Long-Distance Bluetooth Low Energy Exploitation on a Wireless Attack Platform

In the past decade, embedded technology, known as the Internet of Things, has expanded for many uses. The smart home infrastructure has drastically grown to include networked refrigerators, lighting systems, speakers, watches, and more. This increase in the use of wireless protocols provides a larger attack surface for cyber actors than ever before. Wireless loT traffic is susceptible for sniffing by an attacker. The attack platform skypie is upgraded to incorporate Bluetooth Low Energy (BLE) beacon collection for pattern-of-life data, as well as device characteristic enumeration and potential characteristic modification. This platform allows an attacker to mount the skypie to a medium of her choice, such as a drone, and collect BLE beacons within proximity whilst the attacker controls the prototype remotely. It is determined that the attacker can collect BLE beacons from over a quarter of a mile away at an elevation of 3.05 meters and interact with the device for characteristic enumeration up to 350 meters at the same elevation, and collect BLE beacons just under a quarter of a mile at an elevation of 1 meter, and interact up to 200 meters.