Don’t Hack So Close to Me: Is there a Proximity Effect in Cybersecurity?
The term “Proximity Effect” can mean different things to different people.
In terms of microphones, some mics exhibit a “proximity effect” causing an increase in bass as you move physically closer to the microphone. It’s not that it just gets louder, the deeper frequencies are amplified more than the high frequencies are. A good example of this is the Shure RE20 microphone which has been the personal favorite of live radio DJs, since it makes their voices sound deeper.
In other circles, “the proximity effect” is a social psychology theory proposed by Leon Festinger, which is that physical and/or psychological closeness between individuals increases interpersonal attraction.
What about cybersecurity? Is there a proximity effect to potential cyber-attacks and data breaches?
Let us explore the hypothesis: there IS a proximity effect. In this case, we would be saying your risk of a cyber-attack increases the closer in proximity you are to others. The first evidence or datapoint towards this hypothesis, as of writing, is the recent Android Bluetooth vulnerabilities.
Bluetooth range is technically about 100m, but it’s much less for most devices, which lose connection around 25 feet; and it is depending on other devices competing for the same band and/or the power of the broadcast signal. The only thing closer than Bluetooth in terms of vulnerability is someone gaining physical access your phone.
In these cases, there is a lower risk the further you are away from other people, and a higher risk every time you go “out into the world.” Bluetooth attacks and physical theft thus exhibit a form of a proximity effect: the closer you are, or the more often you encounter the attacker, the higher the risk.
Let’s add some more distance from our proposed attacker to the system being hacked: the next ring of vulnerability to test the proximity effect theory is Wi-fi. We are talking Starbucks, hotels and rest areas. Yes, rest areas. Imagine you are driving at night, and you need to book a hotel room, so you pull into a rest area to use your phone app and reserve a room. You have a bad connection but notice a free Wi-Fi. Meanwhile, a hacker has setup a fake Wi-Fi network and misled people to join by naming it, “Rest Area 26 Free Wi-Fi.” The hacker then passes the network traffic through, but scans for credit cards, logins, etc.
Most people are not willing to give up the convenience of Bluetooth, and honestly, most don’t need to. Bluetooth attacks are still pretty rare but staying off unknown Wi-Fi is a good rule of thumb for anyone.
That being said, it’s good to know the vulnerabilities of Bluetooth and Wi-Fi, and how to disable them in higher risk areas. For instance, if you are in a crowded subway or airport or bus station, you may want to turn them off.
Preventing Attackers over Bluetooth and Wi-Fi
You can beef up your corporate Wi-Fi security by adding MFA requirements like mobile phone app authenticators or hardware tokens. This helps to prevent the attack vector described in the following scenario: person goes to Starbucks to get out of their apartment and works there for a few hours. They need to leave quickly for an emergency, and when they get home, they realize they left their laptop on the table at Starbucks. What’s worse, they had a little post-it note with their login and password somewhere on the device.
Their laptop might still be susceptible to theft and hacking, but the network logins will not work, unless the bad actor can trick the user into approving an MFA request.
Preventing Attackers over LAN
As we add more and more distance between the user and the attacker, we move outside the ranges of Bluetooth and Wi-Fi, and onto the wired LAN. A Cat-X ethernet connection is good for about 330 feet between switches and devices. That makes the LAN attack surface area about the size of a hospital. While hospitals have decent security, there are also a lot of visitors, who bring computers with them.
Suppose a hospital visitor decides one day to plug their laptop into a hospital network outlet. Perhaps they just need to check email, but they may also be a budding cybercriminal, who can mimic the medial devices in the room and gain network access by hijacking IP addresses or MAC addresses.
This is why it is important to disable and unpatch all unused network jacks and close any unused ports on switches. It’s always better to plan for a bad actor than to not do so and be caught off guard.
The more space, the better
Mobile phones are often used as WiFi hotspots while traveling, also known as tethering. Using a personal mobile phone or secure hotspot, instead of a coffee shop or hotel WiFi, increases digital separation between users and attackers.
In summary, the closer you are to your attacker, the more likely you will undergo a cyberattack. Moreover, the potential impact of a cyberattack is much worse when the attacker is within the building. As more and more space is placed between the user and the attacker, we are increasingly more secure.
However, there is a silver lining here. Most cyber attackers don’t want to attack people that they know. They are people too and they don’t actually want to hurt or steal from people they know or have a relationship with.
So, maybe the proximity effect of cybersecurity is also tied to the social psychology and empathy, but in any case, remain vigilant and be cautious of what you connect and expose your devices to.