Wireless mouse security has come under some scrutiny thanks to new findings from security firm Bastille, which...
discovered a collection of security vulnerabilities in wireless mice and keyboards the company has dubbed MouseJack. What are these vulnerabilities, and what should users and enterprises know about wireless peripheral security?
Wireless connections and networks are an area of concern for enterprises, but the actual risk has remained low because of the fragmented usage and limited range. Attacks have ranged from attacks on satellite communications to a myriad of attacks on 802.11-based wireless. For enterprises targeted by APTs or state-sponsored attackers, the risk from wireless connections is significantly higher. For most other enterprises, the MouseJack vulnerabilities are low risk, but could still be exploited for targeted attacks on high value individuals.
The MouseJack vulnerability exists in the proprietary communications protocol between a wireless mouse or keyboard and the host computer it is connected to through a dongle of some sort. To no one's surprise, it turns out the devices don't uniformly use encryption, and some do not implement encryption correctly. This allows an attacker within a short distance to disrupt the communication and send arbitrary commands to the targeted system. Bastille developed an exploit to demonstrate that a MouseJack attacker could type malicious commands or send false mouse clicks.
Some vulnerable devices can be patched by installing new firmware on the device. Enterprises may want to use devices with firmware that can be updated. Some of the devices identified by Bastille cannot be updated and will be vulnerable to MouseJack for the entire life of the device, thus requiring replacement. Wireless devices with firmware that can be updated give enterprises an option to patch the devices rather than replacing them. High value targets in enterprises may not want to use wireless mice or keyboards given the risk, or only use them in relatively secure locations. The high value users are probably at much higher risk for spear phishing, but this risk shouldn't be overlooked.
Find out how to trace state-sponsored attacks on mobile devices
Learn how to defend your enterprise against evil twin access point attacks
Discover how to secure your enterprise's wireless security
Dig Deeper on Wireless network security
Related Q&A from Nick Lewis
Enterprises have many options for email security best practices, ranging from deploying email security protocols to educating end users on the ... Continue Reading
Cyberattacks often begin with a port scan attack, which attackers use to find exploitable vulnerabilities on targeted systems. Learn how they work ... Continue Reading
Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.