There are few things that connect so many devices at the same time like Bluetooth. However, when such an important standard is no longer safe, really bad things can happen in terms of security. Unfortunately, this is the case now with BlueBorne, a Bluetooth vulnerability that puts all connected devices in danger according to Armis Lab.
The unseen threat
The most dangerous aspect of this vulnerability is that users targeted by it often times do not know it. Users don’t have any kind of notification and there’s no indication that someone is actually using your phone’s Bluetooth connection. A victim’s smartphone or device doesn’t even have to be connected via Bluetooth with another one in order for the second one to fall as well. Attackers are able of taking control of nearby devices, or infect them with the same malware, spreading the corruption.
While other devices such as laptops might not always have Bluetooth turned on, most smartphone users turn their Bluetooth on and leave it that way out of convenience. This gives attackers the window of opportunity they need as having Bluetooth on is the only thing necessary for an attack to work via the new BlueBorne malware.
Many vulnerabilities yet to be found
The security team at Armis has made encouraging progress in tracking a handful of vulnerabilities already, but they claim there are still much more to be found. It would seem that every type of device which makes use of Bluetooth has the potential of being affected, meaning that vulnerabilities are present within all “eligible” devices. Nowadays, Bluetooth is so widespread and popular that most electronic devices have it. From smartphones to tablets and laptops, to computer dongles, smartwatches, and other gizmos, Bluetooth can be found everywhere.
It also means that security teams working to eradicate BlueBorne have to work that much harder as there is a lot of ground to be covered. Right now, it’s a matter of finding as many active vulnerabilities as possible before BlueBorne strikes again.
The tech industry’s response
As was expected, many of the tech giants that dominate the tech market have stated that patches will be released soon in order to fix vulnerabilities discovered (or yet to be discovered) within their products, so that their users might not end up having their gadgets exploited. The companies named by Armis Labs which have responded to the threats and communicated their intentions of launching patches are Google, Microsoft, Samsung, Apple and Linux.
RELATED STORIES TO CHECK OUT: