BlueBorne is a hybrid Trojan-Worm malware that spreads via Bluetooth. Because it includes worm-like properties, any infected system is also a potential carrier, and will actively search for vulnerable hosts. Unfortunately, vulnerable hosts can include any Bluetooth-enabled device, including Android, iOS, Mac OSX, and Windows systems.
The implications of this threat vector are far-reaching because Bluetooth is one of the most widely deployed and used connectivity protocols in the world. Everything from electronic appliances to smartphones uses it, as do a growing number of IoT devices, including smart TVs, smart car gadgets and even home security systems.
“Tackling the BlueBorne exploit is challenging because Bluetooth is not a communications protocol that is monitored and inspected by most network security tools. Therefore, traditional security devices such as intrusion detection systems will most likely not be able to detect BlueBorne attacks,” said David Maciejak, Director of Security Research, Fortinet. “Since this technology has not really been a focus for security researchers, it is highly likely that we will see an increase in attackers looking to exploit Bluetooth implementations in the future.”
To protect yourself and your
Bluetooth-enabled devices, you need to immediately do three things:
·
Disable Bluetooth on your devices unless it is absolutely needed. If you
turn it on, then turn it off as soon as you are done using it.
·
Identify the devices you own or that are attached to your network.
Closely monitor those manufacturers for Bluetooth updates.
·
Patch systems as soon as updates become available. Apple iOS was patched
in 2016 with an iOS 10 release. Microsoft issued a patch for Windows this July.
And Google is reportedly now working on distributing a patch.
The
BlueBorne malware works by scanning for Bluetooth-enabled devices and then
probing them to see if they have relevant vulnerabilities.
“Once
a target is identified, the hack takes less than 10 seconds, and targeted
devices don't even need to accept an incoming connection in order to be
compromised,” warned Maciejak. “Once a device has been compromised, attackers
are able to run arbitrary commands on the device and even access and
potentially steal data. The attack also immediately begins to seek out and
spread to other vulnerable Bluetooth-enabled targets.”
Post a Comment