How Hackable Is Your Wireless Keyboard and Mouse?
An Internet-of-things security startup says a flaw with some non-Bluetooth wireless keyboards and mouses makes it simple to hack into your computer.
Some of the computer dongles that come with wireless keyboards and mouses may offer hackers a fairly simple way to remotely access and take over your computer, according to a new report from Internet-of-things security startup Bastille.
Atlanta-based Bastille says it has determined that a number of non-Bluetooth wireless keyboards and mouses from seven companies—including Logitech, Dell, and Lenovo—have a design flaw that makes it easy for hackers from as far as about 90 meters away to pair with the dongle that these devices use to let you interact with your computer. A hacker could do things like control your computer or add malware to the machine.
The flaw points at yet another potential issue with the ever-growing number of connected devices, though it appears to work over a short range and still seems to be a hypothetical problem.
In tests, the company found around a dozen devices that were susceptible to the flaw, which it’s listing online. Most of them use a line of transceivers made by Nordic Semiconductor that do support 128-bit encryption, says Marc Newlin, a Bastille engineer who found the issue, but it’s up to the maker of the keyboards and mouses to apply it.
Bastille, which tracks malicious Internet-of-things activities by using sensors to track the electromagnetic signatures of Internet-connected devices, determined that while data transmitted by wireless keyboards tends to be encrypted, none of the mouses it tested encrypted their clicks. Also, while most of the keyboards the company tested do encrypt their data before sending it to the dongle, the dongles didn’t always require that the data be encrypted. Both of these things would make it possible for a hacker to fool the dongle on a victim’s computer into thinking that his remote clicks and keystrokes are legitimate.
Newlin says that since each wireless keyboard or mouse has a unique radio frequency address, a hacker would simply use an inexpensive USB dongle to sniff the data packets being transmitted between, say, a mouse and the dongle connected to its computer to figure out that address. Then the hacker could transmit keystroke packets to the dongle as if he were the rightful user of the computer.
Bastille founder and chief technology officer Chris Rouland says the startup let the companies know about the devices it found to be vulnerable, and they’ve mostly been “very attentive” to the problem. Some of the products can be made more secure with a simple software update to the dongle, but most of them can’t be patched, he says, so the dongles would have to be replaced.
In a statement, Logitech’s senior director of engineering, Asif Ahsan, said the company came up with a software update to fix the problem. However, the vulnerability Bastille detected “would be complex to replicate” since it requires being physically close to the victim, he said, which makes it “a difficult and unlikely path of attack.”
“To our knowledge, we have never been contacted by any consumer with such an issue,” he added.
A Dell spokeswoman, meanwhile, said that the software on one of its two affected keyboard and mouse products can be patched. Another will require customers to contact the company’s technical support to find a “suitable replacement.”
And in a security advisory released Tuesday, Lenovo said the issue, which affects a wireless keyboard, will be fixed in new devices but that customers with an existing version of the device can reach out to Lenovo customer support for a replacement.
Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.Subscribe today