Scenario 1: Eavesdropping
Many headsets allow multiple devices to connect to them. Someone could use someone else’s headset as a bug and listen to what is being said around this headset in the office.
In a bank, for example, insider information is regularly discussed, for example about an upcoming merger that could be used to make money on the financial market.
Scenario 2: Shadow keyboard
A wireless keyboard connects to the computer using a “dongle,” a small USB stick. An attacker could connect their own keyboard to the computer and execute malicious commands from a distance of up to 100 meters.
For example, someone could infect critical infrastructure such as our water or electricity supply with malware.
Scenario 3: Secret conference participant
Slides and team meetings are recorded via conference systems and sent to the computer. If this communication is not properly encrypted, someone nearby can listen and watch.
For example, trade secrets could fall into the hands of industrial spies.
Scenario 4: The keyboard as a spy
Some devices allow you to install your own software. To do this, an attacker needs access to the device for a short time – he or she could, for example, pretend to be a cleaner or a visitor.
If the malicious software is installed, the keyboard can, for example, send all keystrokes to the attackers – from passwords to confidential emails, they can now easily read them.
