Privacy Peril: Got the Blues?

August 20, 2021
Firm Publication

Match the term with its description:

A.  Bluey 1.  The use of Bluetooth™ technology to send unsolicited and anonymous messages to another Bluetooth™ device.
B.  Bluetooth™ 2.  The use of Bluetooth™ technology to collect data from a Bluetooth-enabled device.
C.  Bluejacking 3.  The use of Bluetooth™ technology to gain control of a Bluetooth™-enabled device.
D.  Bluesnarfing 4.  A technology that uses radio waves to exchange data between nearby devices.
E.  Bluebugging 5.  A cartoon Australian Blue Heeler puppy loved by children worldwide.

In its early development stages in the 1990s, Bluetooth™ technology contained a number of security flaws, many of which were exploited by ne’er-do-wells. A chief enabler of attacks was that devices sometimes came with the Bluetooth™ feature enabled (turned on) by default. Over the next few years, identified security flaws generally were patched or otherwise corrected.

Today, it is not an exaggeration to say that Bluetooth™ use has exploded. Many phone headsets are Bluetooth™-driven. No longer confined to fitness facilities, Google Pixel Buds and Apple AirPods are now found, or attempted to be hidden, at business meetings. Cameras can be remotely triggered so someone no longer needs to run to appear in the family photo. Hands-free messages can be sent through a car’s media center. Documents can be sent to wireless printers. Even current generation hearing aids are Bluetooth™-enabled to help the hard-of-hearing listen to music or the television, or answer phone calls. A quick check of your smartphone can easily show a list of ten or more “Previously connected” Bluetooth™ devices.

While more secure than when first developed, Bluetooth™ devices are not immune from attack. Here is a July 2021 NSA Cybersecurity Sheet providing some useful, even if familiar, security tips for use of public Wi-Fi, Bluetooth™, and Near-Field Communication (NFC). For Bluetooth™-enabled devices, the best defense against attacks is to leave Bluetooth™ turned off except when being intentionally used (for example, when in the office for contact tracing purposes). Not far behind in security best practices is to make certain that when Bluetooth™ is turned on your device does not automatically accept pairing requests. Third, enable the function on your smartphone that notifies you of nearby sharing devices or sharing requests.

A few simple steps can keep you from being jacked, snarfed or bugged. Bluey’s mum would be proud.

Check out our series, Privacy Perils, to learn what steps you can take to guard your personal and company data. For more information about this topic and other cyber security concerns, please contact Bob Brewer, Tony McFarland, Elizabeth Warren or a member of our Privacy & Data Security team.