BlueBorne Attack Vector Impacts Billions of Devices: Top 3 Measures to Defend Against This Attack.

WHAT IS A BLUEBORNE ATTACK?

BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to penetrate and take complete control over targeted devices. BlueBorne affects ordinary computers, mobile phones, and the expanding realm of IoT devices. The attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode. Security researchers at Armis Labs have identified eight zero-day vulnerabilities so far, which indicate the existence and potential of the attack vector. The BlueBorne attack vector can be used to conduct a large range of offenses, including remote code execution as well as Man-in-The-Middle attacks.

Dem​o: BlueBorne Attack Explained Credit: Armis Labs

​HOW WIDE IS THE BLUEBORNE THREAT?

The threat posed by the BlueBorne attack vector can potentially affect all devices with Bluetooth capabilities, estimated at over 5.3 billion devices today. Bluetooth is the leading and most widespread protocol for short-range communications, and is used by devices of all kinds, from regular computers and mobile devices to IoT devices such as TVs, watches, cars, and even medical appliances. The latest research reports show more than 2 billion Android, 2 billion Windows, and 1 billion Apple devices in use. Gartner reports that there are 8 billions connected or IoT devices in the world today, many of which have Bluetooth.

WHAT DEVICES ARE AFFECTED?
​
Billions of devices including laptops, mobile phones, tables, wearables and computer systems are impacted.
Android:
All Android phones, tablets, and wearables (except those using only Bluetooth Low Energy) of all versions are affected by four vulnerabilities found in the Android operating system, two of which allow remote code execution (CVE-2017-0781 and CVE-2017-0782), one results in information leak (CVE-2017-0785) and the last allows an attacker to perform a Man-in-The-Middle attack (CVE-2017-0783).
Windows:
All Windows computers since Windows Vista are affected by the “Bluetooth Pineapple” vulnerability, which allows an attacker to perform a Man-in-The-Middle attack (CVE-2017-8628).
Linux:
Linux is the underlying operating system for a wide range of devices. The most commercial, and consumer-oriented platform based on Linux is the Tizen OS.

• All Linux devices running BlueZ are affected by the information leak vulnerability (CVE-2017-1000250).
• All Linux devices from version 3.3-rc1 (released in October 2011) are affected by the remote code execution vulnerability (CVE-2017-1000251)

iOS:
All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected by the remote code execution vulnerability (CVE-2017-14315). This vulnerability was already mitigated by Apple in iOS 10, so no new patch is needed to mitigate it. We recommend you upgrade to the latest iOS or tvOS available.

WHAT ARE THE SECURITY MEASURES TO DEFEND AGAINST BLUEBORNE ATTACK?

Our security research team recommends following counter measures to defend against such attacks:

• Disable Bluetooth Connections wherever possible and do not use in public places such as banks, cafes, airports etc.
• Install the available security updates and hotfixes. Many vendors including Google, Apple, Microsoft, Redhat have released patches and security updates to protect their Operating System Stack for further exploitation against BlueBorne attacks.
• Leverage proactive security monitoring and integration with SIEM and threat intelligence to detect and respond to remote code execution and system exploitation.

To find out more how we can help your business achieve a strong security posture and defend against advanced threats, arrange a free consultation today. To book a consultation fill up the information at Contact Us webpage, email us at info@ashcosystems.com or speak to a representative at +442084271131.