Solving the Keylogger Conundrum
by Sacha Chahrvin - SmartLine - Wednesday, 3 October 2007.
The geek shall inherit the earth! This is the slogan that has reverberated out from Silicon Valley from the mid-90s, as we all realized that technology was, actually, fun, interesting, essential. Geek chic took over the worlds of film, fashion Ė and even finance. Suddenly it was cool to be into computers.

But the rise of the geek didnít just confine itself to the light-hearted entertainment, start-ups that went stratospheric, or successful transformations of Ďold economyí businesses. Computers and crime have come together. Mobsters are no longer the fast-talking, pin-striped, gun-toting caricatures of Hollywood legend. Criminal organizations are just as likely to be behind hacking and phishing networks as illegal gambling rackets and gun-running operations - with the same levels of profitability.

These days the weapons of choice are not sawn-off automatics, or revolvers fitted with silencers. Itís much more likely to be illicitly gathered passwords, user-names and dates of birth. And of the armory at their disposal, keyloggers are an increasingly popular choice.

Available in either software or hardware form, keyloggers record every stroke made on a keyboard, and compile the data gathered to reconstruct login details, PINs, encryption codes, mothersí maiden names or any other form of security information. From there it is but a short journey to inviting vistas of identity theft, industrial espionage, blackmail, or simple credit card misappropriation.

Successful surveillance

In an age when CPUs are increasingly central to so many aspects of our lives, and the quality of information is a key differentiator between businesses, it is not surprising that keyloggers have proved to be so attractive to criminals.

Despite this, the keylogger/criminal connection has on occasion worked in the interests of the good guys. In one of the earliest examples of cyber-crime fighting, Nicodemo Scarfo Jr, a well-connected member of the New York and Philadelphia mobs, was brought down by the Magic Lantern keylogger that the FBI installed on his computer via a Trojan. Certainly not be the typical bullets-and-bloodshed take-down of popular imagination, it was still enough to indict him for running an illegal gambling ring and loan sharking.

At the time the story raised a number of concerns about computer privacy. Now it serves as a useful reminder that there is a positive side to keylogging. As well as serving the interests of law enforcement agents, keyloggers can help employers maintain productivity by ensuring that staff are working on appropriate projects. They can protect valuable bandwidth, by spotting when unnecessary applications have been downloaded and ensure optimum use of networked resources by encouraging personal web or system use is kept to appropriate levels.

Keyloggers can even be used in the interests of child protection, enabling parents to check their childrenís computer activities, while giving those children a degree of independence and privacy.

Keyloggers and criminals

Nonetheless, it is still the darker side to these surveillance technologies that is more familiar to the majority of IT and security professionals. Using keyloggers gives thieves a veil of anonymity: they can plunder the treasure-trove of inter-connected corporate systems and storage devices at will, with very little chance of detection.

In the wrong hand therefore, keyloggers can damage business relationships, financial standing, and reputations. They can even cause an organisation to breach major pieces of legislation such as European Data Protection and Human Rights Acts, or the Sarbanes-Oxley Act in the States.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th