There are an untold number of ways security can be breached in an IT system. Now security pros have another to worry about: Wireless keyboards.
Anything wireless, of course, is a threat vector, but many CSOs may not be worried about keyboards and their short-range transmissions. Instead the appeal of having fewer wires around a desktop is the lure. Besides, a hacker has to be close to pick up the signals with a keylogger, right?
Not if a device created by security researcher Samy Kamkar is legit. Kamkar says he’s built a wireless sniffer that fits inside what looks like a USB wall charger and picks up signals from Microsoft wireless keyboards transmitting on a 2.4GHz frequency. Kamkar dubs his creation KeySweeper, it’s build around an open source Arduino Pro Mini microcontroller module for about US$80 in parts — or less, depending on its design.
“Keystrokes are sent back to the KeySweeper operator over the Internet via an optional GSM chip,” he writes on a post, ” or can be stored on a flash chip and delivered wirelessly when a secondary KeySweeper device comes within wireless range of the target KeySweeper. A Web-based tool allows live keystroke monitoring.
KeySweeper can send SMS alerts upon certain keystrokes being typed, for example, a bank’s URL. If the device is unplugged it appears to shut off, but a rechargable Lithium-Ion battery can be added — if the builder knows how to do it safely — keeps it going for a time. Otherwise a standard alkaline batter will do.
Kamar’s work leverage that of others who have also been able to figure out how to keylog Microsoft wireless keyboards; his addition is to cram a solution into a small space.
Cracking open a Microsoft keyboard helps determine frequency the sniffer should be looking for, and then an Internet search led Kamkar to another person who discovered that these keyboards can give up a MAC address to listen on. While there is encryption, a device created by others — and demonstrated at the CanWesSec 2010 conference in Vancouver — can decrypt the signals.
Kamir told VentureBeat the goal of his project is to create pressure on manufacturers of wireless devices to encrypt their signals. Microsoft told VentureBeat it is investigating the report.
Lesson for IT pros: In addition to all your other work, keep an eye on what’s plugged into every wall socket or extension cord in the building.