Combatting Insider Threats with Keyboard Security | Threatpost

As cyberattacks snowball and insider threats become an ever-larger part of the problem, it may be time to move beyond purely software-based cyber-defenses. Implementing hardware-based security, like secure keyboards, can be an important part of the mix.

Those in IT-leadership roles are well aware that the attention and spending on security and tightening computer networks against cyberattacks has never been higher. Motivations for nefarious activity can range from espionage and financial gain to just plain business disruption. Whatever the motivation, cybersecurity threats continue to grow in numbers and complexity, and have significant effects on all facets of the day-to-day business of running a large organization. Beyond the significant financial issues they can cause, cyberattacks can also lead to lawsuits, regulatory penalties and reputational damage.

Just like the motives behind cyber-threats, the actual attacks themselves can be incredibly varied. Today’s large organizations must be on the lookout to combat all types of threats, including malware, denial of service (DoS) attacks, zero-day exploits, ransomware, DNS attacks and many more. Overall, most companies have done a very good job policing these attacks from outsiders. But company security leaders may need to start paying more attention to attacks from a surprising threat – their own employees.

Insider Threats on the Rise

Insider threats have become an alarmingly significant source of risk. In fact, a report from IBM and ObserveIT recently found that ​insider threats​ cost organizations $11.5 million on average worldwide in 2020. This is more than a ​30-percent rise in just the past two years. The study also found that the frequency of incidents rose more than 45 percent during the same time period.

For most larger organizations, internal security and data protection usually focuses on software-driven issues. Virus scanners and firewalls are the most common countermeasures that come to mind when the topic of fighting off cyberattacks arises. However, central and fundamental components of modern internal security concepts are the authentication of users and the authorization of access. This makes the go-to first step of data security the use of passwords — which are unfortunately all too easily forgotten, changed too rarely or accidentally disclosed to third parties due to negligence – all negative consequences.

Hardware-Based Security to Thwart Insider Threats

The human interface device, the keyboard, often overlooked when companies look to implement internal security measures, is also the place where almost all insider threats begin. Organizations need to prioritize the use of security-enhanced keyboards that can stop threats before they can even be entered into the network.

Many well-known thin client manufacturers already support the use of secure mode and have integrated the necessary software for this.  Recent keyboard improvements can also now provide higher security through two-factor authentication using a smart card. Keyboards can also now come equipped with a contactless card reader that can read RFID and NFC cards or tags.

These new security-equipped keyboards can make an array of safety applications possible; for example, ID systems can be used for closed user groups via the keyboard, and company IDs can be easily read in. These keyboards can then be partnered with innovative mouse technology, that have integrated fingertip sensors for user authentication, to greatly improve security.

Keyboards can also now be built to ensure maximum protection from “BadUSB” attacks via use of a secure mode. This means that the authenticity of the device is verified on a certificate-based basis, and the key transmission is encrypted. This makes it impossible for hardware keyloggers to access sensitive access data and passwords. By blocking the standard keyboard channel, “BadUSB” attacks can be eliminated. This means that USB sticks that log onto the system as a keyboard cannot inject uncontrolled entries and malicious codes.

With external bad actors constantly finding new ways to attack and threaten data, organizations must constantly be adjusting and innovating the way they protect themselves. Unfortunately, that means being aware that sometimes cybersecurity threats come from within. These threats have become even more complicated with work from home mandates and a constant rise in the number of devices connecting to the network. Leveraging these secure keyboards is a very strong first step in combating internal threats and winning the security battle.

Dale Ludwig is business development manager at Cherry Americas.

Enjoy additional insights from Threatpost’s InfoSec Insider community by visiting our microsite.