Is the bluetooth on your device on? You better turn that off! Yes, you read that right! Everything from our smart phones to our tv and to our computers are bluetooth-enabled and worst part being that bluetooth is active almost all the time in these devices because we rarely pay attention to it. Armis Labs unveiled an attack vector which can infect smartphones, laptops, tablets, TVs, watches, medical appliances and many more IoT devices. It is called ‘BlueBorne’, coined from the terms- bluetooth and airborne(spread through air). The company has also identified 8 zero-day vulnerabilities which this attack vector can exploit thus proving its massive potential impact.
What is BlueBorne?
BlueBorne is an attack virus that spreads through air and gets into a device via bluetooth and can then take full control of the device. The targeted device does not need to be paired to the attacker’s device or even to be set on discoverable mode. If your bluetooth is on and you are in vicinity of already infected device, then the attack virus will get easily transferred to your device without asking for any permission. Thus, it needs zero human interaction and no internet connection.
How Severe Is The Threat?
Bluetooth is the most widespread short-range communication protocol used by almost all devices. BlueBorne can fulfill any malicious objective such as cyber espionage, data theft or even a ransomware attack. It can also allow hackers to penetrate secure internal networks which are ‘air gapped’ meaning they are disconnected from any other network for protection thus endangering industrial systems, government agencies and critical infrastructure.
The market is now flooded with IoT and intelligent home devices. Taking into consideration the tasks these devices are assigned and the data they store, the security exploitation could be severe.
How The Attack Vector Works?
First, the attacker locates active bluetooth connections in his or her vicinity. Devices can even be identified with “discoverable” mode set to off. Next, the attacker obtains the device’s MAC address that identifies that specific device uniquely. Then, the attacker explores the device and determines which operating system his victim is using and adjusts his exploit accordingly. Finally, the hacker exploits a vulnerability of the bluetooth protocol and can choose to create a Man-in-The-Middle attack and control the device’s communication or take full control over the device and use it for many cybercriminal purposes.
Below are some demonstrations done by Armis Lab researchers with BlueBorne in action that demonstrate taking control of a device and making them do whatever the hacker wants.
- Android Phone
This video shows an attacker gaining access to a user’s phone, takes a picture using its camera and steals all the data from the device.
- Windows Computer
This video shows an attacker employing a “Man-in-The-Middle” attack to give a false login page prompting the user in order to steal his credentials.
- Linux Wearable Device
This video shows an attacker listening to sounds heard by a wearable device and then remotely restarting the device.
How To Be Safe?
There are two possible solutions that will effectively focus on this attack.
- The simplest way to protect our devices from being infected is to turn off the bluetooth connection if it’s not being used actively.
- The operating system on all your devices must always be up-to-date.
Note that security updates have already been released from most of manufacturers and OS developers. Android users can check their devices via BlueBorne Vulnerability Scanner App available on the Google Play Store. Present security measures like endpoint protection, firewalls, network security solution, data management are designed for IP based attacks not to identify these type of attacks. Hence, new solutions are required to address these through-the-air attacks.