Breaking Compliance News Blog

HIPAA Security Alert: BlueBorne - Bluetooth Vulnerability

Posted by Scott Gima on 9/13/17, 4:19 PM

bluetooth.jpg

Armis Labs, an Internet of Things (IoT) security company, has publicly revealed a new Bluetooth vulnerability called “BlueBorne.” This vulnerability allows hackers to take complete control over Bluetooth enabled devices. This vulnerability affects all devices with Bluetooth capabilities including smartphones, laptops, smart watches, and TVs. Google, Microsoft and Linux will be releasing patches. Apple devices have been patched since the roll out of iOS 10 in September 2016. According to Armis, there are approximately 2 billion Android and Linux devices that cannot be patched.

Since its inception in 1982, Bluetooth has been plagued with security issues and this latest flaw is further proof of the security risks with Bluetooth. Remember that exploitation of any this and any Bluetooth vulnerability requires proximity to the device, depending on whether the device is indoors or outdoors.

What you can do

When conducting a HIPAA security risk analysis, make sure an inventory of Bluetooth capable devices is covered. Patch all devices and if that is not possible, the best defense is to turn off Bluetooth.

stg photosig aug 2017.jpg

HIPAA on a budget:  Get HIPAA compliant with MPA's  HIPAA Tool Kit

 

 

Topics: HIPAA

    Privacy Policy           Terms of Use