Gajus - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How does MouseJack attack wireless mouse security?

MouseJack, a wireless mouse and keyboard security flaw, allows attackers to type malicious commands. Expert Nick Lewis explains how enterprises can prevent these attacks.

Wireless mouse security has come under some scrutiny thanks to new findings from security firm Bastille, which...

discovered a collection of security vulnerabilities in wireless mice and keyboards the company has dubbed MouseJack. What are these vulnerabilities, and what should users and enterprises know about wireless peripheral security?

Wireless connections and networks are an area of concern for enterprises, but the actual risk has remained low because of the fragmented usage and limited range. Attacks have ranged from attacks on satellite communications to a myriad of attacks on 802.11-based wireless. For enterprises targeted by APTs or state-sponsored attackers, the risk from wireless connections is significantly higher. For most other enterprises, the MouseJack vulnerabilities are low risk, but could still be exploited for targeted attacks on high value individuals.

The MouseJack vulnerability exists in the proprietary communications protocol between a wireless mouse or keyboard and the host computer it is connected to through a dongle of some sort. To no one's surprise, it turns out the devices don't uniformly use encryption, and some do not implement encryption correctly. This allows an attacker within a short distance to disrupt the communication and send arbitrary commands to the targeted system. Bastille developed an exploit to demonstrate that a MouseJack attacker could type malicious commands or send false mouse clicks.

Some vulnerable devices can be patched by installing new firmware on the device. Enterprises may want to use devices with firmware that can be updated. Some of the devices identified by Bastille cannot be updated and will be vulnerable to MouseJack for the entire life of the device, thus requiring replacement. Wireless devices with firmware that can be updated give enterprises an option to patch the devices rather than replacing them. High value targets in enterprises may not want to use wireless mice or keyboards given the risk, or only use them in relatively secure locations. The high value users are probably at much higher risk for spear phishing, but this risk shouldn't be overlooked.

Next Steps

Find out how to trace state-sponsored attacks on mobile devices

Learn how to defend your enterprise against evil twin access point attacks

Discover how to secure your enterprise's wireless security

This was last published in July 2016

Dig Deeper on Wireless network security