Nowadays, wireless connections link almost everything. Real time sensing and data collection monitor our roads, health, homes and everything in-between. For example, smart meters can link to smartphones to sense when you’ve left the house and turn the heating down, saving you money. Smart fridges have sensors and cameras to let you know what’s about to expire and what you’ve run out of, help create shopping lists which sync directly to your phone, read out recipes straight from the internet and more! The Internet of Things (IoT) is the term used for this interconnectivity of all our appliances. But with this increase in connectivity comes an increasing risk. Hackers have demonstrated just how easy it is to gain access to different things, from baby monitors to air conditioning. And although you might not have a smart fridge yet, even the device you’re reading this on may be vulnerable to attack in unexpected ways…
BlueBorne – The air-transmitted bug
So back at the beginning of September, Armis, a Californian cybersecurity company, announced their latest discovery. It is an exploit which allows cybercriminals rapid access to devices via air, and spreads just like an infectious airborne disease! BlueBorne attacks electronics through their Bluetooth connections, allowing access for hackers to carry out data theft, espionage and more. With bluetooth becoming the connection of choice for the IoT, this could create catastrophic consequences. But how exactly does BlueBorne work? What is the scale of the threat, and how can we stop it?
The Basics of Bluetooth
To understand how BlueBorne transmits, we first need to understand how Bluetooth actually works. Bluetooth is a form of short-range wireless connection. It requires devices to be within a certain distance of each other (usually about 30 ft) and have RF transceivers (a radiofrequency transmitter/receiver all rolled into one!)
These transceivers transmit/receive signals over the same range of frequencies as normal Wi-Fi, or microwaves, via a Speed Frequency Hopping method. The device remains on a particular channel for a few hundred microseconds, before hopping to the next one (out of 79 possible channels), changing frequencies around 1600 times a second to minimise radio interference. The hopping pattern adapts to avoid frequencies used by interfering devices.
A typical piconet | Pixabay
Bluetooth can typically connect up to eight devices, with one master and up to seven active slaves synchronized in a piconet. The master device emits signals to a particular slave, which responds and synchronizes their hop frequency to the master clock. Devices which are shared between multiple piconets create scatternets. These networks can fall into different categories of network topology, connecting a whole huge bundle of stuff. If you want to know more about the different types of network topologies, check out the Bluetooth website.
*FUN FACT! Bluetooth was named after King Harald Gormsson, who united the kingdoms of Denmark and Norway, just as Bluetooth would unite the computer and phone industries. The king had a dark blue/grey dead tooth, earning him the ‘Bluetooth’ nickname! Anyway, back to the tech…
So what exactly is BlueBorne?
The computational code that makes Bluetooth work is highly complex, due to the vast number of different devices of different ages and functionalities that it connects. This complexity means mistakes in the code are often hard to spot. The guys over at Armis spotted one such weakness which can be exploited within Bluetooth.
BlueBorne is an attack vector through which hackers can gain access to our electronic systems. By typing out a few lines of code, the company found they could gain complete control of different devices. BlueBorne doesn’t require the target to be paired or even discoverable via Bluetooth – just in the right vicinity. And once the hackers have access to one device, BlueBorne can transmit to other neighbouring devices, just like an infectious disease in humans. This enables espionage, data theft, ransomware uploads and a whole host of other nasty activity. Just take a look at the slightly terrifying info video that Armis made.
Putting it in perspective
Patches are already being made to help protect from Blueborne, so if your phone has had the latest updates, you’re probably safe for now. However, it is an important example of how greater connectivity and convenience may be coming at the cost of security. And although vulnerabilities like this may be simple to fix, the complexity of computational code means mistakes are often hard to spot. So mistakes like this are fine now, once they’ve been seen and acted upon, but what about all the potential exploits still unnoticed by cybersecurity experts? And if the IoT keeps expanding to different devices with specific functionalities, how can we make sure the connections that link everything are made in a simple and secure way?
Cybersecurity is getting more sophisticated, but hackers are too. It’s a constant cat-and-mouse game as to who gets to the vulnerabilities first. The increasing span of the IoT means it’s just a matter of time before more vulnerabilities become apparent. I guess we’ll just have to keep our fingers crossed for the experts to keep us safe. But still, you might want to turn off your Bluetooth when you’re not using it!
Liked this article? Sign up to follow us on Twitter or by email for our next little strand of science!
Feeling inspired? Pitch us your science story and we might just let you write a guest blog!
Want to know more about cybersecurity?