Attackers can exploit the vulnerabilities identified to “listen in” on keyboard input, giving them access to confidential information such as passwords and e-mails. But that’s not all. Attackers can also infect the computer with malware, putting the device or even the entire network at risk.
The reports over the past few months are not the first time vulnerabilities have been exposed in these wireless desktop sets. Issues, some serious, were revealed as early as 2016: insufficient protection of code (firmware) and data (cryptographic key), and missing protection against replay attacks (click here [German only] for details).
Some vulnerabilities can only be exploited if the hacker is able to gain physical access to the device for a short period of time. However, other attacks merely require the intruder to be in proximity of the device. While manufacturers say this distance is 10 metres, security researchers believe the radius may actually be much larger. To ensure backwards compatibility, manufacturers don’t always fix all vulnerabilities. Taking action yourself to ensure security is therefore far from trivial.
What you can do about it.
Update regularly: just like with other IT systems, check for firmware and other updates regularly and install them as soon as possible.
Use Bluetooth: switching to a Bluetooth system can also safeguard you from the pitfalls of certain wireless protocols. Be aware, however, that Bluetooth is also based on wireless technology.
Revert to wired input devices: systems that process personal or other data requiring protection should be used with wired desktop sets instead of wireless alternatives.