Blueborne Attack: Prevention Guide

TL;DR

Blueborne is a serious vulnerability affecting older Bluetooth implementations. It allows attackers to take control of your devices without pairing. The best defence is to keep your operating systems and software up-to-date, disable Bluetooth when not in use, and be cautious about connecting to unknown devices.

Understanding the Blueborne Attack

Blueborne (CVE-2017-10936) exploits weaknesses in the Bluetooth protocol stack. It affects a wide range of operating systems including Windows, Android, Linux, iOS and macOS. The attack doesn’t require pairing; an attacker can gain access to your device simply by being within Bluetooth range.

Prevention Steps

1. Update Your Operating System: This is the most important step. Software updates often include patches for vulnerabilities like Blueborne.
   • Windows: Go to Settings > Update & Security > Windows Update and check for updates.
   • Android: Go to Settings > System > System update and check for updates. The exact location may vary depending on your Android version and manufacturer.
   • iOS/macOS: Go to System Preferences > Software Update and check for updates.
   • Linux: Use your distribution’s package manager (e.g., apt update && apt upgrade for Debian/Ubuntu, yum update for CentOS/RHEL).
2. Disable Bluetooth When Not in Use: If you aren’t actively using Bluetooth, turn it off.
   • Windows: Settings > Devices > Bluetooth & other devices. Toggle the Bluetooth switch to Off.
   • Android: Quick Settings panel (swipe down from the top of the screen) and tap the Bluetooth icon to disable it. Alternatively, go to Settings > Connections > Bluetooth.
   • iOS/macOS: System Preferences > Bluetooth. Turn Bluetooth off.
3. Be Careful Connecting to Unknown Devices: Avoid pairing with devices you don’t recognise or trust.
   • When prompted to pair, verify the device’s name and PIN before accepting.
   • If a PIN doesn’t match what you expect, do not connect.
4. Check for Bluetooth Security Patches: Some manufacturers release specific security patches for Bluetooth vulnerabilities.
   • Visit your device manufacturer’s website to see if any additional updates are available.
5. Use a Firewall (Advanced): A firewall can help block malicious connections, including those attempting to exploit Bluetooth.
   • Windows: Windows Defender Firewall is enabled by default. Ensure it’s active and configured correctly. You can check this in Control Panel > System and Security > Windows Defender Firewall.
   • Linux: Use a firewall like iptables or ufw to block unwanted Bluetooth connections. For example, using ufw:

     sudo ufw enable
     sudo ufw default deny incoming
     sudo ufw allow out going
     

6. Consider a Cybersecurity Scan: Use a reputable cybersecurity scanner to check your device for vulnerabilities.
   • Many free and paid scanners are available online. Be sure to choose a trusted source.

Further Information

For more detailed information about Blueborne, you can refer to the following resources:

• US-CERT Advisory
• BlueBorne Vulnerability Details