Contact Us
Language

10 ways to address KVM switch vulnerabilities -- GCN

tagsSplitter

Industry Insight

Last September, the police arrested criminals who conspired to steal millions of dollars from Barclays Bank and Santander Bank. The hacker plans to use the bank's KVM (keyboard video mouse) switch to record the bank staff's key presses and screen activities, and steal their passwords.

Although these specific attacks target the financial industry, federal, state, and local government agencies are equally vulnerable. A maliciously modified peripheral device can gain control, intercept and/or access resources other than a single government PC, and can crawl into any computer network to which the PC is connected.

One of the most commonly used measures to prevent network attacks is to use KVM switching equipment, which allows government employees to safely switch networks with various security levels from a desktop computer.

Although many government IT security administrators have begun to deploy KVM to solve the inefficiency of unswitched secure desktops, not all KVMs are highly secure and can therefore easily be used maliciously in the following ways:

Vulnerabilities in USB peripherals. Although all USB ports have high-speed bidirectional data flow, this benefit is also a potential threat because the data is shared across the entire USB bus.

Video vulnerability. The LCD monitor uses standard EDID signals to store and transmit display parameter data, which can be used.

Microphone vulnerability. The microphone is easily sniffed, captured and redirected.

The memory buffer is leaking. Some KVM switches use onboard buffering and may leak data between channels.

CAC is not fully implemented. The KVM system that provides reader support for universal access cards cannot completely isolate the CAC reader, making the keyboard and mouse vulnerable to attacks.

Poor housing and design. The internal and external components of the switch may be vulnerable to tampering.

In light of these vulnerabilities, best practices have emerged that allow government security professionals to address the growing concerns about desktop security through a secure KVM switch solution:

1. Avoid using unsafe KVM switches. Non-secure KVM switches should only be used when users have little access to sensitive data and are located on an isolated network.

More virtual collaborations can take place between peaks, between the stagnation of the digitization of archived records and the management of records in the data set, records management supervisors are dealing with new challenges.

The city has established cellular sites in government-owned facilities (such as the fire department and library) that are already connected to Tucson’s existing fiber optic backbone network.