Last month there was a troubling discovery of a major Bluetooth vulnerability that was exposed leaving many devices vulnerable. At the point of the vulnerability becoming public, computer operating systems had been patched almost a year prior and most phones had been updated for this months before the news came out. Most computers and phones were safe at the time the attack tactic was known.
Why was this so dangerous? This comes down to a couple factors.
1) This was discovered by a company called Armis labs whose job is to find vulnerability’s in systems. This was not found by the manufacturers of the operating systems and standards committees that monitor the Bluetooth protocol. This company put out a red flag and told them what was wrong and how to fix it before it became a big problem and the company’s patched the software that they could. Non-patchable devices like smart fridges and other appliances cannot be updated and are vulnerable to spread the virus to other devices. These will be left as a way into networks for savvy hackers.
2) It gave much control to attackers on multiple platforms and that it has been in Bluetooth protocol for years. This gave the attacker full control of the computer to install software on computer for logging data, infect the network through other software. On phones, they could access the data stored locally, take pictures and video through the phones camera, and listen in through the microphone.
So, what this tells us is to ALWAYS do updates on your computer and mobile devices as they become available. If you are with our management program we monitor and apply these for you. Sometimes this is inconvenient because of the timing, or because some of your apps might not work in the first few weeks of an update. But knowing what these updates protect you from makes them worth the hassle.