Precautions offset potential Bluetooth security breaches

Potential security risks posed by Bluetooth wireless technology are prompting some IT managers to rein in use of Bluetooth-equipped mobile phones and PCs.

While Bluetooth vendors guide users on guarding their devices against hackers, such as setting devices in non-discoverable mode, several IT managers see a need to protect their networks from Bluetooth attacks by taking the same steps they took to secure their corporate wireless LANs.

For example, Bluetooth radios included in laptop PCs operate in the same 2.4GHz band as 802.11b WLANs and are turned on as a factory default setting. One IT manager ensures the radios are turned off before the systems go into use.

Another CTO plans to use a tool called Bluewatch from AirDefense Inc. to scan every device on his network and employees’ mobile phones for the presence of the wireless technology. He will then decide which devices should be allowed to run Bluetooth and access the network.

The Bluetooth Special Interest Group (SIG), a trade association based in Overland Park, Kan., is concerned about the technology’s vulnerability to the “bluesnarfing” attacks and another hacking technique called “bluejacking.” Bluejacking involves sending unsolicited text messages to other Bluetooth users. An estimated two billion Bluetooth-equipped devices could be in use by next year.

Patches are available for the phones that are at risk of being attacked, said a spokesperson for the Bluetooth SIG. He added that only a relatively small number of phones from Nokia Corp. and Sony Ericsson Mobile Communications AB are susceptible to bluesnarfing. Despite the current concerns, he claimed that Bluetooth “is more secure than any other wireless technology” because of the short transmission range of most devices and its 128-bit encryption capabilities.

Chris Kozup, an analyst at Meta Group Inc., said Bluetooth-equipped mobile phones can be particularly vexing for IT managers because many are bought by individual employees, making them harder to manage than corporate assets such as laptops.

— With files from Allison Taylor, IT World Canada

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now