The Bluetooth Security System, Its Vulnerabilities and Fixes
Bluetooth, to most people, is the wireless technology that allows you to pair and control other devices such as earphones, vehicle navigation, and other electronics through the Internet of Things.
While Bluetooth in its current iteration is more secure than past versions of 5-10 years ago, there are still some threats to the Bluetooth Security System. Generally, wireless networking systems are susceptible to many attacks, including man-in-the-middle attacks, eavesdropping, message modification, and resource misappropriation.
The Three Main Bluetooth Security System Methods
The Bluetooth security system employs a two-pronged approach of using two separate keys. An authentication key and an encryption key. The authentication key serves as the master key, with the encryption key being regenerated with each new instance. Bluetooth uses 128-Bit AES encryption to create a secure Bluetooth security system.
The three methods are:
Authentication A process of uniquely identifying the communicating devices (Who is on the other end)
A process of ensuring that only authenticated devices are viewing and accessing the data. A failure of this process is known as eavesdropping/man in the middle attack.
A process of ensuring that a device is authorized to use a service (Is device X allowed to use service Y? /is X a trusted device?) An example of this is when your phone asks you whether you wish to pair with device X (which you have previously never paired with or did not mark as a trusted device)
Bluetooth Security System Attacks
Also known as eavesdropping, this attack occurs when hackers bypass the Bluetooth security system to access devices with a discoverable Bluetooth connection. When this happens, the hacker can make and listen to phone calls (eavesdropping), read and send messages including emails, access the internet and see your contacts.
Also known as Bluehacking. It is the most common type of attack and is rather harmless as it does not divulge any information to the hacker. What Bluejacking is is sending unsolicited messages to a phone, and it begins by searching for discoverable Bluetooth devices, then spamming the device.
This is one of the most dangerous attacks whereby a hacker bypasses your Bluetooth security system to steal sensitive data. They copy everything, pictures, phone numbers, videos, passwords, etc. It can occur even if your device is in non-discoverable mode.
People who use Bluetooth in public places and leave their phones in discoverable mode are usually the victims of such attacks.
It takes advantage of people who do not change the car manufacturer’s default Bluetooth PIN code, usually 0000 or 1234. Hackers who bypass your car’s Bluetooth security system can then eavesdrop on your hands-free conversation or talk directly to you.
This Bluetooth security system attack compromises people’s privacy by tracking their locations. Users of fitness wearables are prone to this attack since they have them on always.
The Internet of Things (IoT) is particularly vulnerable to this attack. It occurs when Hackers plant malware that allows them to take control of Bluetooth devices. IoT security firm Armis first reported this Bluetooth security system attack, and it can cause further damage by infecting other connected devices.
The attack can occur without needing devices to be paired or even discoverable. Blueborne is highly dangerous. It can serve to facilitate data theft, ransomware, cyber espionage. It can also create large botnets like the Mirai Botnet, which infected many CCTV cameras and brought down major sites in a DDoS attack.
Bluetooth Security System Modes of Operation
Every Bluetooth device must operate in either one of these four modes.
Bluetooth Security Mode 1
This mode is not secure and does not initiate any security procedures. It is susceptible to hacking and is only supported up to Bluetooth 2.0.
Bluetooth Security Mode 2
All devices support Bluetooth security mode 2. In this mode, a centralized manager controls access to specific services and devices and employs encryption standards to unpaired communications.
Bluetooth Security Mode 3
The Bluetooth device initiates security procedures before pairing. All connections must be authenticated and encrypted. Bluetooth Security Mode 3 is supported by devices that conform to Bluetooth 2.0 + EDR (Enhanced Data Rate)
Bluetooth Security Mode 4
The complete Bluetooth security system package. Except that it uses ECDHE (Elliptic Curve Diffie-Hellman) encryption.
How to Keep Safe from Bluetooth Attacks
- Keep your Bluetooth security system updated through firmware and software updates. All your Operating Systems should be up to date with the latest patches and fixes.
- Turn off your Bluetooth. This might not always be possible, but turn it off if you’re not using it.
- Limit app permissions - If the app doesn’t need the Bluetooth feature, remove it.
- Be aware of your surroundings -Bluetooth has an approximate range of 32 feet and requires a hacker to be close to the victim.