Resilience and Vulnerability of Consumer Wireless Devices to Cyber Attacks

As consumer wireless devices, such as wearables, smartphones and Internet of Things devices become more and more intertwined in our everyday lives, the potential attack surface and the risks if such devices are compromised rise drastically. Specifically, most of these devices use wireless communicat...

Full description

Saved in:
Bibliographic Details
Main Authors: Paikens, Peteris, Nesenbergs, Krisjanis
Format: Conference Proceeding
Language:English
Subjects:
Bluetooth
Common Vulnerabilities and Exposures (CVE)
Communication system security
Internet of Things
Internet of Things (IoT)
Object recognition
Protocols
Security
vulnerabilities
wireless
Wireless communication
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:As consumer wireless devices, such as wearables, smartphones and Internet of Things devices become more and more intertwined in our everyday lives, the potential attack surface and the risks if such devices are compromised rise drastically. Specifically, most of these devices use wireless communication, which uses a broad range of protocols-such as Wi-Fi, Bluetooth and Bluetooth Low Energy-and mesh protocols, such as Zigbee. While Wi-Fi security and vulnerabilities are widely researched and known due to their existing impact on office computing security, the vulnerabilities in Bluetooth and other protocols have received limited attention in the IT security industry because they have historically been hard to monetize for financially motivated threat actors, but these vulnerabilities are still relevant in espionage and cyber conflict. As the prevalence of such devices grows and the costs of equipment such as software-defined radios fall, these vulnerabilities and the related preventive measures need to be better understood. In this paper we analyze these threats and provide a classification of vulnerabilities and relevant resilience approaches in consumer wireless devices, based on an analysis of the Common Vulnerabilities and Exposures (CVE) reports from 2023 in order to evaluate the risks posed by them to society both in peacetime and during conflicts with a cyber component.
ISSN:2325-5374
DOI:10.23919/CyCon62501.2024.10685620