Using a Bluetooth-enabled device? You might want to check if you're leaving the Bluetooth connection turned on. Regardless if it's a laptop, smartphone or any Internet of Things (IoT) device, they may be vulnerable to malware attacks that can remotely hijack them—without requiring user interaction.
IoT security firm Armis detailed what they've named “BlueBorne,” a set of vulnerabilities in the implementation of Bluetooth in various operating systems (OS): Android, Linux, iOS, and Windows. If successfully exploited, they can enable attackers to remotely hijack the device. The security flaws can also let attackers jump from one Bluetooth-enabled device to another. Exploiting BlueBorne could allow an attacker to execute malicious code, steal data, and carry out Man-in-the-Middle attacks.
BlueBorne is a bevy of the following vulnerabilities:
The security researchers who uncovered BlueBorne estimate that 5.3 billion devices with Bluetooth capabilities are affected. Bluetooth, a specification for wireless connection, is used almost everywhere—it’s integrated into over 8.2 billion devices that stream multimedia content, transmit data, and broadcast information between electronic devices.
BlueBorne demonstrates airborne cyberattacks. An attacker can sniff, intercept or redirect the traffic between Bluetooth-enabled devices to access their data, for instance. Armis explained in their analysis, “By probing the device, the attacker can determine which operating system his victim is using, and adjust his exploit accordingly. The attacker will then exploit a vulnerability in the implementation of the Bluetooth protocol in the relevant platform and gain the access he needs to act on his malicious objective.”
However, certain conditions have to be met before these vulnerabilities can be exploited:
Several patches are available addressing the vulnerabilities. Microsoft has released one for CVE-2017-8628 as part of their September Patch Tuesday. Google also addressed CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, and CVE-2017-0785 through their Android Security Bulletin for September. iOS 9.3.5 and AppleTV devices with version 7.2.2 and lower are affected—released in August and December 2016, respectively—but those running iOS 10 are immune from CVE-2017-14315. Updates are now underway for the flaws identified in Linux.
Patching and keeping the OS updated help mitigate attacks that may weaponize these vulnerabilities. Adopt best practices for mobile safety. Enforce more robust patch management policies in the workplace. If you haven’t patched your device yet, it won’t hurt to turn Bluetooth off by default and use it only when needed. Note that apart from Nexus and Pixel, updates on Android devices are fragmented, so users need to check with their manufacturer for their availability.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.