Walls have ears and so do watches – The Smart Watch Bug

In recent years, the worlds of fashion, sport and technology have collided; the introduction of wearable devices provides consumers with live data such heat rates, number of steps walked or calories burnt on that 10km run. With apps providing weather forecasts along with the all-important ability to order an UBER to the wearer’s location or to pay for groceries without having to open a wallet or purse, wearable devices such as smart watches have taken the traditional time piece a long way since the Author’s first digital CASIO in 1980. As someone once wrote, “With the introduction of the Internet of Things, comes the Internet of Evil Things” and this is also apparent with BYO devices, including smart watches, to the work place.

a couple of smart watches
Wall have ears, so to watches

 In the modern world of corporate espionage and IP theft, corporate security protocols should include regular Technical Surveillance Countermeasures (TSCM) during which sweep teams survey for surreptitious listening / recording / transmitting devices (in their various forms) and hidden cameras, particularly within the executive suite of offices and board rooms. Typically, if a board room is swept the night before an important board meeting, the room is security sealed and or a security guard maintains the ‘clean’ environment until the relevant dignitaries arrive. Contemporary security protocols require board meeting attendees to surrender their mobile phones prior to entering the board room or have their devices placed in some form of Faraday bag or container to prevent mobile connectivity.

Modern smart watches provide mobile phone connectivity through Bluetooth, enabling the wearer to take mobile phone calls from their watch (whilst running on the gym treadmill) having left their mobile phone in a locker. The threat of a rogue employee is one of the hardest for security management to detect. Having left their mobile phone in a desk, the rogue employee attending a board meeting wearing a Bluetooth tethered smart watch on a live telephone call, could potentially compromise the meeting; all discussed information could be leakage, all of which undetected until it is too late, despite the previous night TSCM survey.

Australian Bug Detection Group recently conducted tests on the new Samsung S3 Frontier watch which was tethered to a Samsung Galaxy S5 mobile phone via Bluetooth; the mobile phone (which was on an active call) was positioned in a different room approximately 8m from the watch. The OSCOR Green screen capture below illustrates strong Bluetooth activity between the two devices during the watch / phone communications (as well as other local WiFi traffic).

a screen shot of a Bluetooth activity on spectrum analyser
Blue tooth activity

In today’s technical environment, security managers should consider including live monitoring during important executive meetings as part of their ongoing security protocols and not be content with only pre-meeting TSCM sweeps. Australian Bug Detection Group provides professional TSCM surveys to corporate and Government departments. As part of our portfolio of services, we can provide live monitoring of board meetings as well as off site meetings to detect the presence of rogue transmitters including Bluetooth activated devices such as smart watches.

Contact Australian Bug Detection Group today to discuss your security.

HOME
ABOUT
SERVICES
FAQ
BLOG
CONTACT