The Bluetooth honeypot project

Bluetooth technology and the inherent security risks it introduces into the workplace can no longer be disregarded. A failure to understand or adequately safeguard the organization from Bluetooth threats increases the likelihood that unauthorized access to sensitive data will occur. The result is a loss of revenue from data theft, loss of business due to a poor reputation, litigation costs, and regulatory fines. While it may seem sufficient to prohibit Bluetooth technology on company owned equipment, the reality is that Bluetooth enabled devices will still be employed on employees´ personal devices and vehicles. To thwart these potential vulnerabilities, security administrators must be proactive in the development and implementation of methodologies that address Bluetooth enabled technologies. As a practical approach to monitor Bluetooth threats, the employment of a Bluetooth honeypot will be discussed, including honeypot structure and the legalities of deploying them. Building on Andrew Smith´s earlier work developing Bluepot, a functional Bluetooth honeypot, [1], researchers will test Bluepot and make recommendations on how it can be used as a prototype for developing a functional Bluetooth honeypot to secure corporate data.