security risk when used by military personnel.

Published in the People’s Liberation Army Daily, “The moment a soldier puts on a device that can record high-definition audio and video, take photos, and process and transmit data, it’s very possible for him or her to be tracked or to reveal military secrets,” says the message, without mentioning any specific products.
The PLA cites a recent case in which an unnamed soldier from Nanjing tried to use a smart watch to take a photo with his comrades. The story may not actually be real: Even the smartest watches don’t usually have cameras, and the quote from the unwitting soldier, ”Come on, let me use my new smart watch to take a photo of everyone!”, seems too convenient to be true. But it’s plausible enough for the PLA to make its point about security.
In fact, the PLA and militaries the world over are probably less afraid of intentional acts like photographing and distributing classified information, and more worried about the passive data collection and transmission happening on these devices. The PLA’s warning says that fitness trackers and watches, if compromised, could send data on soldiers’ locations, movements, and even health conditions to whoever has gained access.
The warning doesn’t mention an outright ban of wearables by the PLA, but does cite China’s National Administration for the Protection of State Secrets, the Communist Party’s arbiter of classified information, as saying that “the use of wearables with internet access, location information, and voice calling functions should be considered a violation of national security provisions when used by military personnel.”
Indeed, such devices are not just bad for China’s military. The US in 2013 issued FitBit wristbands to soldiers as part of a trial fitness program. And the PLA would surely want, for its own purposes, data on the health conditions of all of its soldiers at any point in time.
Nevertheless, wearable tech is now on the growing list of cyberwar battlefields, alongside email inboxes and USB drives.
DefenseOne:  http://bit.ly/1Ac6CB1

« "Skynet" is Real and Could Flag You as a Terrorist
NSA Snowden is a 'hero' but not in the UK »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Outpost24

Outpost24

Outpost24 provides easy to deploy and intuitive solutions to continuously identify, remediate and mitigate vulnerabilities in your network.

Astra Security

Astra Security

Astra's website security solution provides real-time protection against malware, hackers, SQLi, XSS, DDoS, LFI and RFI.

Prevalent

Prevalent

Prevalent takes the pain out of third-party risk management. Companies use our services to eliminate the security and compliance exposures that come from working with vendors and suppliers.

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

G DATA CyberDefense

G DATA CyberDefense

G Data developed the world's first antivirus software. We now ensure the security of small, large and medium-sized companies all over the world.

CyberGhost

CyberGhost

CyberGhost is a Virtual Private Network services provider offering secure encrypted access to the internet.

Greenetics Solutions

Greenetics Solutions

Greenetics Solutions is a company focused on providing solutions for information security.

Lepide

Lepide

LepideAuditor is a powerful Data Security Platform that enables you to reduce risk, prevent data breaches and prove regulatory compliance.

Secon Cyber Security

Secon Cyber Security

Secon Cyber Security is an Advanced Managed Security Services Provider with long standing experience of providing cyber security solutions to customers ranging from small to large enterprises.

ArcusTeam

ArcusTeam

ArcusTeam is at the forefront of the firmware and applications security industry, with a mission to increase the level of security on all IoT devices and applications.

Foundries.io

Foundries.io

Foundries.io have built a secure, open source platform for the world's connected devices, and a cloud service to configure this to any hardware and any cloud.

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric cybersecurity practitioners charged with defending hybrid cloud environments.

Anvilogic

Anvilogic

Anvilogic provides a unifying experience for security professionals aimed at providing improved visibility, enrichment, and context across hundreds of alerting datasets and security tools.

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

Trickest

Trickest

Trickest enables Enterprises, MSSPs, and Ethical Hackers to build automated offensive security workflows from prototype to production.

Xcelerate Solutions

Xcelerate Solutions

Xcelerate Solutions is a leading defense and national security company, providing integrated solutions in three service areas – Enterprise Security, Digital Transformation, and Strategic Consulting.