Section 18.168 Bluetooth Vulnerabilities and Attacks Flashcards
Objectives 2.2 Explain common threat vectors and attack strategies. Objectives 2.3 Explain various types of vulnerabilities Objectives 2.4 Given a scenario, you must be able to analyse indicators of malicious activity. Objectives 2.5 Explain the purpose of mitigation techniques used to secure the enterprise. Objectives 2.6 Given a scenario, you must be able to apply common security techniques to computing resources.
Bluetooth
Wireless technology standard used fort exchanging data between fixed and mobile devices over short distances without the need for an internal connection
Bluetooth Vulnerabilitites
Insecure pairing
Occurs when Bluetooth devices establish a connection without proper authentication or they employ weak authentication methds during the pairing process
Bluetooth Vulnerabilitites
Device spoofing
Occurs when an attacker impersonates a device to trick a user into connecting
Bluetooth Vulnerabilitites
On-path attacks
Exploits Bluetooth protocol vulnerabilities to intercept and alter communications between devices without either party being aware
Different Types of Bluetooth Attacks
Bluesnarfing
Unauthorised access to a device to steal information like contacts, call logs, and text messages
Different Types of Bluetooth Attacks
Bluejacking
● Sending unsolicited messages to a Bluetooth device
● Often used for pranks or testing vulnerabilities without causing much harm
Different Types of Bluetooth Attacks
Bluebugging
● Allows attackers to take control of a device’s Bluetooth functions
● Can make calls, send messages, or access the internet
Different Types of Bluetooth Attacks
Bluesmack
Denial-of-service attack by overwhelming a device with data, causing it to crash or become unresponsive
Different Types of Bluetooth Attacks
BlueBorne
Spreads through the air to infect devices without user interaction
Best Practices for Secure Bluetooth Usage
Turn off Bluetooth when not in use
Reduces the attack surface and exposure to threats
Best Practices for Secure Bluetooth Usage
Set devices to “non-discoverable” mode by default
Prevents unsolicited connection attempts
Best Practices for Secure Bluetooth Usage
Regularly update firmware
Ensures security is up-to-date with patches for vulnerabilities
Best Practices for Secure Bluetooth Usage
Only pair with known and trusted devices
Mitigates the risk of connecting to malicious devices
Best Practices for Secure Bluetooth Usage
Use a unique PIN or passkey during pairing
Adds security during the pairing process
Best Practices for Secure Bluetooth Usage
Be cautious of unsolicited connection requests
Avoid accepting requests blindly
