- Cyber Security Services
- Compliance Services
- IT Risk and Audit Services
- Contact Us
Think about how much we use Bluetooth daily. Whether we are connecting our smartphones to a wireless speaker, to our car to make handsfree calls or to our Apple Watch, we use Bluetooth on a very frequent basis. In the world of Information Security, the more you use something and the more you integrate thr technology into your day to day routines, cybercriminals focus on ways to “hack” that technology so they can do what they do best: steal your information or compromise your information in some way.
Until recently, Bluetooth was “immune” from these types of attacks. But all good things must come to an end! Unfortunately, Bluetooth security is in the headlines after a recent exploit was identified and used by cybercriminals. This exploit takes advantage of the very nature of Bluetooth in that when it is turned on, it is always “listening” and looking for new connections. Dubbed BlueBorne, this method of hacking is very concerning for a variety of reasons:
That’s the bad news. The good news is that there are things that you can do to minimize and in some cases, prevent this attack from taking place:
This is a very serious exploit that has been created and successfully exploited by hackers that you should take very seriously. In fact, if you want to take a look at how this attack works, check out the following link and scroll to the bottom where you can see for yourself just how the attack works on Android, Linux, and Windows: https://arstechnica.com/information-technology/2017/09/bluetooth-bugs-open-billions-of-devices-to-attacks-no-clicking-required/
This exploit is just another example of why organizations must have a vulnerability management program and patch management program in place. In fact, according to the Center for Internet Security and their Top 20 Critical Security Controls, Continuous Vulnerability Assessment and Remediation is one of the most critical controls an organization can implement to mitigate their risk related to Information Security. For more details on this control, as well as the other 19 controls, download a copy of our Critical Security Controls eBook today!