How Bluetooth can be an attack gateway

News
By published

Why such connectivity comes with risk

How Bluetooth can be an attack gateway
(Image credit: Pixabay)

Recent data indicates there are 26.6 billion IoT devices currently in use in 2019 and this figure is set to rise significantly to 75 billion by 2025. While these IoT devices offer a range of benefits, contributing to more intelligent enterprises, they also create new security risks that work around antivirus protections.

For instance, one threat which is often overlooked is Bluetooth. While most people think of Bluetooth as a harmless technology that facilitates wireless connections between devices, it can actually create significant security risks when not managed properly, especially when users forget to add in authentication measures.

About the author

John Stock is the product manager at Outpost24.

Connectivity comes with risk

Initially developed in 1998, Bluetooth is a wireless communication protocol that connects devices together. Whether using the latest wireless headphones, connecting phones to car handsfree systems or transferring files to colleagues, Bluetooth has proven to be a convenient tool in this wireless age. So much so, it has now established itself as standard technology, built within nearly every device or computer system on the market. However, like any piece of tech, convenience exposes vulnerabilities and security risks, causing endless headaches for the modern security professional.

Sophisticated hackers with sinister intent have exploited several Bluetooth flaws to steal data or install malware, whether that be via Bluetooth chips, targeting mobile devices or even navigating through car entertainment systems. Some of the most high-profile Bluetooth attacks include:

  • BlueBorne - a zero-day vulnerability that allowed a hacker to take over a device and carryout man-in-the-middle attacks to extract information. First discovered by security researchers in September 2017, BlueBorne was found to have infected an estimated five billion mobile devices, IoT units and PCs. Labelled as an airborne attack, BlueBorne didn’t rely on the Internet to travel, instead spreading from device to device via Bluetooth. What’s worse, it didn’t need the devices to have been previously synced. If the Bluetooth was on or enabled, it allowed the hacker to leach to the device and infiltrate the system. This stealthy approach means the victim would be unaware that their device had been infected.
  • Bluetooth Low Energy Jamming - Bluetooth Low Energy (BLE) is a condensed version of the Bluetooth protocol tailored for IoT devices. While it offers limited computing and power resources, it still opens a channel for communication. However, at DefCon 2018, security researchers disclosed BLE jamming, a new threat with the potential to allow cybercriminals to jam and takeover any BLE device within a certain radius. It is one of the reasons that experts at most security conferences advise attendees to disable Bluetooth in an effort to prevent a malicious attack. In fact, for those attending any security conference, its advisable to disable all forms of wireless connection, and if essential, ensure you use devices you can reset after leaving.
  • Bleedingbit – discovered by the same security researchers who uncovered BlueBorne, Bleedingbit can impact businesses around the world. Manifesting as a pair of zero-day vulnerabilities located within BLE chips, it is estimated to be present in 80 percent of business wireless access points in products manufactured by Cisco, Meraki and Aruba. With companies using these products for critical communications, any sort of attack could result in major disruption or exploitation into the wider network. This could essentially destroy any network segmentation, which has been deployed due to the lateral movement of network traffic between network segments, to allow the attack to be carried out.

While these are just some of the most notorious Bluetooth attacks, all enterprises using devices with Bluetooth capabilities such as wireless speakers, printers, smart TVs, and cameras, to name just a few, run the risk of these devices becoming seriously compromised. 

Furthermore, Bluetooth in the enterprise is a bigger issue than simply protecting the privacy of the people who own these devices. With the workforce and IP dependent on a secure network, any potential breach becomes a huge issue. With so many devices, it’s also become an extremely difficult task for security professionals to track the many security issues that come to light. Most organisations just ignore it and hope they won’t be breached. 

Highly secure enterprises frequently employ “wireless free zones” – as a “guarantee” against foreign devices compromising their network. However, in reality, this approach is not sustainable given that even with modern security solutions, it is still extremely difficult for security professionals to gain total visibility into Bluetooth devices.

Three tips to be secure with Bluetooth

While it is virtually impossible to ensure complete network security in any organisation, much less one with new and unsecured connected devices, it is possible to reduce risk. To help with this process, here are three guidelines enterprises should follow:

  1. Create and enforce a company policy that employees either turn off Bluetooth or take it out of pairing when not in use.
  2. Invest in Bluetooth-connected devices only when necessary and become familiar with the difference between secure vs. insecure versions of the standard.
  3. Invest in a visibility solution that will allow your security team to immediately detect and respond to open or otherwise insecure Bluetooth devices. Without knowing what devices there are, enforcing policies and ensuring wireless-free zones is impossible.

On top of enforcing these policies, enterprises are advised to invest in security that can discover all IT and IoT devices through Wi-Fi and Bluetooth signals throughout the network, and in the surrounding airspace, to monitor behaviours and flag any signs of compromise of sabotage. This solution will provide actionable intelligence to alert security teams of any potential threats so they can defend the network from any malicious device. There is no silver bullet to get security right, but enterprises should still take the appropriate steps to lay the foundations to best protect themselves against the threats posed by Bluetooth devices.

 

John Stock is the product manager at Outpost24.

John Stock
John Stock

John Stock is the product manager at Outpost24. He has more than 11 years on working experience. 

Latest in Security
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Lock on Laptop Screen
Data breach at Pennsylvania education union potentially exposes 500,000 victims
Data leak
Top collectibles site leaks personal data of nearly a million users
Spyware
Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices
An American flag flying outside the US Capitol building against a blue sky
Five Eyes "cannot replace US intel in Ukraine", claims former US Cyber Command Chief
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Criminals are using a virtual hard disk image file to host and distribute dangerous malware
Latest in News
Citroen 2CV
The retro EV resurgence is in full swing, as Citroen confirms the iconic 2CV will return with batteries
Hugging Snap
This AI app claims it can see what I'm looking at – which it mostly can
Apple iPhone 16 Pro Max REVIEW
The latest batch of leaked iPhone 17 dummy units appear to show where glass meets metal on the new designs
Hornet swings their weapon in mid air
Hollow Knight: Silksong could potentially launch this year and I reckon it could be a great game for an Xbox handheld
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Cassian Andor piloting a TIE Avenger in Andor season 2
Star Wars: Andor creator is taking a stance against AI by canceling plans to release its scripts, and I completely get why
More about security
ransomware avast

Ransomware attacks are costing Government offices a month of downtime on average
Data leak

Top collectibles site leaks personal data of nearly a million users
Hamish wearing the RingConn Gen 2 Air

The RingConn Gen 2 Air is the perfect entry-level smart ring – but not the perfect fitness tracker
See more latest
Most Popular
Mark S and Helly R standing by their desks bathed in blue light in Severance's season 2 finale
Severance season 2 episode 10 ending explained: what does Mark do, who dies, will there be a season 3, and more big questions answered
YouTube Premium
Would you pay for better sound on YouTube? The video-sharing platform could soon let you control audio quality, but it'll cost you
Hugging Snap
This AI app claims it can see what I'm looking at – which it mostly can
Citroen 2CV
The retro EV resurgence is in full swing, as Citroen confirms the iconic 2CV will return with batteries
I Hate This Place artwork
Bloober Team is keeping busy as it announces its next survival horror game I Hate This Place and offers a new look at its upcoming title Cronos: The New Dawn
Equal1 Bell-1 quantum computer
This is the first quantum computer you can actually buy (and use, and power): Equal1's Bell-1 uses a standard power socket
Ryzen AI Max+ 395
Obscure Chinese PC vendor gets preferential AMD treatment as Lisa Su signs first desktop PC with Ryzen AI Max+ 395 ahead of May launch
Apple iPhone 16 Pro Max REVIEW
The latest batch of leaked iPhone 17 dummy units appear to show where glass meets metal on the new designs
SanDisk Slim Dual Drive
This is the first 2TB dual-port external SSD ever and it's not as expensive as you may think
Bimawen B15.6 TV Pro
A sign of things to come? This portable monitor comes with Google TV, a remote control and a very well hidden Android PC