Compass IT Compliance Blog

Bluetooth Security - What You Need to Know About the BlueBorne Attack

[fa icon="clock-o"] Sep 20, 2017 9:00:00 AM [fa icon="user"] Geoff Yeagley [fa icon="folder-open'] Cybersecurity

bluetooth-1690677_1280.png

Think about how much we use Bluetooth daily. Whether we are connecting our smartphones to a wireless speaker, to our car to make handsfree calls or to our Apple Watch, we use Bluetooth on a very frequent basis. In the world of Information Security, the more you use something and the more you integrate thr technology into your day to day routines, cybercriminals focus on ways to “hack” that technology so they can do what they do best: steal your information or compromise your information in some way.

Until recently, Bluetooth was “immune” from these types of attacks. But all good things must come to an end! Unfortunately, Bluetooth security is in the headlines after a recent exploit was identified and used by cybercriminals. This exploit takes advantage of the very nature of Bluetooth in that when it is turned on, it is always “listening” and looking for new connections. Dubbed BlueBorne, this method of hacking is very concerning for a variety of reasons:

  1. It is platform agnostic, meaning it doesn’t matter if you are running Android, Windows, or Linux. Any device that has Bluetooth running is at risk of attack.
  2. The user can be compromised without even knowing it. There is no need to click on a link, or download anything. The only thing that needs to happen is that a cybercriminal needs to be within 30 feet of you. That’s it. In the same library, in the same Starbucks, just 30 short feet away.
  3. The process is FAST. From the time the cybercriminal “connects” to you via Bluetooth, all it takes is about 10 seconds and they are in.
  4. If you are connected to another device via Bluetooth, that won’t matter for this attack, BlueBorne will still “work” and allow connection to your device. Yikes!

That’s the bad news. The good news is that there are things that you can do to minimize and in some cases, prevent this attack from taking place:

  • PATCH – Microsoft released a patch (CVE-2017-8628) recently. Google has released a patch to device manufacturers that should be rolling out to users in the near future and Linux should be rolling out a patch very soon. For Apple users, if you are using iOS 9 or lower, you should upgrade to the latest version of iOS as the exploit was patched starting in iOS 10 and later.
  • Turn Off Bluetooth – I know this is not a popular option, however, if there is not a patch that has been rolled out yet for your device (Android and Linux especially), you should turn your Bluetooth off. Remember, just by having your Bluetooth on and being within 30 feet of one of these cybercriminals for 10 seconds is all it takes to be compromised.

This is a very serious exploit that has been created and successfully exploited by hackers that you should take very seriously. In fact, if you want to take a look at how this attack works, check out the following link and scroll to the bottom where you can see for yourself just how the attack works on Android, Linux, and Windows: https://arstechnica.com/information-technology/2017/09/bluetooth-bugs-open-billions-of-devices-to-attacks-no-clicking-required/

This exploit is just another example of why organizations must have a vulnerability management program and patch management program in place. In fact, according to the Center for Internet Security and their Top 20 Critical Security Controls, Continuous Vulnerability Assessment and Remediation is one of the most critical controls an organization can implement to mitigate their risk related to Information Security. For more details on this control, as well as the other 19 controls, download a copy of our Critical Security Controls eBook today!

New Call-to-action

Subscribe to Email Updates