FBI Warns of Keystroke Loggers Disguised as USB Phone Chargers

The FBI has warned private industry partners of highly stealthy keystroke loggers that find passwords and other input typed into wireless keyboards. Lane Thames, Software Development Engineer and Security Researcher at Tripwire commented on this news.

Lane Thames, Software Development Engineer and Security Researcher at Tripwire:

Lane-Thames“The Internet of Things (IoT) is exploding with many types of devices. Unfortunately, we don’t always know what a particular device is capable of doing. In this regard, physical security will need to evolve. Organizations who work with sensitive information will need to consider implementing a physical security policy. This policy will need to consider how to both vet and monitor devices that enter proximities where sensitive information is interacted with. There are a countless number of ways for miniature computing devices to enter our digital work zones along with a fast array of techniques these embedded systems can use to exfiltrate data within its sensory proximity. Looking for wireless signals is obviously a first choice, but other techniques making use of other sources such as thermal and acoustic signals exist too. As this portion of the industry evolves, industry standards for good physical security practices within the world of IoT will likely become common for even the smallest of organizations.”

Information Security Buzz