Careful: Many Peripherals Open to Hacking

You follow all the latest tips about securing your computer system. Your employees are taught from day 1 on the job not to open emails or download attachments from emails that are from unknown sources. In addition, all staff has also been trained to never download files from a suspicious or unknown site. You update your virus and anti-malware software every day, and all users are trained to use a secure password on any portable device they use to access your computer system. So, you do everything right, but you still have been hacked. What happened?

Your Peripherals May Be Used Against You

If you use peripherals such as wireless keyboards and/or a wireless mouse, you may have inadvertently set your company or yourself up for a security breach. If your peripherals connect using Bluetooth, you are safe, but if you use a keyboard or a mouse that connects to your computer using radio waves, watch out! – you are ripe for hacking.

How Peripheral Hacking Works

Actually, cybercriminals don’t even have to get into your system if you use wireless radio-attached computer peripherals. Every mouse move you make and each keyboard stroke can be recorded from up to about 300 feet. Most radio-attached keyboards or mice do not have a shred of security protection, making them a great target for hacking. Major keyboard manufacturers, listed below, have this vulnerability:

• Anker
• RadioShack
• Hewlett-Packard
• Insignia
• Eagle Tec
• GE/Jasco
• Toshiba
• Kensington
• Other brands that have not yet been tested

The only thing these brands of keyboards have in common is they all run on the 2.4 GHz ISM radio band. To date, there are no standards as to how secure data ought to be sent; this allows each manufacturer to come up with their own security methods. Most often, manufacturers don’t bother as securing these peripherals would raise the price or cut profits – something they are loathe to do.

At this time, researchers believe that the number of devices affected and in use today approaches 1 billion.

The fix for these problems is actually easy – replace them with wired input devices.

Don’t Share a Charger

Be careful at public places where free charging is available via a USB. Hackers have discovered a way to hijack your data from your portable device while it is charging; the USB charging port also serves as an entry point to your device. So the best advice against this type of hack is to use your own charger or carry an extra battery.

The Internet of Things

The Internet of Things (IoT) is where non-computers connect to a computer system using a cellphone or radio technology. While it presents tremendous opportunities for business, it also has some security vulnerabilities. While your computer system is monitoring the temperature of your production facility, cybercriminals may use that monitoring system to invade your computer system. Once resident in your system, it can steal data, including:

• Client lists;
• Vendor lists;
• Marketing and sales plans and information; and
• Intellectual property

“Most organizations don't have the resources to rebuild their infrastructure from the ground up, so they’re forced to rely on legacy systems that may never have been designed to be connected in the first place, and may therefore contain inherent vulnerabilities.”— Steve Grobman, CTO at Intel’s Security Group.

For companies in these situations, using an outside managed services security provider (MSSP) can be an economical way to solve the issues inherent in businesses using the IoT now or preparing to shortly.

In California, On Time Tech is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks and news. Contact us toll-free at 877-270-1391, or send us an email for more information. On Time Tech services are available in San Francisco, Walnut Creek, San Ramon, Burlingame, San Jose, Oakland, Berkley, Sacramento, Carmichael, Los Angeles, Citrus Heights, Pico Rivera, Santa Clara and Roseville.