Bluetooth refers to a short range wireless technology that is used with communication and computing devices. Just like the other types of wireless technologies, Bluetooth comes with several security threats. These threats compromise the security of a device as well as that of others in the network. One of such security vulnerabilities is known as Bluejacking. This refers to the act of sending unsolicited messages to a device with an active Bluetooth connection (Dunning, 2010). This process does not alter any of the data in the attacked devices but it is still unsolicited. The devices that are configured as undiscoverable are not exposed to the risk of Bluejacking. This attack is usually used by attackers for promotional purposes. Although these attacks are not meant to be malicious, their nature is very annoying. This is because they are repetitive and sometimes they can make a device interoperable. They can also lead to other forms of social attacks. To avoid this risk, users should avoid adding devices on request without the necessary verification.
Another risk associated with Bluetooth security is the backdoor attack. This is an attack that involves building a trusting relationship via the pairing mechanism of Bluetooth. After the initial pairing the attacker ensures the device does not appear on the target’s list of paired devices. This way the owner of the device being attacked has no way of knowing that his/her device has been hacked. This attack can be used to access data in the attacked device. The attacker might also use resources and services like internet, WAP, and GPRS gateway without the user’s permission (Mishra & Gupta, 2012).
Bluesnarfing is a Bluetooth attack that attacks a device by copying its resources. This means that all data that is found in the attacked device’s phone memory is susceptible to this attack. Devices whose Bluetooth capability is set to discoverable mode are at increased risk of such an attack. The technology used in Bluesnarfing attacks is readily available and details of its usage are also easy to obtain. All Bluetooth enabled devices risk losing crucial information to these kinds of attacks. Devices that have been manufactured lately have technology that makes them unsusceptible to Bluesnarfing.
The other security risk that is associated with Bluetooth technology is the cabir worm. The cabir worm is a malicious form of software that sends itself to devices with active Bluetooth connections (Mishra & Gupta, 2012). The cabir worm affects devices that use a specific form of interface. However, for the attack to be realized the user has to manually accept the worm and install it.
Bluebugging is a threat that provides an attacker access to a device’s commands. After an attacker has launched this form of attack, he/she can be able to eavesdrop on conversations, send and receive messages, and even make calls. This is one of the most serious Bluetooth security threats.
There are a lot of ways to circumnavigate these security risks. The first and most effective way is by ensuring that Bluetooth capability is enabled only when necessary. The other way is by ensuring the list of paired devices consists of only authorized and recognizable devices. In addition, users should be in the habit of using security pass-keys when establishing connections. This is a simple way of keeping attackers at bay. Like with other network security risks, users of Bluetooth devices should be on the lookout for new and suspicious identities.
References
Dunning, J. (2010). Taming the blue beast: a survey of Bluetooth based threats. IEEE Security & Privacy, 8(2):20–27.
Mishra, N. & Gupta, V. (2012). An overview of Bluetooth security: issues and challenges. Journal of Global Research in Computer Science, 3(3), 73-77.