TechTarget

PDAs and mobiles left open to 'Bluesnarfing'

Businesses are at risk of losing confidential data to hackers asoffice workers leave their Bluetooth-enabled PDAs and mobile phones unsecured.

This Content Component encountered an error

Businesses are at risk of losing confidential data to hackers asoffice workers leave their Bluetooth-enabled PDAs and mobile phones unsecured.

A survey of commuters in three central London railway stations found that one in 10 are travelling with mobile devices that are open to eavesdropping by hackers.

An engineer from security company Orthus, armed with a laptop computer and a free Linux software tool, was able to identify unsecured data held on hundreds of mobile devices as commuters travelled home.

Out of 943 devices identified at three London stations, 379 had been left on their default security settings and 138 were vulnerable to hacking attacks, known as Bluesnarfing.

Personal data including voice messages, address books, e-mails and diaries stored on mobile devices were extremely vulnerable to theft or manipulation, the company said.

Hackers could download the data or change it across open Bluetooth channels without the owners being aware, said managing director Richard Hollis.

About half the mobile devices left on their manufacturer's default security settings were vulnerable to Bluesnarfing, research revealed.

"Corporations need to consider adding PDA and mobile phone policies to their written corporate security policies and make sure their staff have been educated," said Hollis.

 

Protect yourself

To protect against bluesnarfing:

  • Don't enable Bluetooth unless it is required
  • Personalise the Bluetooth device name so that it does not contain model and manufacturing information
  • Only enable Bluetooth services you intend to use
  • If you need to leave Bluetooth enabled, ensure the visibility settings prohibit third parties from identifying the device

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close