What’s an easy, effective and potentially devastating cyberattack . . . that’s also named for a rodent?
If you guessed mousejacking, you are a star student today.
A mousejacking attack occurs when an attacker scans for the wireless transmissions sent from your wireless mouse to the USB dongle plugged into your computer. These transmissions from a mouse contain data that describes the mouse’s actions. When an attacker is able to scan and find these transmissions, they may also be able to quickly intercept and, with a few quick keystrokes and clicks, impersonate the mouse and begin sending their own malicious commands through the wireless dongle and into the computer.
Users may see a brief pop-up screen with code, but things returns to normal quickly, and many times they don’t think it’s significant enough to notify their security team.
To add a little insult to injury, an attacker doesn’t even have to be in the building or in close proximity to the workstation to pull this off. They can be in your parking lot or maybe that park across the street.
Now, there are a lot more technical things that go into it, so take a look at the video above to learn the details.
So how do you prevent a mousejacking attack? Since this attack only can occur on workstations that are open and running, remember (and remind your colleagues) to always lock your station if you are walking away or not actively working on it. Also, let your colleagues in IT security know about anything suspicious you see. Trust me, they want to know.
Remember it only takes a few minutes for attackers to get into your network and start causing trouble.
Please share this blog and video with your team so they know what to look for and how quickly it can happen, and encourage them to report it immediately.
With years of penetration testing and general mischief making behind us, we at Raxis have learned that there is always a way in. And we can find it. Our team of experts are ready to help you and your organization find its weaknesses and help you strengthen your security. Talk with our team today.