ST. LOUIS, MO (KTVI)- Wireless computer passwords are being stolen and its gotten so bad, the FBI issued a warning. Be on the lookout for keystroke loggers who use a $10 device.
Scott Schaffer of Blade Technologies calls it crazy stuff. He exposes these thieves.
According to Schaffer, the best way to defend against this attack is to limit the use of wireless keyboards. If the use of a wireless keyboard cannot be prevented, then ensuring a strong encryption on the keyboard is vital.
A keyboard using AES encryption makes it more difficult to read keystrokes as there are currently no known practical attacks to read AES encrypted data.
Also, keyboards using Bluetooth are also safe from KeySweeper as it listens on a different channel than that which Bluetooth transmits. However, Bluetooth keyboards must have encryption turned on and a strong pairing PIN to protect it from a similar type of data-harvesting attack.
Additional best practices to prevent a compromise could include but are not limited to:
·Office policies that address mobile device chargers.
·Limiting which outlets are available for device charging.
·Knowing whose chargers are currently being used.
·Immediate removal of an unknown charger from the office facility (although the optional backup battery can allow data theft even when unplugged).