Bluetooth® wireless technology is included with many mobile phones and personal digital assistants (PDAs).
Here are some examples of the use of Bluetooth:
- Hands-free headsets for mobile phones
- wireless keyboards
- wireless mice
- wireless printers
- wireless game controllers
Any time you transmit information online, you can be vulnerable to online attack; and as the popularity of Bluetooth increases, so does its interest to cybercriminals.
How criminals attack through Bluetooth technology
When it's set to "discoverable" mode, your Bluetooth mobile phone or PDA sends a signal indicating that it's available to "pair" with another Bluetooth gadget and transmit data back and forth.
However, an attacker who detects this signal could also attempt to pair with your device and hack in to steal your personal identification number (PIN).
ou could remain unaware, while the attacker, with your PIN in hand, could be:
- Stealing information stored on your device, including contact lists, e-mail, and text messages.
- Sending unsolicited text messages or images to other Bluetooth-enabled devices.
- Accessing your mobile phone commands, which allows the attacker to use your phone to make phone calls, sent text messages, read and write phonebook contacts, eavesdrop on conversations, and connect to the Internet.
- Installing a virus on your device that could wreak the same kind of havoc that a virus could on your computer—for example, slowing or disabling your service, or destroying or stealing information.
Criminals have also been known to drive around with Bluetooth detectors, looking for mobile phones and PDAs to infiltrate; and to outfit laptop computers with powerful antennas in order to pick up Bluetooth signals from as far as a half-mile away.
The latest forms of high-tech attack even include forcing Bluetooth devices to pair with the attacker's device when they are not in the discoverable mode. (It's also very labor-intensive, so targets tend to be individuals known to have a very large bank account or hold expensive secrets.)
Tips to improve your Bluetooth security
- Keep your Bluetooth setting to "non-discoverable" (transmission-disabled) and only switch it to "discoverable" when you're using it.
Just leaving your mobile phone or PDA in the discoverable mode keeps it dangerously open for Bluetooth transmission—a Bluetooth user within up to a 30-foot range can receive your signal and potentially use it to access your device as you walk around town, drive, or even walk through your office. - Use a strong PIN code. Codes of five digits or longer are harder to crack.
- Avoid storing sensitive data such as your social security number, credit card numbers, and passwords on any wireless device.
- Stay up-to-date on Bluetooth developments and security issues, and regularly check with the manufacturer of your device for news on software updates or any specific security vulnerabilities.
Source: Microsoft
No comments:
Post a Comment