Financial Institutions Must Preempt Potential Security Breaches Caused by Bluetooth-Enabled Devices

As the number of devices enabled with Bluetooth technology continues to proliferate, so do the risks to financial services institutions and other enterprises where data security is paramount. In the past, Bluetooth attacks were limited to short range devices, affecting primarily stand-alone mobile phones and personal digital assistants (PDAs). TowerGroup believes the next wave of attacks will focus on corporate local area networks (LANs) and will come through networked devices that leverage a Bluetooth network interface. The implementation of Bluetooth as both an embedded and peripheral capability in a host of consumer and enterprise-class devices has increased at a compound annual growth rate of 172 percent since 2002. A chart illustrating this can be viewed and downloaded at: http://www.towergroup.com/research/content/page.jsp?pageId=802. New research from TowerGroup underscores the need for financial services CIOs and IT managers to address Bluetooth-related security risks to protect vulnerable assets from intrusion via Bluetooth’s active radio transmitter, its coverage range, and its potential use across a diverse applications and implementation suite.

Unlike Wi-Fi, Bluetooth presents security risks that have not been considered by most financial institutions. This overall lack of awareness makes institutions vulnerable to possible threats to security associated with the adoption of Bluetooth’s networking capability and availability.

The new report by TowerGroup titled, “Bluetooth: Don’t Let a Cavity Infect Your Institutions,” by Bob Egan, research director for the Emerging Technologies practice at TowerGroup, explores Bluetooth vulnerabilities and recommends a plan of defense for financial service institutions.