A Flaw in the Bluetooth Device protocol leaves them vulnerable. The flaw impacts any device running the Bluetooth Low Energy, “BLE” protocol. BLE is a slimmed-down of the original Bluetooth Classic standard protocol to conserve battery power while maintaining Bluetooth connections over long periods.
The lightweight Bluetooth protocol is power-friendly and may spread like wildfire worldwide since you can find BLE protocol in just about everything.
While this is beneficial, it also comes at a cost. Any flaws found in such a widely used protocol are nightmares, both in terms of the aggregate risk they represent and in terms of trying to find a workable mitigation and remediation strategy. Unfortunately, that’s where we are now. At issue is the reconnection process that devices utilizing the BLE protocol go through. Reconnections occur any time a Bluetooth device moves out of range and then moves back into range later on.
What’s supposed to happen in those instances is that the two devices check each other’s cryptographic keys negotiated during the initial pairing process. The reality is that the authentication step during reconnection is optional rather than mandatory. It can circumvent if the user’s device fails to enforce the IoT device to authenticate the communicated data.
The lack of authorization makes it possible for a nearby attacker to bypass reconnection verification sending spoofed data to a device using the BLE protocol. Spoofed (erroneous) data leads to incorrect conclusions, and that can lead to big problems.
No Good Fix
There’s no good fix for this Bluetooth Low Energy flaw because there are billions of potentially impacted devices. Many IoT manufacturers don’t bother with security at all, so they’re doubtful to push a fix for the issue to the tools they make.
To be clear, this type of attack hasn’t been seen in the wild yet. It’ll just be a matter of time given the number of devices out there.
Stay vigilant. It’s your only defense in this case.
