Researchers from Bastille Security* have discovered vulnerabilities in wireless keyboards and mice in which hackers could target from 100 meters away. The vulnerabilities are found in the dongles because they accept unencrypted packets. Researchers were able send a fake mouse packet to inject keystrokes into a computer without the encryption key. Researchers believe that many non-bluetooth devices may be at risk.
[su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire :
“We’re often so focused on network-based attacks that we forget these peripheral devices provide input to our computers as well. That wireless keyboard is another potential vector for attack. This type of attack is unlikely to be used for large scale compromise. It’s suitable for a targeted attack against an individual.
The more successful we are at detecting the more standard, network-based attacks, the more we push the attackers to alternative methods. It’s a positive to see researchers leading the way instead of criminals.”[/su_note][su_box title=”About Tripwire” style=”noise” box_color=”#336588″]
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.