Millions of us use Bluetooth wireless communications every day—to make phone calls when driving, with our fitness trackers, streaming at work or play. Innocent enough, seemingly. But no technology comes without a warning: a recently discovered Bluetooth vulnerability allows hackers to spy on your conversations or take control of your smart phone. The vulnerability deals with the encryption between two devices. It even has a name—a KNOB hack (Key Negotiation Of Bluetooth).
This is not the first time Bluetooth has been hacked and it likely won’t be the last. And this one has its limitations. To take advantage of the KNOB vulnerability the hacker has to be in close proximity of your phone. There is also currently no evidence that this vulnerability has been exploited maliciously.
Still, for the sake of cyber hygiene, take the following steps to protect yourself from a KNOB hack: • Install updates for your smart phone as they become available. • Remove devices paired with your phone that you no longer need or recognize. • Turn off Bluetooth when you are not using it.
iPhone users can manage Bluetooth from the Control Center or within Settings, including removing Bluetooth devices at the information icon under the “My Devices” section in the Bluetooth Setting. Android smart phones have similar capabilities.
For more suggestions for strengthening your IT security postures, see our article "Cyber Hygiene: It's a Real Thing".
HBK Risk Advisory Services can help you with your cyber hygiene. Call us at 330-758-8613 or email me at WHeaven@hbkcpa.com. As always, we’re happy to answer your questions and discuss your concerns.