Threat Category: Network Threats: Bluetooth
ID: LPN-7
Threat Description: BlueStumbling occurs when adversaries discover, locate, and/or identify users based on their Bluetooth device addresses.
Threat Origin
War Nibbling: Bluetooth Insecurity 1
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
To reduce opportunity for this attack, disable Bluetooth when that feature is not in use
To increase the complexity of this attack, consider the use of devices that support Bluetooth 4.0 and later. Bluetooth 4.0 allows for the address used by a device to change frequently, preventing persistent association of a given address with any user. See Security, Bluetooth Smart (Low Energy) 2
As pairing with an attacker-controlled device greatly increases the success of this attack, never authorize an unanticipated pairing request.
As interception of pairing messages facilitates this attack, when pairing devices, observe physical security, such as pairing devices in a secure location outside of which, the ability of an attacker to intercept Bluetooth messages is remote.
EnterpriseTo increase the complexity of this attack, consider the use of devices that support Bluetooth 4.0 and later. Bluetooth 4.0 allows for the address used by a device to change frequently, preventing persistent association of a given address with any user. See Security, Bluetooth Smart (Low Energy) 2
References
O. Whitehouse, War Nibbling: Bluetooth Insecurity, white paper, 2003; www.wardriving.ch/hpneu/blue/doku/atstake_war_nibbling.pdf [accessed 12/07/2016] ↩
Security, Bluetooth Smart (Low Energy), 2016; https://developer.bluetooth.org/TechnologyOverview/Pages/LE-Security.aspx [accessed 8/24/2016] ↩ ↩2