More insidious forms of keyloggers are built into the keyboard. Thieves will either replace the keyboard completely or dismantle it, insert a keylogging device, and re-assemble it. Naturally this requires a greater degree of skill on the part of the criminal, and takes more time to complete. But the chances of visual or manual detection are almost zero.
The good news is that organizations can defend themselves against determined keyloggers. The first step, as with all effective security measures, is to educate and train users to raise awareness and create a culture of individual responsibility. The number of PCs in large companies makes it impractical for the IT security manager to check the back of every single box and every single keyboard manually. Users who carry out basic monitoring of their own equipment greatly increase the chances of detecting any rogue devices.
Secondly, organizations should look at alternatives to desktop PCs. Although still susceptible to hardware keyloggers, the inbuilt keyboards of laptop computers are far harder to tamper with. However, greater use of mobile devices brings new security challenges, which must be balanced against the reduced threat from keyloggers.
Then there are the secure tokens, smart cards or other devices that are used to provide a second layer of authentication after user names and passwords. These work by having a constantly changing passcode, meaning that any data gathered by a keylogger is immediately invalid, and cannot be used to sneak into the system.
Organizations should also consider increasing the use of drop down menus for gathering information. Instead of typing in information with trackable keystrokes, drop downs enable users to select characters or words with the mouse, which a keylogger cannot record. However, in addition to these more general security tools, there are a number of applications, recently on the market, that can automatically identify hardware keyloggers. These software solutions disable the devices by intercepting and blocking communications between it and the targeted computer. The software also alerts the IT department to the presence of keyloggers.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.