To many devices through Bluetooth Low Energy vulnerabilities

NCC Group has proven that BLE devices are possible to be used from any location on the globe.

The Bluetooth Low Energy (BLE), receivers have a critical flaw that could allow cyber criminals access to personal devices such as smartphones and laptops. NCC Group, a cybersecurity company, has revealed how Bluetooth Low Energy (BLE) uses proximity to verify that the user is within close proximity of the device. This was possible to fake as part of the research. It could impact everyone, from consumers to businesses looking to lock their doors.

Must Read:

This is a problem that cannot be fixed or a mistake in Bluetooth specification. According to NCC Group, this exploit could impact millions of people as BLE-based proximity authentication wasn’t originally intended for critical systems like locking mechanisms in smart locks.

“What makes this so powerful is that we can convince Bluetooth devices that we’re near them–even hundreds of miles away-and that we can even do it even though the vendor has taken defensive mitigations such as encryption and latency binding to theoretically protect these communications against attackers at a distant,” stated Sultan Qasim Khan (Principal Security Consultant, Researcher at NCC Group). It takes only 10 seconds and these exploits are easily repeated indefinitely.

The Bluetooth exploit could be already affecting

The cybersecurity company says that products that rely on trusted BLE connections are vulnerable to attacks from any part of the world.

Never Miss:

NCC Group’s findings state that “by forwarding data at the link layer from the baseband, the hack gets beyond known relay attack protections including encrypted BLE communications because it circumvents the Bluetooth stack’s upper layers and the need for decryption.”

According to cybersecurity company, these Bluetooth systems can be used to lock vehicles and residences that use Bluetooth proximity authentication mechanisms. These mechanisms are easily broken with inexpensive off-the-shelf hardware. Khan proved the concept by proving that a link-layer relay attack can defeat existing BLE-based proximity authentication applications. It was discovered that this attack affected the following devices.

  • Cars equipped with an automotive keyless entry
  • Laptops equipped with Bluetooth proximity unlock
  • Mobile phones
  • Smart locks for residential use
  • Access control systems for buildings
  • Tracking of medical patients and assets

The Tesla Models 3 & Y are two of the vehicles that have been identified as being affected by this exploit.

Also Read:

Khan said that this research “circumvents common countermeasures against remote adversarial vehicles unlocking, and changes how engineers and consumers need to think about security of Bluetooth Low Energy communication.” It’s not wise to trade security for convenience. We need better protections against such attacks.

There are ways to protect your assets from this flaw

NCC Group has three tips to help users avoid becoming the next victim of the BLE.

Manufacturers can reduce the risk by disabling proximity keys functionality when the user’s key fob or phone has been stationary for some time (based on the accelerometer).

Customers should have the option to provide a second factor of authentication or user presence attestation, so system makers can offer this option to them.

Most Popular:

Passive unlock functionality should be disabled in affected products. If Bluetooth is not required, users can disable Bluetooth on mobile devices.

Related Articles

Five Reasons San Diego is the Best Place to Find Medical Device Companies

San Diego: How to Choose a Good Medical Device Company Are you looking to find a trusted Medical Device Companies in San Diego Keep reading...

What is the impact of tailor-made software on the healthcare industry?

What is the impact of tailor-made software on the healthcare industry? Today, many medical services, clinics, hospitals, and other organizations use custom-made software. They have...

Wireless networking has its advantages and disadvantages

Wireless networking has its advantages and disadvantages Wireless LANs have become very popular due to their cost efficiency, ease of integration and convenience. Most computers...

Introduction to Wireless Networking

Introduction to Wireless Networking Over the last few years, our planet has become more mobile. Our current lifestyle has made it difficult for the world's...

Artificial Intelligence Tools Applications

Applications for Artificial Intelligence Tools Artificial Intelligence Tools is a field within computer science that many scientists and researchers have long dreamed about. It refers...

Artificial Intelligence (Al), Benefits

Overviews Artificial Intelligence Artificial Intelligence (Al) is not limited to Science Fiction and Research Labs. It is now mainstream. According to PWC, it contributed $...

Are ASIC and GPU Mining Better?

ASIC mining is much more effective in comparison to GPU mining, which is a query which is often asked in the cryptocurrency mining. Both...

These PowerPoint tricks are easy to master

To make your presentation preparations easier and your slideshows more impressive, we have compiled some PowerPoint tricks! Screenshots easily captured Click the Screenshot icon on the...

How to Install a Window AC Unit

Although they may look intimidating, installing window air conditioner units is easy. You can enjoy cooler temperatures with a little bit of knowledge and...

Social Pages


Subscribe ⇘

How does a converter function?

The converter carries a primary of ceramics riddled. The location model coated with pulverised catalysts which contain materials appreciate atomic number 46 Rehabilitation and...

Valorant Boosting Your Rank has Many Benefits

Valorant boosting offers many benefits to its users. One of the many benefits of valorant boosting is its effectiveness. The reputable professional valorant boosting firms can...

Major Areas of Study at Tennessee Technology Center at Nashville

Tennessee Technology Centre at Nashville is one of the 26 technology centers established in the year 1963. The technology center excels in offering technical...

Sonic Crackers

Gameplay Sonic and Tails are joined by a boxing resistance bands made of Sonic Crackers rings in the game. This idea would become Knuckles' Chaotix...

How to use VBA for the start and end of Microsoft Word documents

VBA is a very simple way to navigate a Microsoft Word document. However, it is not intuitive. Must Read: all about cisco routers Visual Basic for...
error: Content is protected !!