Gajus - Fotolia
Wireless mouse security has come under some scrutiny thanks to new findings from security firm Bastille, which discovered a collection of security vulnerabilities in wireless mice and keyboards the company has dubbed MouseJack. What are these vulnerabilities, and what should users and enterprises know about wireless peripheral security?
Wireless connections and networks are an area of concern for enterprises, but the actual risk has remained low because of the fragmented usage and limited range. Attacks have ranged from attacks on satellite communications to a myriad of attacks on 802.11-based wireless. For enterprises targeted by APTs or state-sponsored attackers, the risk from wireless connections is significantly higher. For most other enterprises, the MouseJack vulnerabilities are low risk, but could still be exploited for targeted attacks on high value individuals.
The MouseJack vulnerability exists in the proprietary communications protocol between a wireless mouse or keyboard and the host computer it is connected to through a dongle of some sort. To no one's surprise, it turns out the devices don't uniformly use encryption, and some do not implement encryption correctly. This allows an attacker within a short distance to disrupt the communication and send arbitrary commands to the targeted system. Bastille developed an exploit to demonstrate that a MouseJack attacker could type malicious commands or send false mouse clicks.
Some vulnerable devices can be patched by installing new firmware on the device. Enterprises may want to use devices with firmware that can be updated. Some of the devices identified by Bastille cannot be updated and will be vulnerable to MouseJack for the entire life of the device, thus requiring replacement. Wireless devices with firmware that can be updated give enterprises an option to patch the devices rather than replacing them. High value targets in enterprises may not want to use wireless mice or keyboards given the risk, or only use them in relatively secure locations. The high value users are probably at much higher risk for spear phishing, but this risk shouldn't be overlooked.
Find out how to trace state-sponsored attacks on mobile devices
Learn how to defend your enterprise against evil twin access point attacks
Discover how to secure your enterprise's wireless security
Dig Deeper on Wireless network security
Related Q&A from Nick Lewis
Cisco Talos' Thanatos ransomware decryptor can recover files affected by new ransomware that won't decrypt ransomed files even when a ransom has been... Continue Reading
A phishing campaign targeting Trezor wallets may have poisoned DNS or hijacked BGP to gain access. Learn how the attack worked and how to mitigate it... Continue Reading
Okta researchers found a bypass that allows macOS malware to pose as signed Apple files. Discover how this is possible and how to mitigate this ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.