Balint Seeber and Marc Newlin are checking how far apart they can be while still have the ability to hack into one another’s computers. It turns out its not a small distance -it’s 180 meters (around 197 yards) – the length of approximately one and a half American football fields.
The pair work for Bastille, a startup cyber security firm that has uncovered a vulnerability they say leaves millions of networks and billions of computers susceptible to attack. They are calling it Mousejack.
Unlike Keyboards, wireless mice from corporations like HP, Lenovo, Amazon, Dell and others use unencrypted signals to communicate with computers.
“They have not encrypted the mouse signals, that makes it possible for the attacker to send unencrypted signals to the WiFi dongle pretending to be a keyboard and have it result as keystrokes in your pc. This could be the same as if the attacker was sitting at your pc typing on the computer,” stated the security researcher, Newlin.
A hacker can use an antenna, a wireless chip referred to as a dongle, both available for around $15 (USD), and an easy line of code to trick the WiFi chip linked to the target pc into accepting it as a mouse.
“So the attacker can ship data to the dongle, fake it as a mouse but say ‘actually I’m a keyboard and please type these letters’,” added Newlin.
“If we send unencrypted keyboard strokes as if we had been a mouse it began typing on the PC, typing at a a thousand words per minute,” stated Chris Rouland, the CTO and Founder of Bastille.
At a 1000 words/minute, the hacker can take over the computer or gain access to a network within a few seconds.
Rouland says that while firms are superb at encrypting and securing their networks and web sites, they don’t compensate for all cyber traffic across the complete radio spectrum. He says it is time to re-think cyber safety, especially in a world where smartphones are capable of transmitting huge quantities of information per second.
“Nobody was looking at the air space. So I wanted to construct this cyber x-ray vision to have the ability to see what was inside an organization’s air space versus what was simply just plugged into the wired network or what was on a WiFi hotspot,” stated Rouland.
Bastille is hoping to cash in on its security flaw findings and provide new forms of sensors that take into consideration more of such threats present in a wireless society.
In the meantime, Bastille is keeping tabs on the wireless mouse problem. They are saying some firms are beginning to supply firmware updates to correct the safety issues. Bluetooth devices aren’t vulnerable to this sort of attack.
See the video below to for more explanation: