Imagine a remote smartphone takeover that can happen with neither party being connected to the internet.
Blueborne, a Bluetooth vulnerability revealed by security firm Armis Labs, makes that possible. It is an attack vector that leverages Bluetooth connections to infiltrate and gain complete control over targeted devices. All platforms that have implemented the technology are affected, including Android, iOS (pre-version 10), Windows and Linux systems. Due to various vendor interpretations of Bluetooth implementation, the threat potential is different on each platform.
In short, someone with a computer that has a Bluetooth connection can type a few lines in a terminal and connect to your device. Permission protections and application security are easily bypassed here because the attacker acts as you, the fully authorized user on the device.
For more information and demos on how this attack works, visit https://www.armis.com/blueborne/
How can a seemingly simple, short-range pairing technology be a vector for such havoc?
There are a couple of things to consider here. First, the Bluetooth process takes high privilege in any system on which it runs. This effectively provides full control over the target device during an attack. Second, an attack of this nature is truly airborne, making it undiscoverable, unpreventable and more contagious. It is easily able to defeat traditional network security methods. These characteristics push the threat beyond the consumer base. Blueborne’s ability to beat the “airgapped” network puts larger enterprises, industries and government agencies at risk. Lastly, the researchers at Armis note that Bluetooth technology is recently much less explored by the research community than WiFi, and is therefore a more vulnerable technology.
What You Can Do To Protect Yourself
- Keep your software up to date on mobile devices. The most recent version of iOS is not affected by this vulnerability. Android users can verify they have the 9/9/2017 Security Patch Level on their devices. Armis also released a “BlueBorne Vulnerability Scanner” app for Android users that can be found in the Google Play Store.
- Turn Bluetooth off whenever you are not using it. The attack can be executed even if the device is “not discoverable.” If Bluetooth is enabled, your device is constantly searching for connections even outside of its paired partner history.
- Put a lock screen on your phone. One caveat of the exploit is that it cannot bypass a lock screen. The screen will also light up as an indicator that the attack is occurring.
- Stay up to date on new information regarding BlueBorne and other security vulnerabilities. There is a haven of reputable cybersecurity sources on the web, many of which you can embed into your social media newsfeeds. The resources to learn are out there; it just takes curiosity and vigilance to discover and use them.
Sources: https://www.armis.com/blueborne/, https://www.androidcentral.com/lets-talk-about-blueborne-latest-bluetooth-vulnerability