With technology advancing at a groundbreaking pace, new features and capabilities have brought numerous unintended security consequences and risks.
Implementing organizations and users must take on the responsibility to protect data and identities.
With rising awareness of security and privacy in IT systems and applications, embedding security in all layers of system design, development and operations are gaining attention from users, system owners, and designers.
This trend is especially critical in the business and government sectors working with proprietary or sensitive information.
Heavier reliance on wireless and Internet of Things (IoT) technology further complicate the security landscape.
Users often trade privacy for convenience and voluntarily share sensitive information when using mobile devices.
Using Bluetooth to exchange sensitive information poses an alarmingly high-security risk.
However, a thoughtful approach to system design, vigilant users, and attention to security will mitigate many of the potential vulnerabilities.
Author: Julie A. Hanway; IT Veterans Team Member
Doffman, Z. (August 15, 2019). New Critical Bluetooth Security Issue Exposes Millions Of Devices To Attack. Retrieved March 16, 2020, from https://www.forbes.com/sites/zakdoffman/2019/08/15/critical-new-bluetooth-security-issue-leaves-your-devices-and-data-open-to-attack/#723257764ec8
Kacherovska, D. (August 15, 2019). How Secure Is the BLE Communication Standard? Retrieved March 16, 2020, from https://dzone.com/articles/how-secure-is-the-ble-communication-standard
Martin, J., Alpuche, D., Bodeman, K., Brown, L., Fenske, E., Foppe, L., … Teplov , S. (June 16, 2019). Handoﬀ All Your Privacy – A Review of Apple’s Bluetooth Low Energy Continuity Protocol. Retrieved March 16, 2020, from https://petsymposium.org/2019/files/papers/issue4/popets-2019-0057.pdf
Newman, L. (May 19, 2019). Bluetooth’s Complexity Has Become a Security Risk. Retrieved March 16, 2020, from https://www.wired.com/story/bluetooth-complex-security-risk/
Zepeda, D. (August 1, 2019). AirDrop vulnerability can show your phone number and passwords to malicious third parties. Retrieved March 23, 2020, from https://www.imore.com/airdrop-vulnerability-can-shows-your-phone-number-and-passwords-malicious-third-parties
Common Vulnerabilities and Exposures (CVE®), The MITRE Corporation, https://cve.mitre.org/index.html. Access on 5/12/2020