8 Bluetooth Remote Vulnerabilites Could Allow Outsiders to Takeover

Bluetooth zero day vulnerabilities recently discovered by Armis Labs leave connected car open to remote cyber-attacks.

Armis reported that eight Bluetooth-related vulnerabilities (four that are critical) affecting over 5 billion Android, Windows and Linux devices could allow attackers to take control of devices, access corporate data and networks, and easily spread malware to other devices.

The vulnerabilities, collectively named BlueBorne, can potentially be used to perform ransomware attacks on vehicles, or worse, take complete control over them. Attacks using this vulnerability can spread wirelessly and penetrate devices through their Bluetooth connections, without the need for pairing with the infected device.

These vulnerabilities are the most serious Bluetooth vulnerabilities identified to date. Previously identified flaws found in Bluetooth were primarily at the protocol level. These new vulnerabilities are at the implementation level, bypassing the various authentication mechanisms, and enabling a complete takeover of the target device.

These proximity-based network vulnerabilities could allow attackers to create broad malware infections that could spread from one infected device to many others by wirelessly connecting to other devices over Bluetooth. The device-to-device connectivity nature of Bluetooth means an airborne (or “BlueBorne”) attack could easily spread without any action required by a user.

Argus CyberSecurity reported that it can protect cars against these attacks. With more than 50,000 hours of automotive cyber security research, Argus has revealed a tremendous number of vulnerabilities in Bluetooth, WiFi, and cellular connections, in design vulnerabilities inherent in vehicle components, third-party dongles, and in software updates. With this extensive automotive cyber security knowledge, Argus designed and developed Argus Connectivity Protection to protect vehicles from cyber-attacks no matter how they penetrate the vehicle, including against vulnerabilities like the BlueBorne buffer overflow.

Argus Connectivity Protection includes multiple security modules to harden the target system, detect intrusions, and prevent malicious exploits of vehicle infotainment and telematics units.

“The BlueBorne discovery is just one more example of the vulnerability of connected cars to cyber threats. By integrating multiple layers of security, the automotive industry can protect vehicles and drivers from exploits and attack vectors like BlueBorne and others”, said Oron Lavi, Argus Co-Founder and VP of R&D. “While operating system (OS) hardening is critical, it is only one part of the Argus Connectivity Protection solution suite. To secure vehicles from cyber-attacks for the duration of their lifespan, our connectivity protection security modules build on advanced detection, prevention and mitigation techniques to work stand-alone and with Argus in-vehicle and cloud solutions to provide seamless, end-to-end protection.”

Argus provides the automotive industry multi-layered solutions that are market-ready and comply with existing standards and imminent US legislation on vehicle cyber security that mandates intrusion detection and prevention systems (IDPS).