A woman is working at her laptop. Photo: Unsplash
Bluetooth has long been an integral part of smartphones and other gadgets, but that’s why it’s actively used by cybercriminals. Even without access to the Internet, a carelessly configured wireless communication module can become a “black hole” in the device’s security.
PCWorld writes about it.
Advertisement
How common are attacks via Bluetooth?
The exact number of successful Bluetooth hacks has not been reported so far: it is difficult to detect them, as most of them are carried out “quietly”, becoming apparent only after data has been stolen. The media regularly report new vulnerabilities in both protocols and microcontrollers: in March of this year, for example, researchers found a flaw in the popular ESP32 chip that allows hackers to carry out spoofing attacks. In 2017, when the BlueBorne attack was first described, 5.3 billion devices worldwide were at risk.
Every gadget with a Bluetooth chip — from a smartphone or laptop to a smartwatch, car, or wireless mouse — is potentially vulnerable. Corporate equipment is no better protected than home equipment: most companies do not control “device-to-device” connections. The consequences can be serious: in 2017, attackers hacked medical devices in the United States’ hospitals via Bluetooth, remotely interfering with pacemakers and insulin pumps.
Experts identify 11 types of Bluetooth attacks that exploit hundreds of vulnerabilities. The most famous among them are:
- BlueSnarfing, when files are stolen from a device via the OBEX protocol;
- BlueBugging, which opens a “back door” and gives the attacker full remote control;
- BlueBorne is the hybrid “airborne” worm that spreads between gadgets and creates the springboard for further cyberattacks.
To minimise the risks, experts advise keeping an eye on the module settings:
- Keep it in a non-searchable mode when not connecting;
- Use strong passwords or PINs;
- Avoid connecting in public places;
- Update firmware or OS in a timely manner to close vulnerabilities and never confirm unexpected connection requests.
This attentive attitude to the “second” wireless standard will make life much more difficult for cybercriminals and keep your data safe.
As a reminder, we wrote that cybersecurity experts have discovered the potential vulnerability that could threaten billions of devices around the world. It is the hidden command encoded in the Bluetooth chip used in many gadgets.
Read Novyny.LIVE!
Advertisement
