It is nearly impossible to ascertain the number of active devices in the world that features Bluetooth connectivity. All these devices though are at risk, and the reason behind it is a Bluetooth flaw.
Security firm Armis has discovered a new method of attack, called ‘BlueBorne’, that potentially puts any Bluetooth-enabled device at risk. In other words, any wearable, audio headset, mobile or IoT device or computers running on Android, iOS, Windows, or Linux at risk. “The BlueBorne attack vector can potentially affect all devices with Bluetooth capabilities, estimated at over 8.2 billion devices today,” the firm said in a blog post. ALSO READ: How to turn any pair of wired headphones wireless
How does BlueBorne affect devices?
The security firm explains how using BlueBorne, hackers can attack and take control of any Bluetooth-connected device. This can be done over-the-air, or in other words, this device does not need to be paired with the attacker’s device.
The hacker scans for vulnerable devices that have Bluetooth on. Once identified, the hacker can take full control of a device without the user knowing about it. What’s worse though is that the security firm has classified this attack as ‘highly infectious’. In other words, the attack can spread to other devices that are connected via a Bluetooth network.
The method is quite reminiscent of how WannaCry created a havoc around the globe. The malware infected hundreds of thousands of computers even though the users never downloaded the virus. Armis researchers believe, BlueBorne could similarly create havoc at a massive scale. ALSO READ: Wearables market to grow 17% in 2017; smartwatches, Bluetooth headsets rise: Gartner
What can be done to be safe from BlueBorne?
There are a couple of ways one can remain safe from BlueBorne. For one, it is imperative that you turn off Bluetooth when not using it.
“Bluetooth attacks such as a recent set of attack vectors dubbed BlueBorne depend on the simple availability of the Bluetooth device as well as close physical proximity,” Vitaly Kamluk, Senior Antivirus Expert, Kaspersky Lab said. “Regardless of the security features on your device, the only way to completely prevent attackers from exploiting your device is to power off your device’s Bluetooth function when you’re not using it — not putting it into an invisible or undetectable mode, but completely turning it off.”
As mentioned, BlueBorne can potentially affect any device that runs on Google, Microsoft, and Apple’s operating systems. That said, Apple has clarified that any device running on iOS 10 or later are safe. Microsoft released a security patch back in July, while Google has released an Android security patch in early August. So it is imperative that users have the latest update installed on their devices. ALSO READ: Bluetooth 5 is here; comes with 2x speed, and 4x range compared to version 4.2