DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Software Design and Architecture
  3. Security
  4. BlueBorne Highlights the Risk of Airborne Security Attacks

BlueBorne Highlights the Risk of Airborne Security Attacks

As if IoT security wasn't complicated enough, a new vulnerability that effects BlueTooth enabled devices, BlueBorne has been discovered.

Cate Lawrence user avatar by
Cate Lawrence
CORE ·
Sep. 17, 17 · Analysis
Like (3)
Save
Tweet
Share
3.51K Views

Join the DZone community and get the full member experience.

Join For Free

Enterprise IoT security company Armis this week announced a set of vulnerabilities, dubbed BlueBorne, that impact any connected device using Bluetooth. Nearly all devices with Bluetooth capabilities, including smartphones, TVs, laptops, watches, smart TVs, and even some automobile audio systems, are vulnerable to this attack. If exploited, the vulnerabilities could enable an attacker to take over devices, spread malware, or establish a "man-in-the-middle" to gain access to critical data and networks without user interaction.

 Nearly all devices with Bluetooth capabilities, including smartphones, TVs, laptops, watches, smart TVs, and even some automobile audio systems, are vulnerable to this attack. If exploited, the vulnerabilities could enable an attacker to take over devices, spread malware, or establish a "man-in-the-middle" to gain access to critical data and networks without user interaction.

 I spoke to Yann Leretaille, Co-Founder of 1aim, a Full-Stack AI building platform to learn more about how the attack came about. He explained:

"BlueBorne demonstrates the security risks of insecure low-level stack implementation. These stacks are a standard implementation of common protocols such as USB, WiFi, and Bluetooth. They are highly complex and written in C, a low-level language that doesn’t take into account safety features like modern programming languages do. When a company wants to use one of these protocols in a product like wireless headphones or a USB keyboard, they are not writing the stacks from scratch, but typically licensing them from the chip manufacturer. There are billions of different devices at the moment running on the same stacks, which means that everything is vulnerable to the exact same attack, from your smart coffee machine to your wireless mouse.

Even if you wanted to write your own stack, it would be a monumental effort, as the Bluetooth specification manual, for instance, is thousands of pages long and must be followed to the T. Because companies are forced to rely on this insecure pre-packaged code, it is difficult to secure a system that is built on these stacks."

The Breach Cannot Be Detected by Anti-Virus Software

Airborne attacks are particularly problematic because current endpoint protection, mobile data management, firewalls, and network security solutions are not designed to identify these kinds of vulnerabilities and associated exploits. 

They can also allow hackers to penetrate secure internal networks which are “air gapped,” meaning they are disconnected from any other network for protection. This can endanger industrial systems, government agencies, and critical infrastructure.

What's the Solution?

Security companies are at work on security solutions specifically designed to discover, profile, and sanction devices on or off the corporate network, as well as identify the connections they make, including device-to-device connections. The vulnerabilities have been patched by Google, Microsoft, and the Linux community, but it’s important to note that it is difficult for operating systems on connected devices to be updated. 

Leretaille suggests that the problem needs to be addressed at a device management level:

"We need to rethink how we implement stacks. Because they are on such a low level, they fly beneath the radar. We need to introduce new paradigms and best practices, move to modern, safe system programming languages like Rust, and conduct more security audits. It is inevitable that modern stack implementations will have bugs. But we have to ensure that if they fail, they do not lead to the same damage that we are seeing today with BlueBorne."

Image title

Armis Labs has released an official vulnerability tester app on the Play Store specifically designed to scan your device and see if it is vulnerable. It can also scan and locate devices that could be vulnerable to the BlueBorne attack vector. Simply use the screen of your mobile device as a viewfinder to scan your device or locate connected devices in your environment. The viewfinder will alert you if this device could be a carrier to a BlueBorne attack.

security

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Memory Debugging: A Deep Level of Insight
  • Why It Is Important To Have an Ownership as a DevOps Engineer
  • Handling Virtual Threads
  • How to Use MQTT in Java

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: