KoolSpan U: Weekly Word Wednesday – The “Blues”
Many of us remember the days when the only way to connect our multitude of devices was with a tangled mess of cables. Luckily, today we are able to avoid those pesky wires with Bluetooth technology, which allows users to share between devices via short range radio frequencies (RF). The bad news? Hackers have found several ways to exploit this new technology, including:
- Bluejacking – Often used for marketing purposes, this process gives the attacker the ability to infiltrate a device with messages and advertisements, similar to spam and phishing attacks in which users often receive via email. The most damage is often done when users attempt to respond to the message, resulting in a slew of social engineering attacks in which users may be tricked into supplying private information to the attacker.
- Bluesnarfing – Large amounts of data like contact lists and emails are at risk of being stolen through this method of attack. One unique piece of data contained in mobile devices, known as the international mobile equipment identity (IMEI), is also a popular target; given access to this identifier, the attacker is actually able to divert incoming calls and messages to another device. Perhaps the most frightening element of this kind of attack is that it can be done without any indication to the user.
- Bluebugging – In addition to having all the capabilities of bluesnarfing, including intercepting phone calls, this process allows the attacker to place calls of their own through the compromised device and even pick up phone conversations in the device’s surrounding areas.
- Bluesmacking – A kind of denial-of-service attack, a bluesmack attack overwhelms the Bluetooth-enabled device with a number of malicious requests, which then in turn drain the device’s battery, rendering the device useless.
As with most cyber attacks, there are a few things you can do to try to prevent Bluetooth hacking from happening to you and your company:
- Keep your device off of the “discoverable” mode unless you are in the process of pairing devices.
- Avoid using Bluetooth-enabled devices to transmit confidential data as you never know who may intercept it.
- Use strong passkeys and be cautious when prompted to enter them.
- Keep Bluetooth-enabled devices in your possession as location is key to many attacks.
- Do not accept any invitations to pair devices or open attachments or messages which you are not expecting.
Although more security measures have been put in place over the years to make Bluetooth technology safer than it was in the technology’s infancy, it is important to be alert and responsible as it could only be a matter of time until cyber criminals find a new way to get past these layers of security. Koolspan’s TrustCall is another way in which users can protect their devices with encryption that significantly increases the security of a mobile device, disabling eavesdropping on calls and messaging.