Bluetooth Attacks.docx
- 1. THE DAILY NEWS SATURDAY 22 September 2021 www.dailytechnologynews.com Bluetooth Attacks and Security Tips – Awareness Results in Better Protection The history of Bluetooth is quite recent – the 1990s, to be exact. Ericsson, a Swedish multinational active in the networking and telecommunications domain, developed Bluetooth. The name ‘Bluetooth’ comes from a renowned 10th century Danish King, Harald “Bluetooth” Gormsson, responsible for uniting Norway and Denmark. The Bluetooth logo is a combination of Harald’s initials. Dr. Jaap Haarsten is the man credited with conceiving the idea for Bluetooth, and while it was invented in 1994, the first Bluetooth enabled consumer product was only launched five years later in 1999. This a was a hands-free mobile headset,and its launch was followed by the launch of Bluetooth-enabled dongles and mice, with the first Bluetooth-equipped mobile phone hitting the shelves in 2000. The evolution in Bluetooth has been swift since it came into being in the 1990s: at first limited in reach, it has become an all-encompassing standard that caters to multiple use cases.From wireless music to file sharing, from device pairing to household appliances and accessories, the standard covers a gamut of uses. Bluetooth can be a security risk Any technology that has a massive and ever- increasing market penetration will inevitably be on the radar of hackers and cybercriminals. Their focus is always on the number of peopleusing a specific technology, it’s reach, and leverage. It’s no surprisethen that there are plenty of security risks associated with Bluetooth. Bluetooth works by establishing a Wireless Personal Area Network (WPAN) to connect Bluetooth enabled devices with one another. Bluetooth-connected devices share data with one another and you want this data to be safe and secure. Moreover, you don’t want criminals to gain access to your Bluetooth-enabled devices. There is a critical need for us to be aware of the associated risks so that we can take steps definitive steps to protect us against Bluetooth attacks. Some common types of Bluetooth attacks: BlueJacking Yep, no prizes for guessing it is a combination of two words – Bluetooth and hijacking. This is a typeof attack in which a Bluetooth-enabled device hijacks another Bluetooth device to send spamadvertising. Imagine youare in a public place with the Bluetoothon your Imagine you are in a public place with the Bluetooth on your device switched on. There is a criminal at work in the public space with a BlueJacking device, and they pair thedevice with yours and starts to spend spam-styleadvertising messages. At face value, this problem sounds like an annoyance more than anything else, but what if one of these messages contains a malicious link? Or is a carefully crafted message that convinces you to share sensitive personalinformation?A BlueJacking attempt can go from an annoyance to a critical security issue.
- 2. THE DAILY NEWS SATURDAY 22 September 2021 BlueSmacking (A DoS or denial-of-service attack) A DoS attack involves a server or device receiving a truckload of data packets, or even over-sized data packets it finds difficult to handle. The result is that thedevice shuts down or malfunctions. What if your Bluetooth device is considered important enough to launch a denial-of- service (DoS) attack against? This is not as farfetched as it sounds. Today, mobile devices are not just used for calling or sending messages. Phones, tablets, and laptops are being used to storeimportant information and execute programs that have a direct impact on a business-critical project. Now imagine a BlueSmacking attack against numerous such devices that are a part of a single organization. BlueSnarfing This is the more ‘frightening’ version of ‘BlueJacking’. While the latter sends data, theBlueSnarfing steals data. As in all attacks which aim to gain unauthorized access to data, you won’t realize someone has accessed your data until it is too late. Picture a scenario in which you are at the airport and having some free time on your hands before you board your flight, you decide to get some work done. Unbeknownst to you, the person sitting next to you is a hacker who is just waiting for an opportunity to BlueSnarf unsuspecting users such are yourself. If your Bluetooth is switched on, your device is paired clandestinely and thedata on your device is accessed, which can include emails, text messages, and much more. Eavesdropping We are living in a world where we are working from home and attending numerous business meetings throughout theday. Many of the headsets we use are Bluetooth enabled. Criminals can exploit vulnerabilities in such headsets and eavesdrop on your conversations. Here’s the really scary bit. Hackers can eavesdrop on theconversations you are having with the peoplearound you as well. This is the kind of breach of privacy that can result in bigger problems.
- 3. THE DAILY NEWS SATURDAY 22 September 2021 The ‘opensesame’ bug Cybercriminals can also create a backdoor on your device or laptop using Bluetooth. Once a backdoor has been established,the attacker can have a field day as they can access all manner of sensitive information stored on this device. You won’t realize it, but a criminal can spy on all youractivities on the device. Imagine the potential for havoc. How do you protect yourself? Now that you know the security risks, how do you protect yourself?It’s not that difficult if you take the basic steps. Always be very aware of where your device is. Do not misplace it or forget about where you have kept it. This is super important if you are working from a public space. Also, if you do lose your phone, make sure you can easily lock it remotely. Get into the habit of not using Bluetooth to transfer sensitive information. If you do share important files, encrypt them first. If you are not using your Bluetooth, turn it off. When you do this, you switch off a possiblecyberattack vector. Documentery made by:- Shravani S.Patil Class:- 9th A Roll no.:-12