Bluesnarfing brings Bluetooth blues

Powered by SC Magazine
 

Employees risk having confidential data accessed by hackers by leaving their Bluetooth-enabled mobiles and PDAs open to snooping, according to a new study.

Wireless security consultants Orthus carried the research at three mainline train stations in London, England and found that 49 percent of Bluetooth device owners were vulnerable to "Bluesnarfing" - having their calls hijacked or personal data such as photos, SMS messages or phonebook contacts stolen.

The survey also found that the majority of Bluetooth users that took their devices off "default" status gave them unusual names and invited other Bluetooth users to connect and chat. This activity (known as "Toothing") also opened up their devices to potential hacking. The survey also found hundreds of strangely named devices ranging from "Love Monkey" to "Call me Pickles".

An engineer armed with a laptop and a Linux-based security tool was able to identify hundreds of devices left unsecured as commuters tmade their way home through the stations.

The engineer also found that 379 out of 943 devices identified were still set to their default security settings and 138 of the 943 were vulnerable to hacking.

Martin Allen, managing director of mobile data security company Pointsec, said Bluesnarfing was a "silent threat which you wouldn't even know is happening to you."

"People keep a lot of confidential information on their PDAs and mobiles such as passwords, pin numbers, bank account details, customers names and addresses and within seconds this can be pulled by a hacker or competitor from right under their nose," he said.

He urged companies to to make sure that if staff have sensitive information on their mobile devices that "it is encrypted centrally and mandated within the security policy."

Earlier this month, SC Magazine reported on a mobile phone virus that can infect PCs.

http://www.orthus.com/

Copyright © SC Magazine, US edition


 
 
 
Top Stories
Toll Group to go Google
Poaches Woolworths project manager.
 
How News Corp's CIO tackled skills in his race to the cloud
What to do when your team’s talents are no longer needed.
 
Photos: How Thodey transformed Telstra
From turbulent Trujillo to Australia's leading telco.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  35%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 3944

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 1342

Vote