To many devices through Bluetooth Low Energy vulnerabilities

NCC Group has proven that BLE devices are possible to be used from any location on the globe.

The Bluetooth Low Energy (BLE), receivers have a critical flaw that could allow cyber criminals access to personal devices such as smartphones and laptops. NCC Group, a cybersecurity company, has revealed how Bluetooth Low Energy (BLE) uses proximity to verify that the user is within close proximity of the device. This was possible to fake as part of the research. It could impact everyone, from consumers to businesses looking to lock their doors.

Must Read: https://www.installupdatenow.com/low-energy-vulnerabilities/

This is a problem that cannot be fixed or a mistake in Bluetooth specification. According to NCC Group, this exploit could impact millions of people as BLE-based proximity authentication wasn’t originally intended for critical systems like locking mechanisms in smart locks.

“What makes this so powerful is that we can convince Bluetooth devices that we’re near them–even hundreds of miles away-and that we can even do it even though the vendor has taken defensive mitigations such as encryption and latency binding to theoretically protect these communications against attackers at a distant,” stated Sultan Qasim Khan (Principal Security Consultant, Researcher at NCC Group). It takes only 10 seconds and these exploits are easily repeated indefinitely.

The Bluetooth exploit could be already affecting

The cybersecurity company says that products that rely on trusted BLE connections are vulnerable to attacks from any part of the world.

Never Miss: https://www.techallabout.com/workers-is-a-challenge/

NCC Group’s findings state that “by forwarding data at the link layer from the baseband, the hack gets beyond known relay attack protections including encrypted BLE communications because it circumvents the Bluetooth stack’s upper layers and the need for decryption.”

According to cybersecurity company, these Bluetooth systems can be used to lock vehicles and residences that use Bluetooth proximity authentication mechanisms. These mechanisms are easily broken with inexpensive off-the-shelf hardware. Khan proved the concept by proving that a link-layer relay attack can defeat existing BLE-based proximity authentication applications. It was discovered that this attack affected the following devices.

  • Cars equipped with an automotive keyless entry
  • Laptops equipped with Bluetooth proximity unlock
  • Mobile phones
  • Smart locks for residential use
  • Access control systems for buildings
  • Tracking of medical patients and assets

The Tesla Models 3 & Y are two of the vehicles that have been identified as being affected by this exploit.

Also Read: https://www.oursnetwork.com/progressive-web-application/

Khan said that this research “circumvents common countermeasures against remote adversarial vehicles unlocking, and changes how engineers and consumers need to think about security of Bluetooth Low Energy communication.” It’s not wise to trade security for convenience. We need better protections against such attacks.

There are ways to protect your assets from this flaw

NCC Group has three tips to help users avoid becoming the next victim of the BLE.

Manufacturers can reduce the risk by disabling proximity keys functionality when the user’s key fob or phone has been stationary for some time (based on the accelerometer).

Customers should have the option to provide a second factor of authentication or user presence attestation, so system makers can offer this option to them.

Most Popular: https://www.mobilephones-news.com/secure-coding/

Passive unlock functionality should be disabled in affected products. If Bluetooth is not required, users can disable Bluetooth on mobile devices.

Related Articles

Intelligent Energy Management: How AI is Revolutionizing Home Efficiency

Ever been floored by the shock of an electric bill that's through the roof? Or, have you had that nagging feeling you're not using...

Wimbledon tennis 2023 predictions

Novak Djokovic has completed half of a calendar-year Grand Slam after capturing both the Australian Open and French Open titles this year. Now he...

Five Reasons San Diego is the Best Place to Find Medical Device Companies

San Diego: How to Choose a Good Medical Device Company Are you looking to find a trusted Medical Device Companies in San Diego Keep reading...

What is the impact of tailor-made software on the healthcare industry?

What is the impact of tailor-made software on the healthcare industry? Today, many medical services, clinics, hospitals, and other organizations use custom-made software. They have...

Wireless networking has its advantages and disadvantages

Wireless networking has its advantages and disadvantages Wireless LANs have become very popular due to their cost efficiency, ease of integration and convenience. Most computers...

Introduction to Wireless Networking

Introduction to Wireless Networking Over the last few years, our planet has become more mobile. Our current lifestyle has made it difficult for the world's...

Artificial Intelligence Tools Applications

Applications for Artificial Intelligence Tools Artificial Intelligence Tools is a field within computer science that many scientists and researchers have long dreamed about. It refers...

Artificial Intelligence (Al), Benefits

Overviews Artificial Intelligence Artificial Intelligence (Al) is not limited to Science Fiction and Research Labs. It is now mainstream. According to PWC, it contributed $...

Are ASIC and GPU Mining Better?

ASIC mining is much more effective in comparison to GPU mining, which is a query which is often asked in the cryptocurrency mining. Both...
spot_imgspot_img

Social Pages

1,000FansLike
1,000FollowersFollow
1,000FollowersFollow

Subscribe ⇘

How to Make Calling Card Printing Effective

Before we talk about how to begin your own personal calling cards company, it's very important to comprehend how calling cards really work. Since...

Introduction to Wireless Networking

Introduction to Wireless Networking Over the last few years, our planet has become more mobile. Our current lifestyle has made it difficult for the world's...

An interesting trip to Cote D’ Azure

The cote D’ Azure, in English is often known as the French Rivera. It is often described as the Mediterranean coastline of the southern...

What is the impact of tailor-made software on the healthcare industry?

What is the impact of tailor-made software on the healthcare industry? Today, many medical services, clinics, hospitals, and other organizations use custom-made software. They have...

Benefits Of Future Technology

In this write up, the readers will get information on future technology and learn to what extent modern technology has been developed to assist...
error: Content is protected !!