At Promenade Software, we are seeing an explosion in the use of Bluetooth communications as a fundamental part of new medical devices. There are some wonderful advantages of Bluetooth; it allows manufacturers to incorporate powerful, inexpensive commercial devices (Android, iOS) as part of their devices, without wires and network worries.
The BLE (Bluetooth Low Energy) 5.0 specification presumably keeps communications secure. But recently, a serious vulnerability was disclosed. The vulnerability is called "Key Negotiation of Bluetooth" (KNOB). It exposes a weakness in the design which allows the encryption key length to be negotiated down to a point of worthlessness during the pairing process. This would allow for an attacker to quickly brute-force the key, breaching the security.
Just recently, a new class of vulnerabilities has been disclosed, called SweynTooth, named after Sweyn Forkbeard, the son of King Harald Bluetooth (after whom Bluetooth Technology was named). Sweyn revolted against his father, leading to Harald's exile and ultimate death. Sweyntooth describes implementation flaws in many highly-used certified BLE software stacks from major manufacturers including Cypress, TI, NXP, and STMicro. These affect almost all BLE devices in the field, including medical devices.
Blood Glucose readers, MRI machines, and inhalers are medical devices listed as affected so far, but more will be forthcoming. These security flaws are broad and can cause deadlock, crashes, unpredictable behavior, and security breaches in the devices if attacked. For medical devices, these security flaws can potentially cause harm.
Researchers attribute many of these flaws to inadequate specification of the edge cases, such as handling of partial packets, and inadequate testing in the certification process of the Bluetooth stack. Clearly, this will be addressed in time and some vendors have already issued new stack releases.
So what can you do to ensure the cybersecurity of your device when these vulnerabilities keep arising? At Promenade, we have a 3-prong approach to cybersecurity that we are happy to share:
1. A belt and suspenders or “Defense in Depth” strategy. We like to use application layer encryption as well as the BLE encryption when possible.
2. Monitor. Monitor for known vulnerabilities and for updates to the vendors’ libraries to make sure that any issues addressed are incorporated.
3. Upgrade support of all software and firmware including the BLE stack and that the images are properly authenticated.
Nothing can predict or prevent new vulnerabilities in connected products, but preventative actions can greatly reduce your exposure, and at least increase the sophistication required of the attacker. If you want more information regarding Bluetooth, click to read our Bluetooth Connectivity blog post or visit our blog homepage to learn more about how Promenade will help you identify the best approaches to your device's cybersecurity.