Content

JetBlue flight evacuated after photo of suicide vest sent to crew, passengers via AirDrop

A Tampa-bound JetBlue flight waiting for takeoff at Newark Airport was evacuated after members of the crew and some passengers received a photo of a suicide vest via Apple’s AirDrop.

Although the source of the photo is unknown, someone nearby – potentially a passenger, according to a report in the New York Daily News - would have had to share the disturbing picture through the Bluetooth technology.

“In the case of this JetBlue instance, there’s no real way to trace a Bluetooth MAC address to an individual or their device unless you were to confiscate all the devices from the passengers on the flight,” said Richard Gold, head of security engineering at Digital Shadows. “Even then, it’s unlikely you’d be able to figure the originating MAC address without forensically examining the devices which received the pictures.”

Gold said the issue is a well-known “one that rears its ugly head from time to time,” noting “a number of reports of people abusing the AirDrop feature on iOS devices that uses Bluetooth technology to send unwanted photos of various natures to unsuspecting receivers” ever since Apple first introduced in 2011.

“The root of the attribution issue is that MAC addresses are not assigned like IP addresses,” said Gold. “This would be like attributing an issue to certain piece of equipment based on its serial number.”

Chris Morales, head of security analytics at Vectra, said “the problem isn’t that Bluetooth is hard to trace. It's that everyone leaves Bluetooth on by default and it is a simple protocol to connect to and is designed for sharing information.”

Morales, who admits he used to “walk around with my laptop scanning for exposed Bluetooth listening devices and could send commands to the owner,” said “the easiest way to not receive things over Bluetooth is to require a pin for connectivity or to just turn it off.”

That’s something Apple has provided for, said Gold. “iOS users can limit who can AirDrop images to them to their contacts,” he said. “Users should also always be careful about which pairings they accept.”

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]
It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds