Connectivity has become as much a part of society and everyday living as same-day deliveries and WhatsApp calling. So much so that most people do not think twice before joining a free Wi-Fi network or switching on Bluetooth in the car. These are everyday conveniences that connect people to cars, music, shopping, taxis, and each other, but they also connect cybercriminals to bank accounts, systems and devices. The overlooked risks of Wi-Fi, Bluetooth and smart devices can turn convenience into compromise very quickly.
In 2025, cheap Bluetooth chips used in a wide variety of devices, from mobile phones to medical equipment, were shipped with undocumented commands in the chips themselves. These commands introduced a vulnerability across all devices that used them, potentially opening a backdoor into their systems. It is not the only Bluetooth issue on the market either; the BlueSDK used in millions of modern vehicles allows attackers to execute remote code. Translated, it means hackers could gain access to systems and remotely control a person’s car.
The technology itself is designed to be as convenient and accessible as possible. It is also very easy to hack. Most forms of Bluetooth compromise tend to be from man-in-the-middle (MITM) attacks, BlueBorn attacks, device impersonation, human error and the exploitation of outdated Bluetooth protocols. The technology can misfire, even without criminal intent.
Calls can swap cars, music can stop playing in one and start in another, and these are the most innocuous examples. George Mason University USENIX Security Symposium 2025 published research on the nRootTag Bluetooth location-tracking vulnerability, showing how the technology could be weaponised for mass device tracking. Imagine hackers knowing where you live, having access to your smart home, or following your activities on your device?
Best practice for Bluetooth, despite its convenience, is to switch it off when it is not in use. The same goes for public Wi-Fi. Free connectivity is supposed to be a benefit, but it has become more of a lure. If you scan for networks and connect to, for example, a Wi-Fi network with a similar name to the café you’re sitting in, without verifying the address with the store manager, you could be connecting to a criminal’s laptop instead.
They are providing a free, accessible connection using a 3G card while quietly running a sniffer that monitors everything you do, from passwords to banking transactions. It ishe classic free bandwidth trap, which can have a devastating impact.
These sniffers, which are essentially network security tools, can intercept and analyse data travelling across a network. They are very useful for cybersecurity teams, as they play a pivotal role in identifying potential malicious data theft, but they are also widely used by cybercriminals to obtain the data they want. According to the World Economic Forum Cybersecurity Outlook 2025, free and public Wi-Fi locations are among the riskiest for credential and data theft incidents using sniffers for MITM and session hijacking.
These risks are growing for people using smart devices or building smart homes. Cameras, doorbells, and IoT devices are meant to enhance security, but when misconfigured or poorly secured, they can create the opposite. There have been multiple incidents in which camera manufacturers experienced hosting outages or platform flaws, allowing users to access video feeds from cameras belonging to other customers. One of the most well-known is the Wyze camera glitch, where a third-party caching error during the restoration of AWS services led to a mix-up across user and device authentication. Approximately 13 000 users got thumbnails of other people’s cameras.
These incidents highlight how something as simple as a design flaw or an unexpected vulnerability can have potentially damaging consequences. They also underscore the importance of being aware. Of recognising where the risks lie and understanding how to manage them proactively, not just after something has gone wrong. For both Bluetooth and Wi-Fi, the best practice is to turn these options off on your devices when not in use. Always verify Wi-Fi networks directly with a company or staff before connecting, so you know you are not sitting on a false network, and add a privacy screen to both your phone and your laptop so you do not have people shoulder-surfing while you work.
Finally, check your devices – all of them – to ensure they are correctly configured, updated and that any cloud storage solutions you use have strong security practices.
The lesson is simple. Convenience without control is a security risk. The same tools that make life easier also create vulnerabilities because people rarely realise how much management they actually need. The smallest habits, toggling a switch, covering a lens, questioning a network name, can make the difference between staying connected and being compromised.
For more information contact Richard Frost, Armata, richard.frost@armata.co.za, www.armata.co.za
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version