Bluesnarfing - Yenra

Bluetooth hacks via cell phone, laptop, or PDA underscore need for security

Bluesnarfing

Common misconceptions regarding the wireless-data standard, Bluetooth, have led to growing concerns about blue-snarfing and blue-jacking incidents, in which wireless data is stolen or compromised via Bluetooth-enabled devices such as cell phones, laptop PCs and PDAs. Estimates put Bluetooth's global expansion at between 1.4 billion and 2 billion Bluetooth-enabled devices by 2005. In answer to this increasing threat, Red-M, a global provider of wireless security and control products, has drawn attention to its enterprise solution for Bluetooth-related vulnerabilities. Red-Detect, Red-M's IDS for enterprise wireless LANs, includes real-time mechanisms to detect and alert security administrators of "bluesnarfing" and other Bluetooth attacks.

The threat of a Bluetooth enterprise hack is sobering. In the case of "bluesnarfing," hackers can use their cell phone, laptop or PDA to change and/or corrupt a user's calendar. Once inside a corporate environment this Bluetooth-enabled device may allow corruption to propagate via automated features in Microsoft Outlook and Exchange, ultimately affecting other corporate users. Nokia and Ericsson are among the manufacturers who have recently acknowledged the security flaws and vulnerabilities in their Bluetooth implementations.

"Most enterprises have been slow to understand that wireless networks are much more vulnerable to attack than wired networks," said Red-M president and CEO, Karl W. Feilder. "Traditional security measures such as firewalls don't work in the wireless world, so the danger of hackers, worms and viruses are much more threatening to the enterprise. Our products are designed to protect against all wireless threats, whether from 802.11 or Bluetooth."

Red-Detect is a multi-probe enterprise solution that can detect when rogue 802.11 or Bluetooth-enabled devices enter its airspace and automatically send a real-time alert regarding potentially damaging activities. Armed with this critical information, IT administrators within the enterprise can work with security managers to take appropriate action to mitigate threats such as those posed by Bluetooth.

Red-M provides security and control products for all phases of wireless awareness and adoption.