Return of the smartphone attack
Due to the recent WannaCry ransomware exploits, business owners are refocusing their efforts on protecting computer networks. Despite that, many leave one key device unaccounted for: their smartphone. The truth is hackers can exploit the technology in your smartphone to conduct malicious acts, and one of the most common is Bluetooth technology.
Google paid a settlement fee of $7million for unauthorized data collection from unsecured wireless networks in 2013. While their intention likely wasn’t theft, many disagreed and called them out for Bluesnarfing, a method most hackers are familiar with.
What is it?
Bluesnarfing is the use of Bluetooth connection to steal information from a wireless device, particularly common in smartphones and laptops. Using programming languages that allow them to find Bluetooth devices left continuously on and in “discovery” mode, cybercriminals can attack devices as far as 300 feet away without leaving any trace.
Once a device is compromised, hackers have access to everything on it: contact, emails, passwords, photos, and any other information. To make matters worse, they can also leave victims with costly phone bills by using their phone to tap long distance and 900-number calls.
What preventive measures can you take?
The best way is to disable Bluetooth on your device when you’re not using it, especially in crowded public spaces, a hacker’s sweet spot. Other ways to steer clear of Bluesnarfing include:
- Switching your Bluetooth to “non-discovery” mode
- Using at least eight characters in your PIN as every digit adds approximately 10,000 more combinations required to crack it
- Never accept pairing requests from unknown users
- Require user approval for connection requests (configurable in your smartphone’s security features)
- Avoid pairing devices for the first time in public areas
Bluesnarfing isn’t by any means the newest trick in a cybercriminal’s book, but that doesn’t mean it’s any less vicious. If you’d like to know more about how to keep your IT and your devices safe, give us a call and we’ll be happy to advise.