Spy Review

This post will explain what key logging is and what it does and then a series of steps to defend against possible attacks. I know many of the regular readers of this blog or anyone with an interest in surveillance are aware of what a keylogger is, but since this is a tutorial type post, and many readers are first time readers, there will be a brief introduction of what it is first.

What is software keylogging?

Keylogging is an automated means of capturing and storing in a database keystrokes made by users on their computer keyboards.

Keylogging has both legitimate and surreptitious purposes. It can be especially beneficial in in tracking down bugs in software, and even measuring a computer users performance.

Keylogging can also be used to capture user IDs and passwords keyed by users. This may be legitimate, as in the case of a law enforcement or security agency trying to detect hackers or other unauthorized users accessing a system, but it can also be used for evil purposes, to steal sensitive information.

Just for fun, we Googled “keystroke logging” (without the quotes) and came up with Results 1 - 10 of about 498,000. Quite the cottage industry, eh? And you can buy them all over the Internet.

Detecting a Software Keylogger

How then do you protect against cyber crime through the illegal use of a key logger on your computer?

Well, here are some suggestions.

Take a proactive approach. People will steal anything it is said, and information is valuable. Start out with the assumption that someone is spying on you.

There are many keylogging detecting programs available on the market and you should get one, or even two. These programs interrogate your hard disk and look for the usual suspects so to speak, seeking out certain text strings that may indicate that your machine has been infiltrated.

Bear in mind that anti-key logging software usually run all the time and may put a drain on your machine’s memory availability.

Anti-Keylogging Software

KeyScrambler from QFX Software is one such example of an anti-keystroke logger. The installed software on the hard drive will use a technique to scramble characters that are being keyed in by encrypting the messages thus rendering it unable to be read by anyone trying to log what is being typed in in its true context. It works with various applications that requires a user to type passwords and other confidential information. Some of these anti-logger software have some shortcomings, however, because they can leave a user exposed in some areas while providing protection in others.

Some key logging software vendors make claims that nothing can detect their software, and this may or may not be true. Technology is always advancing and criminals are always coming up with new ways of committing crimes while going undetected. It is unfortunately, a bad side of human nature.

Unusual files

Be wary of email attachments that have file types of .scr and .exe. These are scripts and programs. Do NOT open them if you are not sure of their origin. One way to combat this is to keep your operating system constantly updated, this is an option your operating system vendor should provide. They can detect possible keylogging files that are being sent over the Internet. They will not necessarily stop them from coming through, but can provide you with an option to open it. Of course, having high quality computer security software installed on your hard drive that montiors in the background while you use the Internet can be a good way to detect such files and even destroy it.

Betraying Privileged Access

Usually, a person who is the culprit has administrative privileges and you might think of your employees who do. Are any of them currently dissatisfied? It’s disturbing to think so negatively, but you might consider monitoring THEIR activity, using your OWN keylogging software, to spy on THEM.

If you are certain that a particular machine has been compromised and that information is being stolen, one method of eliminating the problem, although not pleasant, would be to reformat the entire hard drive and reinstall the operating system and all user files and programs.

Obviously, this is a last resort, as it is both time consuming and will put the user out of commission for a period of time.

In the future though, make sure everyone runs as regular users and not with admin privileges, as this can leave the door wide open for mal-intent.