Cyber Espionage via Wireless Keyboards and Mice. The MouseJack Attack.
Wireless mice and keyboards are becoming increasingly popular every day, as the era of wires fades into the past. The Internet has long been delivered "over the air," and the latest trend is wireless charging for gadgets.
However, while only the lazy are unaware of the threat of Wi-Fi data interception, almost no one considers that there is a constant exchange of information between a wireless mouse, keyboard, and computer, and this information can be "eavesdropped" on.
For a long time, the security of wireless mice and keyboards did not attract the attention of specialists until a report was published in 2016 by the American company Bastille Networks, which announced vulnerabilities in millions of devices.
The attack was named MouseJack. A website was even created mousejack.com with a list of vulnerable devices, where you can check your devices for vulnerabilities. Later, the Russian company Positive Technologies successfully intercepted data from Logitech, A4Tech, and Microsoft keyboards and mice.
The problem lies in the insufficient security of these devices due to the secondary nature of security concerns. Ease of use, price, battery life – these are what concern developers; after all, why would a computer mouse need security?
In an ideal world, a device should have a reliable authentication system so that your keyboard connects only to the receiver in your computer, not to any receiver. Likewise, your receiver should not interact with third-party devices that may belong to a malicious actor. Data transmission between the device and the computer should be reliably encrypted. Unfortunately, it is precisely the negligence of security requirements by manufacturers that makes the MouseJack attack possible.
Consequences of the MouseJack Attack and Other Attacks on Wireless Mice and Keyboards
The attack can be destructive; for example, you may need to conduct an important presentation, and your mouse and keyboard will stop responding to you. It will be extremely difficult to determine the cause of the problem and, of course, the source of the attack, as the attacker may be sitting in their car in the parking lot of a business center.
A more complex variant of the attack involves intercepting and decrypting data if it is unencrypted or inadequately encrypted. As a result of such an attack, a malicious actor could obtain your passwords and other confidential data that you enter using a wireless keyboard. This attack will allow them to capture the texts you type: emails, messages in messengers and social networks, even if they are securely encrypted.