October is National Cyber Security Awareness month. This is the third article in a five-part series on security brought to you by Geneseo’s Information Security Program Team.
Bluetooth is a wireless technology that allows you to connect many types of devices—such as hands-free headsets, headphones, or speakers—to your mobile devices. It also connects your mobile phone to your car’s media system for hands-free calling or audio streaming.
Bluetooth enhances our productivity and makes our lives easier. It allows devices within the immediate vicinity (usually about 30 feet) to discover one another and initiate connections. The security on Bluetooth-enabled devices typically requires the user to accept a connection request and authorize it. By accepting the connection, you enable it as a trusted device.
Unfortunately, these discovery and connection features also introduce some risk of security attacks:
- Bluejacking—sending unsolicited spam messages to your phone
- Bluesnarfing—stealing information from your phone, such as calendar or address book entries
- Bluebugging—remotely accessing your phone and secretly using its features, such as placing calls and sending text messages
What can you do to prevent your Bluetooth connection from being hacked?
Turn off Bluetooth when not in use
Disable Bluetooth if you are not using it and are in a public area where hackers are more likely to exist.
Ignore Bluetooth connections you did not initiate
Bluejacking, in particular, takes advantage of Bluetooth’s discovery features to send messages to unsuspecting people. Some messages contain a “business card” (vcard) that can allow the sender to become trusted if you act on it. If you receive a message on your phone that you did not initiate, ignore or dismiss it.
Disable the “allow new Bluetooth connections” setting when not in use
Most of us only connect to known or trusted devices such as our hands-free headset, car media system, or home speakers. Disable the setting on your phone that allows new Bluetooth connections until you need to pair to a new device.
Keep your phone or mobile device operating system updated
Bluesnarfing and bluebugging attacks take advantage of flaws in your device’s Bluetooth code to access your devices, so regular updates are important. Turn on automatic updates on your mobile device. Make sure your Bluetooth devices use the newest protocols whenever possible and consider replacing older devices.
Be careful what you share
Avoid sharing sensitive, personal information over Bluetooth connections. Use hands-on options for data you need to protect.
Watch for strange behavior
Be alert for signs of hacking, such as spikes in data consumption, your phone suddenly turning off and on on its own or disconnecting and reconnecting on its own.