Back in the 90’s, when Bluetooth entered the market as a disruptive wireless technology and revolutionized the way we exchange data, it was apparent that the exploiting attacks will soon follow to intercept communication and steal data. In 2003, Adam Laurie (A.L. Digital) discovered the security vulnerabilities in the Bluetooth devices for the first time, these amounted to three of the most prevalent attacks - Bluesnarfing, Bluebugging, and Bluejacking. Blusnarfing allows for unauthorized access to data present in a device while Bluebugging takes full control of the Bluetooth device, and Bluejacking is limited to only unwanted transfer of data without any access to the other data present in the device. In the current scenario, these attacks can happen only if the Bluetooth connection is turned on, that is if a device is ready to be paired or is discoverable.Not just devices, these attacks also extend themselves to wireless systems where network security is bypassed through rogue access points.
The commonly compromised protocol to enable Bluesnarfing is Object Exchange (OBEX) Protocol.This protocol enables the exchange of data between the connected devices while most of its sub-services don’t require any authentication to validate the device sending or receiving the data, like OBEX Push Profile which allows for each exchange of data. Once attacker pairs an OBEX Push Target with an OBEX GET request for the known data files, unauthorized information exchange is performed.
Another latest technique reported by the Center for IT-Security, Privacy and Accountability (CISPA) in 2019 was Key Negotiation of Bluetooth (KNOB). This technique allows attackers to execute the man-in-the-middle attack by using Bluetooth’s vulnerable authentication protocols comprising weaker encryption when connecting with the target device.
KNOB’s official website reads, “We conducted KNOB attacks on more than 17 unique Bluetooth chips (by attacking 24 different devices). At the time of writing, we were able to test chips from Broadcom, Qualcomm, Apple, Intel, and Chicony manufacturers. All devices that we tested were vulnerable to the KNOB attack.”
One serious implication of these attacks could be on the trending smart lock feature. This feature allows your devices to be in ‘unlock’ mode when they are connected to a trusted device, like laptop and cellular phone or cellular phone and smart watch. As much as this technology is convenient, it increases the probability of attacks and device tracking by broadcasting its identity in the device range.
As we have advanced into better, wider, and faster upgrades of the bluetooth technology - Bluetooth 5.0, we must not forget the ease, speed, and reach with which attackers can now execute a breach. Though, Bluetooth 5.0 allows device authentication, it is sans user authentication. Enabling a user authentication enabled application while using Bluetooth 5.0 could significantly secure one against the Blue snarfing attacks. Bluetooth will undergo several iteration to incorporate security but we certainly need to rely on the controls around the usage of Bluetooth technology.