FFIEC News

Rapid7 Launches Check for Critical Wireless Keyboard Vulnerability

(Dec 06, 2007)-- Rapid7, provider of Unified Vulnerability Management (UVM) solutions for large enterprise deployments and small to medium businesses, announced today NeXpose will include a check for a
zero-day vulnerability found in many wireless keyboards. The impact of this vulnerability is that an attacker with a directional antenna and a laptop can eavesdrop on keyboard communications, capturing every keystroke from a distance of over 30 feet away.

Swiss researchers announced that they had broken the security of wireless keyboards manufactured by Microsoft, Logitech, and possibly other vendors. This vulnerability stems from a fundamental design flaw in the RF protocol used by these 27MHz wireless devices, causing them to be even less secure than  bluetooth-based keyboards. Certain non-Bluetooth wireless keyboards (including some manufactured by Microsoft and Logitech) are designed with very weak encryption that is extremely easy to defeat. The test results demonstrate that a remote attacker equipped with an antenna can capture every keystroke from
these wireless keyboards.

Wireless keyboards have been sold globally for many years. Logitech and Microsoft are two major brands in this market area. Their products are sold over Internet, through business suppliers and in many consumer electronic stores worldwide.

"This is a critical security issue for many companies. The vulnerability opens the door for hackers to easily access corporate networks and customer data. Because these wireless keyboards are sold through many outlets, companies may not know how many are being used in their networks. Employees may have these wireless keyboards in their homes," stated Tas Giakouminakis, CTO of Rapid7. "While many organizations are concerned about 802.11 WiFi eavesdropping, there has been very little focus on the risks posed by wireless keyboards. We expect that there will be increased attention to this issue in the coming weeks."

Rapid7 NeXpose UVM provides network, database and web application vulnerability management for enterprises deployments and small to medium businesses. In addition, Rapid7 provides compliance products and services for PCI, HIPAA and Sarbanes Oxley.

Share or bookmarklet this web page at: