Wireless mouse security has come under some scrutiny thanks to new findings from security firm Bastille, which...
discovered a collection of security vulnerabilities in wireless mice and keyboards the company has dubbed MouseJack. What are these vulnerabilities, and what should users and enterprises know about wireless peripheral security?
Wireless connections and networks are an area of concern for enterprises, but the actual risk has remained low because of the fragmented usage and limited range. Attacks have ranged from attacks on satellite communications to a myriad of attacks on 802.11-based wireless. For enterprises targeted by APTs or state-sponsored attackers, the risk from wireless connections is significantly higher. For most other enterprises, the MouseJack vulnerabilities are low risk, but could still be exploited for targeted attacks on high value individuals.
The MouseJack vulnerability exists in the proprietary communications protocol between a wireless mouse or keyboard and the host computer it is connected to through a dongle of some sort. To no one's surprise, it turns out the devices don't uniformly use encryption, and some do not implement encryption correctly. This allows an attacker within a short distance to disrupt the communication and send arbitrary commands to the targeted system. Bastille developed an exploit to demonstrate that a MouseJack attacker could type malicious commands or send false mouse clicks.
Some vulnerable devices can be patched by installing new firmware on the device. Enterprises may want to use devices with firmware that can be updated. Some of the devices identified by Bastille cannot be updated and will be vulnerable to MouseJack for the entire life of the device, thus requiring replacement. Wireless devices with firmware that can be updated give enterprises an option to patch the devices rather than replacing them. High value targets in enterprises may not want to use wireless mice or keyboards given the risk, or only use them in relatively secure locations. The high value users are probably at much higher risk for spear phishing, but this risk shouldn't be overlooked.
Find out how to trace state-sponsored attacks on mobile devices
Learn how to defend your enterprise against evil twin access point attacks
Discover how to secure your enterprise's wireless security
Dig Deeper on Wireless network security
Related Q&A from Nick Lewis
Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading
Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these ... Continue Reading