Solving the Keylogger Conundrum
by Sacha Chahrvin - SmartLine - Wednesday, 3 October 2007.
Then there are the secure tokens, smart cards or other devices that are used to provide a second layer of authentication after user names and passwords. These work by having a constantly changing passcode, meaning that any data gathered by a keylogger is immediately invalid, and cannot be used to sneak into the system.

Organizations should also consider increasing the use of drop down menus for gathering information. Instead of typing in information with trackable keystrokes, drop downs enable users to select characters or words with the mouse, which a keylogger cannot record. However, in addition to these more general security tools, there are a number of applications, recently on the market, that can automatically identify hardware keyloggers. These software solutions disable the devices by intercepting and blocking communications between it and the targeted computer. The software also alerts the IT department to the presence of keyloggers.

The secure organization

Keyloggers are such a potent source of danger because they exploit the gap created by not one but two notoriously weak areas of IT security. The first is our ongoing reliance on passwords. Sophisticated intrusion prevention or segmented access authorization do add extra layers of protection to corporate networks, but they still cannot distinguish between a legitimate user with the right password and a malicious one.

The second is old-fashioned physical security, often forgotten when devising strategies to protect virtual assets. Since hardware keyloggers require physical access to the targeted machine the criminal must be in the presence of that computer, even if itís only for a matter of seconds. If they are to protect themselves against keyloggers, organizations have to give the broadest possible definition to IT security. That means policies to help employees recognize social engineering attacks, and even conducting thorough background checks on auxiliary staff who have access to the building.

After all, if you think your data is worth protecting, then someone else will think it is worth stealing.


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th