Bluetooth Vulnerability
Introduction
Tagging devices have become increasingly commonplace in recent years. Though useful for finding misplaced luggage, these small devices can also be exploited to give a malicious actor access to your location data.
This information is provided for general awareness and defense purposes only. This information also is not intended to be a complete description of the functionality or risks of the identified tools.
What is A Tagging Device?
These compact, commercially available tagging devices operate using the Bluetooth protocol to communicate. By beaconing out to other devices in its network, these tagging devices are able to provide a user with location data. Some common tagging devices we see today include the Apple AirTag and the Tile Sticker.
How Does it Work?
Communicating via Bluetooth, these tagging devices send a secure Bluetooth signal to devices within its network. This beaconing behavior allows for relatively granular location data to be reported back to the user. Though innocuous, these devices may be exploited. As CTO Dr. Brett Walkenhorst describes in the video to the right, there are some underlying issues with the Bluetooth protocol—such as its complexity, flat network structure, and authentication downgrading optionality—that make it easier for attackers to access “secure” Bluetooth communication, like the signals emitted by these tagging devices.
CTO Dr. Brett Walkenhorst shares some issues with the Bluetooth protocol that open the door for exploitation
How Can I Uncover a Tagging Device?
With robust wireless monitoring, you will be able to see any device transmitting in your space. Tagging devices, like the Apple AirTag and the Tile Sticker, work by beaconing out via Bluetooth. A wireless monitoring system like Bastille can detect Bluetooth devices both in their beaconing and connected states, thus allowing you to see a tagging device as soon as it enters your space.
What Can I Do to Defend Against This Threat?
Bastille recommends a few security best practices for this type of threat:
- Implement Wireless Monitoring in Your Space: Gaining visibility into the wireless activity within your space is key when trying to identify relatively innocuous devices such as these commercial tagging devices.
- Update and Enforce Your Security Policy: Establish and educate upon a corporate policy for all employees regarding these types of devices to help keep your space secure.
- Stay Up to Date: The landscape of wireless security is constantly evolving. In order to defend against these threats, you need to know what’s out there. Check out our recent webinar series on Bluetooth Vulnerabilities in which CTO Dr. Brett Walkenhorst dives into the Bluetooth protocol, in both part 1 and part 2.