Islamabad, Feb 3: The Cabinet Division has issued a crucial cybersecurity advisory to address the growing security risks posed by wearable smart devices in high-security settings. This advisory is aimed at safeguarding sensitive data and preventing potential cyber threats from devices such as smartwatches, fitness trackers, and other wearables.
These devices, while convenient, may inadvertently expose classified information, raising concerns about data breaches, unauthorized tracking, and cyberattacks, especially in offices, meetings, or areas where security is paramount.
Wearable devices are increasingly being targeted due to their vulnerabilities. In 2018, location data from Fitbit users inadvertently revealed the locations of secret facilities, leading to security breaches. Similarly, vulnerabilities in popular devices like the Apple Watch have been exploited, with third-party apps bypassing authentication mechanisms.
Read More:
MDCAT Retest Inquiry Finds No Evidence of Grace Marks
One high-profile incident involved Garmin in 2020, when a ransomware attack encrypted their data, causing widespread service disruptions and significant financial losses.
To minimize these risks, the Cabinet Division’s advisory outlines a series of stringent measures. Before wearable devices are allowed in sensitive areas, they must undergo a formal evaluation and auditing process. This will assess their security architecture, data encryption standards, and authentication features. Devices that fail to meet security protocols will be banned from use until their vulnerabilities are addressed.
The advisory mandates a strict ban on wearable devices in areas with confidential discussions or operations. Approved devices must undergo thorough security assessments, with non-essential features like GPS and Bluetooth disabled. Regular firmware updates and network access restrictions will apply, limiting access to devices that meet high security standards. Multi-factor authentication (MFA) will be required for all devices in critical environments.
Regular audits will ensure compliance with these security guidelines. Organizations handling sensitive data must enforce strict controls on wearable devices to prevent unauthorized access, data leaks, and other security risks.
Failure to comply with these measures could result in significant breaches, underscoring the need for heightened vigilance and proactive security strategies.
