Critical Bluetooth flaw opens millions of devices to eavesdropping attacks
19 August, 2019, 16:43
An attacker would simply need to be within Bluetooth range of the target devices to launch the KNOB attack.
A flaw in many Bluetooth chips made millions of devices vulnerable to an attack that can intercept data.
A joint paper by researchers at Oxford University, Singapore University of Technology and Design and the Helmholtz Centre for Information Security (Cispa) called the issue "a serious threat to the security and privacy of all Bluetooth users". The weakness affects the Bluetooth firmware and the researchers tested their attack on a wide variety of chips from Broadcom, Intel, Apple, and Qualcomm, among others, all of which were vulnerable. According to the report put out by the researchers, KNOB allows bad actors to interfere with the Bluetooth pairing process. Hackers could potentially trick two Bluetooth devices into establishing a connection with a weak and short encryption key. As a result, the attacker completely breaks Bluetooth BR/EDR security without being detected. The security flaw was disclosed back in November 2018 with the Bluetooth Special Interest Group (Bluetooth SIG) and it's documented as CVE-2019-9506. Then, hackers could simply try each encryption key of that length until they find one that lets them extract all the data the devices send back and forth.
For years, Bluetooth connections had stood out for their effectiveness and security, something they could boast, until today.
For individual users, the attack as described by the researchers would be invisible and the best defense at this point is to turn off Bluetooth on affected devices. "In addition, the Bluetooth SIG strongly recommends that product developers update existing solutions to enforce a minimum encryption key length of 7 octets for BR/EDR connections". The new specification will be tested via the Bluetooth Qualification Program.
To fix the Bluetooth Vulnerability, tech giants like Microsoft and Apple have already released patches for their devices to keep their data safe from attackers. The solution recommended by the agency is that manufacturers implement a minimum encryption key length, which would be hard to break. Therefore, you are urged to update all of your Bluetooth enabled devices to the latest software version available at the moment of writing.