IT Strategies for Your Business: Keyloggers
The “Selectric Bug” was a digital eavesdropping device developed in the 1970s by the Soviet Union (USSR). It was built inside IBM typewriters and practically invisible and undetectable.
When the typewriter was turned on, the device would be activated remotely, and data would be sent via radio to a listening post. This is one of the earliest forms of a keylogger.
Keyloggers are a type of monitoring software that is designed to record what a user types on a keyboard. They then record information that is typed on a website or application and send it back to a third party.
Hackers mostly use keyloggers to capture financial information like banking and credit card details or personal information like emails, names, addresses, and passwords. Hackers may sell that information or use it as a part of a larger attack.
In this blog, we will discuss the types of keyloggers and the ways you and your team can detect and prevent your business from them.
What Type of Keyloggers are There?
There are two main types of keyloggers: hardware and software. Like the Selectric Bug, hardware keyloggers are physically installed in computers. Hackers can hide keyloggers in practically anything; sometimes they even are installed in functioning devices. For example, KeySweeper is an actual USB charger that monitors keyboard strokes.
Hardware keyloggers can come as a form of plug placed between the CPU and the keyboard cable. They are usually installed in places that are not normally checked. Hardware keyloggers were used on wired keyboards, but now hackers can easily monitor keystrokes for wireless keyboards.
Software keyloggers can be installed on a computer when opening a file attachment, text message, instant message, or social media. Software keyloggers can also be installed by visiting a website if it is infected.
While this a type of malware, it will not harm a computer. Its only job is to spy on keystrokes and let the user go about their business. Software keyloggers can monitor mouse movements, and they can also capture screenshots of the user’s screen or application.
How to Detect and Prevent Keyloggers
Your team must recognize the warning signs that a keylogger may have infected a computer. Hardware keyloggers are easier to spot; for example, an unfamiliar USB drive may be plugged into your computer.
When dealing with software keyloggers, common symptoms include slow computer performance, delays in action (“not responding”), pop-ups, random icons on the desktop, or heavy hard drive or network activity.
One of the easiest ways you and your staff can prevent keyloggers from negatively affecting computers is to always use caution when working online. This will help protect your devices and personal information against hackers who use keyloggers for malicious reasons.
Your team should be mindful of the physical surroundings around their computers. It is a good practice for your staff to sign out of a machine if they step away for any period. Leaving your computer unlocked for just a moment is plenty of time for hackers.
Also, please note that hardware keyloggers can be installed on personal devices without the person knowing. For example, a personal USB drive that a staff member uses to transfer files could be carrying a keylogger. If possible, have your IT team implement a policy that limits what type of external devices can be plugged into computers, or a policy that can loan out equipment that is work-approved.
You and your IT team should make sure that your staff uses strong and unique passwords. Staff members should know to never reuse passwords across multiple accounts. A secure password should include numbers and symbols, upper and lower-case characters. If possible, try to use multi-factor authentication as often as possible.
Your IT team should have a solid antivirus program in place to protect from loggers. Anti-spyware programs cannot catch hardware-based keyloggers, but they can detect, disable, and remove software keyloggers. It is also important that your IT team keep the antivirus program up to date with the latest security definitions. There is also dedicated anti-logger software that is designed to scan and remove keylogging on a machine.
In some cases, keyloggers have legitimate uses. IT teams can use them with businesses to help fix problems. Businesses can use them to improve user experience and monitor employee production. However, in most cases, keyloggers have negative use cases. You and your staff should be mindful of the best security practices when dealing with keyloggers.
Make sure your IT team has a training strategy in place to train your staff on phishing attempts, passwords, antivirus scans and keeping personal devices safe and secure when bringing them into work. Your antivirus program should be updated to include detection for logging software. If possible, look into specific anti-keylogger software that can detect loggers on a computer by comparing files against a keylogger database.