Last term I had the opportunity to create a presentation on any cybersecurity issue of my choosing. I chose “BrakTooth“, a recent BlueTooth vulnerability discovered by security researchers in Singapore.
This vulnerability allows an attack to levy Denial of Service against nearly any bluetooth enabled device using packets which cannot be ignored without a patch which would have been created subsequent to the announcement of the vulnerability. While most mobile phones have likely been patched, many other devices will likely never be patched. These include speakers, headphones, computer mice and keyboards, and IoT devices such as this bluetooth enabled door lock.
In my presentation, I likened the BrakTooth vulnerability to those found in the fictional world presented in the GameBoy Advance title, “MegaMan: Battle Network.” In this game (and its sequels), many devices are connected to “the Net”, and mal-actors use viruses to attack society at large by exploiting such devices. Plot-lines include fires started by ovens, house floods started by dishwashers, and every door in a hospital being locked.
As a child, I played these games believing that these dangers of technology were well understood, and that adults would not connect devices to the internet which could be hacked to cause harm to people. I was incredibly incorrect.
If you’ve read this far, I would urge you to thoroughly consider any purchase of a “smart device”. Specifically, I urge you to think through the implications of the network connectivity of devices being hijacked by someone who wishes you harm, and whether the convenience of such a device warrants the vulnerability inherent in any network connection.