6
min reading time
In parallel with the explosive development of digitalization and online work, worrisome statistics regarding cyberattacks are expanding yearly. The outbreak of the pandemic in 2020 significantly increased the wireless security risk and contributed even more to the success of cybercriminals, as many companies had to switch to the home office or hybrid work model almost overnight without any preparation.
Cybercriminals use increasingly advanced methods and sophisticated solutions to find security gaps and vulnerabilities in a variety of ways. The widely used wireless devices and the sensitive data shared through these products provide a large potential area for malicious attacks. Jabra recognized this problem and was the first in the world to obtain Common Criteria certification for two types of wireless headset devices.
In our article below, we introduce the potential cyber dangers wireless devices - including headsets - are exposed to, as well as the benefits that Common Criteria evaluation and certification can bring to manufacturers of such products.
The ever-increasing number of cyberattacks worldwide poses a huge challenge to all sectors. “Cyberattacks increased by 42% in the first half of 2022 compared to the same period in 2021.” “Approximately 15 million data records were exposed globally due to data breaches in the third quarter of 2022. This amount has climbed by 37 percent compared to the previous quarter.”- just to mention some of the latest statistics.
Today, cybercriminals have extremely advanced and diverse technology with which they can easily uncover security gaps and vulnerabilities. Systems and IT products that are not properly secured can easily fall victim to a malicious attack. Wireless devices are no exception.
Wireless devices connected to the network via Bluetooth or other technology make our life and work easier in countless ways. Unprotected and cybersecurity-untested devices, however, represent a significant potential source of danger for users.
The COVID-19 pandemic has multiplied the number of hybrid and remote workplace models. As a result, online work has grown enormously. A significant part of corporate processes has moved into the digital space, including managing finances and sharing confidential company data. According to this, securing the communication channels as well as the devices used, (including wireless devices such as headsets and microphones) are critical when installing the proper cybersecurity infrastructure.
The most common attacks of Bluetooth devices:
Wireless headphones are in daily use in homes and workplaces but are often overlooked when it comes to cybersecurity. The most common potential risks of headphones and headphone software include:
The Common Criteria for Information Technology Security Evaluation (ISO 15408) is a framework of globally recognized and scalable cybersecurity certification standards. A Common Criteria (CC) certification assures that an IT product or system was defined, implemented, and evaluated in a rigorous, standard, and repeatable manner at a level appropriate for the intended environment. All CCRA member nations recognize Common Criteria certificates which currently means 31 countries.
Although Common Criteria certification is not mandatory for wireless devices; it provides the manufacturer with a significant advantage over its competitors in addition to making the product more secure.
The Danish company Jabra - which specializes in audio equipment and more recently video conferencing systems-, exploited this opportunity when it got its headphones evaluated against the Common Criteria standards this year.
The spread and frequent use of wireless headphones and headsets become a huge risk for business owners, employees, and consumers during business or private talks where critical information and data are transmitted. Jabra addresses these difficulties head-on with its ASD-certified DECT Engage devices, giving a secure solution for any company or IT department to deploy into places where conversations are sensitive and require deeper security.
In August 2022, Jabra's Engage 65 and Engage 75 DECT wireless headphones got successfully certified by the Australian Certification Authority (ACA) of the Australian Signal Directorate (ASD).
The devices were evaluated and certified at the Evaluation Assurance Level (EAL) 2 by the Australian government's Common Criteria Evaluation and Certification Program. With this, Jabra’s products are the first (and at the moment only) secure headsets on the Common Criteria's Certified Products List.
With the increase in cyber attacks, there is a clear growth in the demand for proven secure systems and devices both from the reseller and end-user side. In other words, those manufacturers who cannot prove the security of their products will certainly remain at a disadvantage against their competitors in the future.
With the drastic increase in digitalization and online work, the risks, possible security gaps, and vulnerabilities of wireless devices (particularly headsets and speaker phones) have come to the fore.
Obtaining Common Criteria certification, therefore, is recommended for manufacturers, who want to maintain or even increase the trust of their customers as well as gain a significant competitive advantage in the market, while also making their wireless devices more secure.
At CCLab, we are prepared to support you throughout the entire process using our extensive experience and industry-leading agile process in Common Criteria evaluations. Besides the assessment, we offer consultation services to assist you to plan for the project so that you may avoid delays and excessive costs throughout the Common Criteria certification process.
Reach out to us regarding your Common Criteria evaluation project and let's discuss the details.
Learn everything you need to know for a successful Common Criteria certification project. Save costs and effort with your checklist.
Download our ETSI EN 303 635 infographics today and learn about the product certification process for this consumer IoT device cybersecurity standard.
Read and learn more about the Radio Equipment Directive (RED), download our free material now.
As cyber threats become more sophisticated, businesses are compelled to implement rigorous protection strategies to stay compliant and secureCertification labs, like CCLab, play a crucial role in supporting businesses with expert testing, assessment and comprehensive compliance services, and specialized training. These labs offer services ranging from security audits to penetration testing, ensuring businesses remain resilient against evolving cyber threats while meeting regulatory standards. This article explores the indispensable role of certification labs, highlighting how they enhance cybersecurity, ensure compliance, and support a safer digital landscape.
9
min reading time
This year, CCLab sponsored the opening reception of the International Common Criteria Conference (ICCC) in Qatar. Like in previous years, CCLab experts were present during the event meeting the most important stakeholders of Common Criteria. The ICCC is a highly prestigious professional event now in its 23rd year. It provides opportunities for networking and various forums to discuss CC policy and development. It is aimed at participants involved in the specification, development, evaluation, certification, and validation of IT security products and systems.
5
min reading time
In an era where digital threats grow in complexity and frequency, cybersecurity is no longer a secondary consideration but an essential part of manufacturing operations. Compliance with security standards offers manufacturers a structured approach to managing the growing risks of digital threats and securely handling sensitive data. Compliance also helps companies meet industry regulations, protect intellectual property, and avoid potentially devastating financial losses.
8
min reading time