Your Keyboard and Mouse Might Be Your Next Big Security Risk
Is nothing safe from the hacking community? It seems as though everything is under assault these days. Antivirus and malware blocking software is struggling to keep pace. When those security holes get plugged, the hackers simply shift gears and switch tactics, going after SSL or other core components of the internet itself.
When the corporate world gets wise to their attacks, they shift gears again, relying on “ransomware” to take companies down. If it’s not that, it’s attacking the (often unsecured) internet objects that are spreading throughout the internet. Government agencies have been attacked. Healthcare providers have been attacked. Even makers of children’s toys have been attacked, and now, even your humble mouse may be at risk.
Yes, you read that correctly. Hackers can even take control of your PC by hijacking your mouse, probably one of the most ubiquitous and least threatening peripherals you’ve got attached to your computer.
The attack is quite simple. Whereas your keyboard has built-in security that prevents would-be hackers from seeing what you’re typing, your mouse has no such built-in features, and yet, it is a direct line into your PC. A hacker, with a nominal amount of off-the-shelf equipment can easily start sending signals to your mouse and using it as a proxy to take complete control over your PC.
There are, of course, ways to close this security flaw. There always are, but the point is that convincing people to toss out their perfectly functional mouse in preference for a new, more secure one is probably going to be a hard sell, which is going to leave hundreds of millions of internet users exposed and at risk. Even if you do buy a more secure mouse, how long will it take for the hacking community to find the next open link in your corporate armor? At the moment, there seems to be no good way to get off the treadmill we find ourselves on, and if hackers can find their way into your system using something as innocuous as your mouse, then nothing is safe. The best we can do is assess our internal security and make sure that there are very few ways for threats to get into our networks.