WHAT IS A BLUEBORNE ATTACK?
BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to penetrate and take complete control over targeted devices. BlueBorne affects ordinary computers, mobile phones, and the expanding realm of IoT devices. The attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode. Security researchers at Armis Labs have identified eight zero-day vulnerabilities so far, which indicate the existence and potential of the attack vector. The BlueBorne attack vector can be used to conduct a large range of offenses, including remote code execution as well as Man-in-The-Middle attacks.
Demo: BlueBorne Attack Explained Credit: Armis Labs
HOW WIDE IS THE BLUEBORNE THREAT?
The threat posed by the BlueBorne attack vector can potentially affect all devices with Bluetooth capabilities, estimated at over 5.3 billion devices today. Bluetooth is the leading and most widespread protocol for short-range communications, and is used by devices of all kinds, from regular computers and mobile devices to IoT devices such as TVs, watches, cars, and even medical appliances. The latest research reports show more than 2 billion Android, 2 billion Windows, and 1 billion Apple devices in use. Gartner reports that there are 8 billions connected or IoT devices in the world today, many of which have Bluetooth.
WHAT DEVICES ARE AFFECTED?
Billions of devices including laptops, mobile phones, tables, wearables and computer systems are impacted.
All Android phones, tablets, and wearables (except those using only Bluetooth Low Energy) of all versions are affected by four vulnerabilities found in the Android operating system, two of which allow remote code execution (CVE-2017-0781 and CVE-2017-0782), one results in information leak (CVE-2017-0785) and the last allows an attacker to perform a Man-in-The-Middle attack (CVE-2017-0783).
All Windows computers since Windows Vista are affected by the “Bluetooth Pineapple” vulnerability, which allows an attacker to perform a Man-in-The-Middle attack (CVE-2017-8628).
Linux is the underlying operating system for a wide range of devices. The most commercial, and consumer-oriented platform based on Linux is the Tizen OS.
All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected by the remote code execution vulnerability (CVE-2017-14315). This vulnerability was already mitigated by Apple in iOS 10, so no new patch is needed to mitigate it. We recommend you upgrade to the latest iOS or tvOS available.
WHAT ARE THE SECURITY MEASURES TO DEFEND AGAINST BLUEBORNE ATTACK?
Our security research team recommends following counter measures to defend against such attacks:
To find out more how we can help your business achieve a strong security posture and defend against advanced threats, arrange a free consultation today. To book a consultation fill up the information at Contact Us webpage, email us at firstname.lastname@example.org or speak to a representative at +442084271131.