From headsets, to speakers – Bluetooth technology has become an integral part our devices, and our everyday lives. Since it allows users to exchange data wirelessly, Bluetooth technology is widely popular, and has been implemented into billions of devices. Therefore, the discovery of BlueBorne, a vulnerability found in some Bluetooth technology, which cybercriminals can use to infect these popular devices, is not exactly music to our ears.
In fact, there are four zero-day BlueBorne vulnerabilities that have been found in the Bluetooth implementations used by over 5.3 billion devices. These vulnerabilities endanger major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them. The BlueBorne name itself is indication of how the attack works, as it spread through the air (airborne) and attacks devices via Bluetooth.
So what exactly do these vulnerabilities permit cybercriminals to do? Specifically, they allow attackers to take over devices and execute malicious code, or run man-in-the-middle attacks and potentially intercept data shared via Bluetooth communications. What’s more — the vulnerabilities can be made into a self-spreading Bluetooth worm.
Therefore, it’s important users everywhere start thinking about protection. First and foremost, you should check and see if your personal devices will be impacted by these vulnerabilities. And if your devices are included in those listed, be sure to follow these additional security tips:
- Turn Bluetooth off unless you have to use it. Affected software providers have been notified of these vulnerabilities and are working on fixing them as we speak. But in the meantime, it’s crucial you turn off your Bluetooth unless you absolutely must use it. To do this on iOS devices, simply go to your “Settings”, select “Bluetooth” and toggle it from on to off. On Android devices, open the “Settings” app and the app will display a “Bluetooth” toggle button under the “Wireless and networks” subheading that you can use to enable and disable the feature.
- Update your software immediately. It’s an important security rule of thumb: always update your software whenever an update is available, as security patches are usually included with each new version. Regarding the BlueBorne vulnerabilities specifically — all iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected, but the issue was patched in iOS 10. Microsoft has also stated they patched the vulnerabilities back in July. However, if you’re not an iOS or Windows user, fear not – security patches for additional providers are on their way.
- Install comprehensive security. After you’ve updated your devices with the latest software, be sure to install comprehensive security. A solution like McAfee LiveSafe can ensure your devices are protected from cybercriminals wishing to leverage the BlueBorne vulnerabilities in order to steal your personal data.
And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.