An Entire Organization Can be Breached Just by Plugging in a Compromised Keyboard says Cyber Security Researcher Prathibha Muraleedhara

The advancement of technology has led to an increase in cybercrimes. Hackers employ diverse techniques to identify areas of weakness or vulnerabilities to infiltrate an organization’s network. The increase in remote work facilitated by organizations after the COVID-19 pandemic has led to a heightened risk from cybercriminals.

The messy cables of wired mice and keyboards have made them obsolete, and wireless peripheral devices are preferred as they offer a convenient, cable-free connection. However, unlike other USB devices like MFA authentication devices, memory card readers, fingerprint sensors, and USB storage devices, wireless keyboards and mice hardly include any security features. As a result, many of these peripheral devices are prone to security vulnerabilities which can lead to the complete compromise of the computers they are connected to and can be used to launch advanced attacks.

“Wireless peripheral devices like mice and keyboards use proprietary protocols operating in the 2.4GHz ISM band. Manufacturers of wireless mice and keyboards don’t adhere to the Bluetooth protocol, which has established industry-standard security schemas. Instead, they create their own security schemas, which often have vulnerabilities that can be exploited by malicious users” says Prathibha Muraleedhara.

Prathibha Muraleedhara is distinguished for her remarkable contributions to Fortune 500 companies like HP Inc., KPMG, and Stanley Black & Decker. She is a product security researcher and leader with over a decade of experience in protecting leading product-based manufacturing companies from cyber threats. She has made a significant impact by performing security architecture reviews and pentesting an extensive amount of industry-leading products. Her invaluable assistance in identifying critical security vulnerabilities and remedying them has contributed substantially to enhancing the security of these products.

Prathibha describes various techniques through which wireless devices can be exploited to launch advanced cyber-attacks in her scholarly article – “Wireless Peripheral Devices – Security Risk, Exploits and Remediation” published in the Cyber Defense Magazine. She explains how some manufacturers do not encrypt the wireless connection between the peripheral devices and the USB dongle which allows hackers to capture the transmitted radio frequency packets and decode the mouse clicks and keystrokes transmitted. Also, due to a lack of authentication, the USB dongle will not be able to differentiate if the packets were initiated by a legitimate peripheral device or by the attacker. She highlights that this will enable hackers to send malicious keystrokes and mouse clicks to the target computer and further launch carefully crafted advanced cyber-attacks.

In her article, Prathibha discusses various classes of vulnerabilities that affect peripheral devices like keyboards and mice. These vulnerabilities include sniffing the transmitted radio frequency packets using the Nordic Semiconductor nRF24L01+, Tempest attack which is spying on information systems by listening to electrical or radio signals, vibrations, sounds, and other leaking emanation, SATAn Air-Gap Exfiltration Attack, Far Field Electromagnetic Side-Channel Attack, and Key Sniffer exploits. Also, she describes the technical details of launching Bastille Research’s Mousejack attack in which a hacker can force-pair an illegitimate peripheral device and inject keystrokes as a spoofed mouse or keyboard.

Drawing on Prathibha’s professional experience and expertise, she recommends the manufacturers encrypt the transmitted radio frequency packets to prevent sniffing, eavesdropping, interception, and analyzing of the keystrokes transmitted. Also, this lets the wireless devices authenticate to the paired dongle preventing any rouge wireless device from connecting to the dongle and sending maliciously crafted keystrokes to the target computer.

Prathibha Muraleedhara

Overall, exploits like Mousejack, KeyJack, and electromagnetic side-channel attacks prove that wireless products even from trusted manufacturers may be vulnerable to serious security exploits. Before the pandemic, organizations were only concerned with ensuring the physical security of their onsite company locations. However, the threat landscape has expanded as the workforce transitions from traditional onsite spaces to remote home offices. Organizations must now take necessary precautions to confirm that the peripheral devices they have provided to their employees are not susceptible to these exploits. If updated firmware is available from the manufacturers, it must be pushed to all the devices. All vulnerable devices with no firmware updates must be discarded.