More and more devices are being added into the Internet of Things network every day, both in organizations and homes. (Read: Why and How to Secure IoT Devices) From personal assistants like Amazon Echo and Google Home to televisions and Smart Lockers — IoT devices come in all shapes and sizes. They are as diverse on the software side as they are on the hardware side because of a lack of standardization in the manufacturing process. Since most of them are Bluetooth enabled (with many not having an option to turn it off), new types of attacks that exploit air-gapped networks are on the rise. B
What is BlueBorne?
Armis Labs has identified BlueBorne, an airborne attack vector which spreads using Bluetooth to compromise major operating systems such as Windows, Linux, Android, iOS and the devices using them. Highly contagious and powerful, this vector first penetrates a device and then spreads laterally.
How bad is it?
Pretty bad, actually. What makes BlueBorne terrifying is that it literally uses air as a medium to spread. No WiFi, no Internet, no clicks or downloads — all that the attacker needs is a vulnerable device with Bluetooth switched on. This highly infectious vector needs no action from the user for taking complete control of one device and then spreading through the network. The ubiquitousness of Bluetooth enabled devices combined with the lack of research on their vulnerabilities has put a large amount of enterprise data, industrial systems, and sensitive government information at risk. The problem is further exacerbated by the fact that Bluetooth functions generally enjoy a high priority, making it very convenient for hackers to unleash a wide range of offenses without being detected.
What can be done?
For starters, ensuring that Bluetooth is turned off when not in use and updating your devices regularly can help mitigate the threat. Major companies such as Microsoft, Apple, and Google have released updates and patches that are BlueBorne safe.
Traditional security solutions are not designed to look for airborne attacks, as they focus on blocking attacks that spread using IP connections instead. Therefore, more research is needed to identify and patch these vulnerabilities before launching a thorough IoT network.