Preventing the New Threat

Real-time eavesdropping is part of the security program

When most people consider cybersecurity, they think about protecting the information that resides on their computers—sensitive emails, folders or files. But, for the past few years, security industry experts have recognized that valuable information can also be stolen in real time through web cameras, audio headsets and microphones with Trojans, such as Spy- Eye Trojan that has infected more than 1.4 million computers around the world. Despite the fact that these types of hijacks are known risks, many users of computer workstations remain unaware of how easily malware or viruses can access employee computers remotely.

The fact is: Vulnerabilities exist in your computer’s peripheral equipment. In addition, hackers also can create data leakages with keyboards, USB devices and monitors to access confidential or sensitive information conveyed through speech or web cameras. Once a system is infected by users opening an email or files, or unknowingly visiting a compromised website, the hacker has full access to connect to your system, enabling him to turn on your camera and view or listen to you without you knowing.

While the idea of someone compromising your computer peripherals to eavesdrop may seem remote, the tools to do so, for example “exploit kits,” are relatively easy to get offline. This makes hacking accessible to the average person who can break through security software, rewrite code and access your physical environment through computer peripherals.

The availability of exploit kits makes the threats widely accessible to lower-skilled hackers. This is such a problem that in settings, where confidential information is shared, some industries, such as government, prohibit the use of resources like web cameras or USB devices when computers are present.

Lots to Lose

What is at risk for companies and individuals who allow access to their systems? There are many disturbing implications for this type of real-time threat; primarily, the potential for outsiders to eavesdrop on private environments, conversations and actions. This can include the invasion of business spaces to access board meeting discussions, business strategy and marketing streams, financial planning settings and C-level conversations.

Private conversations, where computers are present and confidential information is shared in real time, are vulnerable to risk. CEOs make important decisions behind closed doors; product managers draw up product roadmaps; and engineers exchange valuable intellectual property.

In addition to the potential for outsiders to listen in, hackers also can obtain visuals of the work environment. This can present obvious problems for any business; for example, who wouldn’t want to steal a picture of the newest yet unreleased iPhone? In other words, whatever you say and do in the office and other confidential venues becomes vulnerable to penetration by hackers.

Software Solutions: Incomplete

Initial security solutions to combat real-time eavesdropping have all been software-driven as many antivirus (AV) companies attempt to address SpyEye using software solutions. The problem with software is that it doesn’t prevent hacking but instead responds reactively to it by finding and then blocking the threat after security has already been breached.

Software-based solutions are incomplete in that they leave victims of these attacks unprotected—known as “zero-day risk”— during a “vulnerability window.” This window is the gap between the time when a threat is identified until software developers start to create and publish a counter to that threat to block the malware. Even after AV vendors push out a solution, there’s another vulnerability window between how long it takes AV to push a patch out and until the user or IT administration downloads the updated security definitions.

Hardware Protection

Fortunately, there’s another solution that protects hackers from gaining access to your peripherals in the first place: hardware security. New technologies that are focused on a hardware approach rather than a software-only approach to security are far more successful at preventing this new, real-time form of cyber threat.

Unlike software, hardware-based security is proactive as it completely prevents zero-day attacks by effectively closing all vulnerability windows. You don’t have to chase down malware signatures or deal with security updates to ensure the latest AV profiles are downloaded.

Here are a few other ways that taking a hardware approach to real-time eavesdropping offers proactive protection. It:

  • Eliminates the need to keep up with continuous software updates to stay secure from the latest threats;
  • Helps combat morphing malware by protecting against all types of malwares (polymorphic, oligomorphic and metamorphic); and
  • Physically isolates the invasive communication without the need to detect the malware, know what type of malware it is or whether it will morph into something else later.

Vulnerable Products

To truly appreciate the security advantages of hardware solutions for securing peripherals, it’s important to understand how different types of products are vulnerable:

Audio devices. For Internet-connected computers located inside high security zones where classified calls and meetings take place, using audio devices may cause a security breach if not properly protected. Such computers are often used with headphones, speakers or microphones to enable conference calls. These computers can be compromised by hackers to remotely enable their microphones or headsets, using them to listen to the surrounding environment.

KVM switches. Hackers can infect computers with malicious code by attempting to target the KVM switch through cyber attacks to obtain private and classified data. There are security concerns involved with the transfer of information beyond display signals, making data vulnerable and security a challenge. Without proper protection to safely isolate networks and connected systems, unintended leakage of information can occur between computers.

USB devices. When USB device access is controlled by software running on the computer, the USB can be hacked or modified. An unprotected USB device can infect the computer system and network, which can be used to inject malicious software. Web cameras. Using webcams in a secure environment may cause a security breach if the hardware is not properly protected. Intruders can exploit computers that are non-secure as a result of web cameras that can view and eavesdrop on conversations without users being aware that the camera is on and active.

Best Practices to Boost Security

By using a hardware approach, security is no longer threatened, and computing resources become more flexible and useful to employees and other users. As a result, organizations and individuals who may not have previously deployed certain computing resources, such as webcams and USB devices, can now implement these resources, knowing they are much more secure.

Below are 5 best practices to help prevent real-time eavesdropping and boost security.

  1. Choose hardware solutions over software. It’s surprisingly easy for hackers to access computer peripherals to view what users are doing or hear what they’re saying. The only way to prevent this threat is with a secure hardware solution. While AV software solutions can only respond reactively in the wake of a security breach, hardware provides proactive security by eliminating the zero-day risk that can occur during vulnerability windows.
  2. Protect video vulnerabilities. Use a secure webcam adapter whenever web cameras are used in boardrooms, offices and other areas where sensitive conversations take place. This hardware solution enables the secure use of web cameras in computing environments where private or classified information is exchanged. This adapter can provide security features: an anti-tampering mechanism in the outside packaging; one-time, programmable, protected firmware; and complete isolation of the USB circuit from the computer.
  3. Monitor USB ports. Using software solutions to control USB access makes computers vulnerable to being hacked or modified. This can lead to an infected computer system and network, which can be used to inject malicious software. A hardware solution, such as a USB peripheral switch, allows end users to access authorized USB peripherals on their desktops while ensuring network security.
  4. Control microphones and headsets. Hackers can compromise audio devices by using microphones or headsets on computers to remotely listen to the surrounding environment. An effective hardware solution is to employ an audio/microphone switch that offers centralized control over audio ports, reducing the risk of audio signal interception.
  5. Use KVM to isolate data from multiple networks to reinforce workstation security. To achieve true data path isolation, a KVM switch must be purposefully engineered to completely isolate each data path connection in the switch. The most effective means to mitigate any data leakage from the computer to and from the network is a hardware solution that ensures all data coming into and out of the KVM switch is completely isolated whenever the operator switches from one secure network to the next.

Because so many vulnerabilities exist in your computer’s peripheral equipment and with security breaches through real-time eavesdropping on the rise, it’s vital to protect your private environments, conversations and activities. The proactive strategy of using hardware-based security is the only way to reliably prevent hackers from ever gaining access to your confidential data in the first place—whether it’s the data on your computer or the valuable information exchange during real-time business discussions and activities.

This article originally appeared in the May 2014 issue of Security Today.


  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Busy South Africa Building Integrates Custom Access Control System

    Nicol Corner, based in Bedfordview, Johannesburg, South Africa, is home to a six-star fitness club, prime office space, and an award-winning rooftop restaurant. This is the first building in South Africa to have its glass façade fully incorporate fritted glazing, saving 35% on energy consumption. Nicol Corner (Pty) LTD has developed a landmark with sophisticated design and unique architecture by collaborating with industry-leading partners and specifying world-class equipment throughout the project. This includes installing a high-spec, bespoke security and access control system. Read Now

  • Only 13 Percent of Research Institutions Are Prepared for AI

    A new survey commissioned by SHI International and Dell Technologies underscores the transformative potential of artificial intelligence (AI) while exposing significant gaps in preparedness at many research institutions. Read Now

  • Survey: 70 Percent of Organizations Have Established Dedicated SaaS Security Teams

    Seventy percent of organizations have prioritized investment in SaaS security, establishing dedicated SaaS security teams, despite economic uncertainty and workforce reductions. This was a key finding in the fourth Annual SaaS Security Survey Report: 2025 CISO Plans and Priorities released today by the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

Featured Cybersecurity


New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3