How to Protect Interactive Kiosks from Hackers

If you’ve recently installed interactive kiosks in your business or organisation, you may be thinking about security. Hackers look for easy targets, so taking steps to protect your kiosks will significantly decrease their risk of being hacked.

But how do you do that? Our guide explains how to protect interactive kiosks from hackers.

Block USB access

If a hacker can insert a USB stick, the potential exists for them to upload malware onto the kiosk.

If you want to protect your kiosk from a USB attack, it’s absolutely vital to block access to its USB ports so it’s impossible for a USB stick to be inserted.

Get rid of that keyboard

Many kiosks employ touchscreen keyboards which only allow use of certain keys, limiting the actions a user can take. However, kiosks that require users to input a lot of information (a job application kiosk, for example) often employ a physical keyboard for ease of use.

Physical keyboards give the user many more options and open up the possibility for hackers to lay waste to the operating system. Again, if any of a kiosk’s USB ports are exposed, a hacker may be able to plug in a physical keyboard, so make sure they’re blocked.

Without access to a physical keyboard, a hacker’s ability to enter system shortcuts will be severely limited – as long as your touchscreen keyboard doesn’t include modifier keys like Ctrl and Alt.

If it’s absolutely necessary for you to have a physical keyboard, make sure you use kiosk lockdown software to block system shortcuts.

Keep the web browser under control

If your kiosks use a web browser to display content, a hacker could potentially view websites other than those you intended, or gain access to the file system.

Control the content that can be displayed on your kiosk by restricting the web browser to a whitelist. A whitelist will allow you to control exactly which URLs are accessible from your kiosk. You can also filter websites by using kiosk lockdown software, or through a proxy.

Use a watchdog

If a hacker finds a way to crash your kiosk application, they may gain access to your desktop.

To defend against this, use kiosk lockdown software that employs a ‘watchdog’ service. The watchdog will make sure the kiosk application runs continuously, and restart the application if it crashes.

Prevent additional applications from launching

Launching applications other than those you intend users to access provides the potential for hackers to gain elevated access to the file system. For example, if a user clicks on an email link it may launch a default email application. This in turn could enable the user to browse the file system through email attachments.

To protect your kiosks from a launch like this, employ a background watchdog process to monitor popups and automatically close them if they’re not on your approved whitelist. Again, this can be achieved by using kiosk lockdown software.

How to protect interactive kiosks from hackers: a summary

There are some basic steps you can take to make things much more difficult for hackers. Block access to your USB ports, use a touchscreen keyboard rather than a physical one and employ decent kiosk lockdown software with a watchdog service.

Whilst no method is completely foolproof, these steps should significantly reduce the risk of your kiosk application being hacked.