21 Feb 2014
How to prevent Bluetooth hacking on your smartphone
Bluebugging, bluespamming and bluesnarfing are some examples of Bluetooth attacks that have evolved over time which allow attackers to take full control of a device and access mobile phone commands via Bluetooth, allowing phone calls to be made, text messages to be sent and access to the data stored on the device. Some victims have suffered loss of data like their contacts or important files on the memory card. Others have ended up victims of identity theft after sensitive data on their mobile phones were accessed.
Here are a number of steps you can take to avoid becoming a victim of these attacks.
Turn Bluetooth off
This is basic to avoiding any of the Bluetooth attacks; and unfortunately many people are in the habit of knowingly or unknowingly leaving the Bluetooth turned on. Turn off the Bluetooth functionality when not in use. This will limit your exposure to potential attacks to only the periods when you are actively using Bluetooth.
Protect your device
Install mobile security software on your Bluetooth device such as antivirus, firewall, anti-spam and device encryption and ensure all installed software have the latest security updates. This is in order to prevent, or reduce the impact of, known Bluetooth attacks and ensure that information stored on the device remains protected.
Remain ‘Undiscoverable’
Ensure the Bluetooth device is configured to be ‘undiscoverable’, ‘hidden’ or invisible. These options are available under the Bluetooth settings of your smartphone, and so prevent the device from publicly broadcasting its Bluetooth device name or identifier for others to see and target for attack.
Change the device name
Change the default name of the Bluetooth device to something anonymous and without meaning. By default, we mean the name of the device which usually identifies the model and type of device (e.g. Blackberry 8830), which could make it a target of attack.
Verify transmissions before accepting
Do not simply ‘accept’ transmissions such as messages, files and images from unknown or untrusted devices. Such transmissions could contain malicious code that allows your device to be hacked into, or allow the data stored on your device to be compromised.
Use strong PINs
Where possible, always use a strong personal identification number (PIN) when pairing devices and change the default PIN on the device to something more secure. PINs should be random and at least eight characters (where technically possible) to prevent guessing by malicious individuals.
Pair in private
Carry out pairing/connecting two devices together in a secure, private location indoors, away from public areas. This will help prevent attackers from listening in and obtaining your PIN, or intercepting pairing messages.
Avoid unknown pairings
Never pair/connect with unknown or untrusted devices and do not respond to messages requesting your PIN, unless you are certain the request is from a trusted device, that is, one that you are familiar with. This will ensure that your device is only paired with known and trusted devices.
Maintain your pairings
Remove all pairings for devices that have been lost or stolen and regularly check to ensure devices are only paired with current and known devices. This will prevent attackers from using a lost or stolen device to access the other Bluetooth devices that it was paired with. It will also ensure your device pairings stay current and you will be made aware of any unauthorised pairings.
Encrypt communication
Ensure sensitive information transmissions over Bluetooth, such as connections to company networks, are encrypted. This is so that the transmitted information is protected and unreadable to unauthorised individuals. Lastly...
Walk away!
If your device is behaving strangely and you suspect that someone may be attacking your device, simply walk away in order to move your smartphone out of the range of the signals of a possible Bluetooth attacker or turn off the Bluetooth function. Be alert when openly using Bluetooth in public, looking out for any suspicious activity, as your device could be a target.
According to the experts at mindfulsecurity.com, the above steps should keep you safe and secure from Bluetooth threats.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment