The widespread use of wireless networks has led to problems with information security. Getting access to poorly protected Bluetooth devices and intercepting information transmitted via radio channels is sometimes quite easy. Today, it is enough to go to any cafe and launch a search for active Bluetooth devices, and there are likely to be two or three smartphones with the embedded technology. They will be open to access to all the files and services without any password. The issue of Bluetooth security is rather important to discuss and develop since it allows revealing potential ways to protect users’ personal data and increasing their awareness of the need to ensure security during connections.
Even though Bluetooth is designed to organize communication between devices at a distance of no more than 10-15 meters, many portable Bluetooth-enabled mobile devices are used around the world. Users often visit places with a lot of people, so some devices accidentally end up in close proximity to others (Panse & Kapoor, 2012). In addition, the majority of such devices are configured not carefully enough, and people leave the default settings, making information vulnerable to interception.
Thus, the weakest point in Bluetooth technology is a user. Namely, people with Bluetooth smartphone devices as well as companies that use this technology to transmit sensitive information are the key interested parties. At the same time, people who are particularly conscious about their security may also benefit from discussing this topic. All of the mentioned categories of people need effective ways to protect their devices.
There are three key routes through which Bluetooth may be hacked, including bluejacking, bluebugging, and bluesnarfing. As stated by Pandey and Khara (2017), bluejacking refers to sending anonymous messages through the hacked device with the aim of fraud or any other illegal action. The above way of hacking usually occurs in large shops where there a lot of people with Bluetooth turned devices (Pandey & Khara, 2017).
Via bluebugging, hackers obtain control over a victim’s smartphone and execute commands. For example, the identified researchers note that they may call, send messages, and even view the list of calls to the given device. In other words, almost total control is taken over a victim’s device.
The third way of hacking via Bluetooth allows accessing a person’s email, contacts, and other areas that contain sensitive information. It remains unnoticed for a victim, while a hacker transfers information to his or her own device. More than half of the users of mobile phones or laptops with Bluetooth are not familiar with methods of protecting devices from the penetration of malicious programs via Bluetooth (Pandey & Khara, 2017).
Even those devices that are turned to a hidden mode may be vulnerable to attacks since hackers may suggest their MAC address. In addition, Pandey and Khara (2017) emphasize that due to some features of old mobile devices, it is possible to remotely switch Bluetooth from the hidden mode to general accessibility without notifying the user of the device. Once a smartphone was susceptible, hackers may code and compile a tool for attacks or use some existing snippets. Thus, it becomes evident that victims even do not understand that their device was hacked.
The preventative measures are largely associated with users’ behaviors and attention to their devices. First of all, it is important to turn on one’s Bluetooth only in case it is required to connect with another device to send files or perform any other activities. The evidence shows that most Bluetooth users are confronted with security when it comes to connecting two devices (Pothuganti & Chitneni, 2014). By default, connections are not authenticated, and any device can communicate with others.
Once connected and entered a password, a user creates a key on both devices that can be stored in memory and will then bypass the authorization process on subsequent connections. Therefore, the second measure that can be taken is making Bluetooth devices non-discoverable.
However, the problem is that in order to connect two devices, it is necessary to transfer at least one of them to the detectable mode for, at least, a short time. During this time, hackers may violate security of the devices and stole the keys. One of the ways to limit connections is related to ignoring requests to send files when a user is in public places. In this protection mode, security measures are activated based on the processes of identification, also known as authentication, and permission that is also called authorization (Panse & Kapoor, 2012). In this case, every request provided by others people is considered by a user independently. Along with Bluetooth technology, people may also pay attention to several alternatives.
There are several alternatives to Bluetooth such as Wi-Fi, ZigBee, and TBD. Wi-Fi networks use the WEP, WPA, and WPA2 protocols for network encryption and security. Huge harm can be caused to a user due to the fact that he or she uses random hot spots or open WI-FI points at home or in the office. When connecting to a public network, one should avoid visiting websites where cybercriminals can intercept sensitive data or passwords, including social networking sites, banking services, and any websites that store credit card information.
ZigBee is one more alternative that provides slower information transmission compared to Bluetooth and Wi-Fi. Most of the time, ZigBee is in a sleep mode, only occasionally listening to the air. To protect users and devices, ZigBee protocols use advanced encryption standard (AES) for network security (Pothuganti & Chitneni, 2014). The main problem is that manufacturers use the default link keys for their devices in pursuit of compatibility with other devices, cheapness, and lower power.
Using default link keys compromises the security of the network as a whole. In addition, TBD, a free-to-air television network, is the third alternative that is characterized by a focus on online translation of TV series and the digital content in general (Pothuganti & Chitneni, 2014). It is less vulnerable to hacker attacks, while proper passwords increase the protection of users’ devices. However, the fact it is more suitable for online translations but not common search on the Internet makes it less popular.
To conclude, it should be stressed that Bluetooth is vulnerable to unauthorized access likewise other alternatives, including Wi-Fi, ZigBee, and TBD. While using a smartphone that supports Bluetooth technology, it is essential to apply standard levels of protection that prevent hackers from accessing confidential information. Information on the ways to protect personal data is beneficial to people and organizations that utilize Bluetooth and other alternatives. One may conclude that common security measured should be used for all of the discussed technologies. Turning a device off, using a strong password, and selecting only trustful connections are the key measures of safety.
References
Pandey, T., & Khara, P. (2017). Bluetooth hacking and its prevention. L & T Technology and Research. Web.
Panse, T., & Kapoor, V. (2012). A review paper on architechture and security system of bluetooth transmission. International Journal of Advanced Research in Computer Science, 3(1), 372-374.
Pothuganti, K., & Chitneni, A. (2014). A comparative study of wireless protocols: Bluetooth, UWB, ZigBee, and Wi-Fi. Advance in Electronic and Electric Engineering, 4(6), 655-662.