Researchers find new IoT security risk: Bluetooth spoofing

Cybersecurity researchers are constantly releasing information on zero-day exploits, new malware strains and other cyberattack methods to help protect consumers and enterprises from malicious activity. These security alerts and research papers provide essential context for the evolving threat landscape, allowing business leaders to constantly improve their cybersecurity practices. To stay one step ahead of cyber criminals, IT administrators must carefully assess their networking environments and integrate new protections to ward off data breaches, exploitation and reputational damages.

IoT and remote access vulnerabilities
As the internet of things continues to expand, companies have had to readjust their cybersecurity policies to strengthen remote access pathways. As noted by the National Institute of Standards and Technology, remote access technologies allow users to interact with non-public networks and computing resources from locations outside company-run facilities. While this functionality does offer a new level of convenience, it also comes with a higher degree of risk, as most remote access client devices have weaker protections than standard client devices.

One of the latest cyber attack methods aimed at IoT devices is bluetooth spoofing, which takes advantage of a connectivity flaw to bypass key authentication methods. The vulnerability, known as the BLE Spoofing Attacks flaw, was first identified by researchers at Purdue University and has since become a major focus point for companies across industry lines.

The BLESA flaw primarily impacts the reconnection process for devices that have Bluetooth functionality. Devices connected to a private network can sometimes lose their pairing or drop out of range. Once they're back online, they automatically reconnect to the network without having to go through the typical authentication processes for new devices.

Every unsecured endpoint with BLE functionality can act as a launching ground for cyber attacks.

This gap can be exploited by cybercriminals, who send spoofed data to the IoT devices to force them to carry out unauthorized tasks. For example, the environmental sensors found at modern manufacturing plants periodically connect to internal servers to transmit data they've collected before switching back to a default monitoring mode. During this process, cybercriminals can pair with BLE-enabled devices to obtain their properties and key attributes.

According to Purdue researchers, BLE is particularly prone to exploitation because:

• The BLE protocol was designed to allow any device to connect with other BLE devices
• BLE advertising packets are always transmitted in plain text
• Many organizations make reconnection authentication optional

Following the release of their findings, the Purdue researchers contacted Apple and Google about the BLESA vulnerabilities. Apple categorized the exploit (under CVE-2020-9770) and released a hotfix back in June 2020, but Android devices are still considered vulnerable.

Mitigating exploits on devices and networks
New device- and network-level exploits are constantly being identified and remedied, leaving companies at a bit of a disadvantage. It often takes weeks, even months, for researchers to locate and understand IoT vulnerabilities before tech companies can put out a fix. The BLESA flaw is just one example of a Bluetooth exploit that reached headlines in recent months. According to Threat Post, researchers at the École Polytechnique Fédérale de Lausanne found another exploit, named the "BLURtooth flaw,"which allows hackers within wireless range to bypass authentication keys, making it much easier to snoop on device activity and traffic.

The best way to protect against these and other IoT vulnerabilities is to create secure, reliable networking infrastructures adapted to the needs and limitations of internet-connected devices. Perle offers industrial-grade networking tools that help organizations protect key assets in their computing environments. Our LTE Routers can connect industrial remote data logging and sensing equipment to securely process IoT data at the edge, thereby reducing an organization's attack surface.

To learn more, read some of our customers' success stories.