News has broken that Armis has identified a new airborne cyber threat, “BlueBorne,” that exposes almost every device to remote attack.
Eight Bluetooth-related vulnerabilities (four that are critical) affecting over 5 billion Android, Windows and Linux devices could allow attackers to take control of devices, access corporate data and networks, and easily spread malware to other devices
Armis, the enterprise IoT security company, today announced the discovery of a set of zero-day Bluetooth-related vulnerabilities affecting billions of devices in use today dubbed, “BlueBorne.”
Nearly all devices with Bluetooth capabilities, including smartphones, TVs, laptops, watches, smart TVs, and even some automobile audio systems, are vulnerable to this attack. If exploited, the vulnerabilities could enable an attacker to take over devices, spread malware, or establish a “man-in-the-middle” to gain access to critical data and networks without user interaction. IT security experts commented below.
Mark James, Security Specialist at ESET:
In this case Bluetooth is the technology in question. This is found on virtually all our modern day devices in one form or another. We don’t know if attacks exist using this exploit yet, but something this widespread could cause serious problems if not fixed soon. The big vendors will act quickly to get patches out to ensure their users are protected and safe, but the real problems are the millions of devices that don’t get updates or are unable to be updated at all.
In theory, to be safe on these devices, Bluetooth needs to be disabled until a patch is applied and if no patch is on the horizon then you should seriously consider replacing that device with one that is being patched or actively maintained.”
Jackson Shaw at One Identity:
Lamar Bailey, Senior Director of security Research and Development at Tripwire:
“Bluetooth is everywhere from your laptop to your front door lock. The vulnerabilities in Blueborne are very wide spread and patches will be coming out for months. Bluetooth should be treated like any open port if you do no need it then turn it off. That may not always be easy with Bluetooth keyboards and mice/trackpads but in situations where non-employees are within 40 feet of systems, like banks at teller windows, it is best to use wired input devices and not reply on Bluetooth.
This is especially scary for IoT devices. Many of the vendors will not have patches either because they do not now they are vulnerable, will not know how to patch the issue, or will consider the products out of support and just release new versions. Consumers should look at the devices they won and contact the vendors to see if they are vulnerable. The larger well-established vendors should be putting out information in their support section and contacting registered customers.”
Gaurav Banga, Founder and CEO at Balbix:
Kevin Bocek, Chief Security Strategist at Venafi:
Businesses though have an easy solution to mitigate the vulnerability and attacks: make sure every web, desktop and mobile application has a unique machine identity that they maintain constant intelligence and control over. That way if something like BlueBourne drives users in the direction of something malicious they’ll be alerted or stopped and hence the threat is mitigated. BlueBourne is just one more reason why gaining control over machine identities now is so critical and urgent.?