In its simplest form, keylogging (also known as key logging or key stroke logging) is the use of a device (hardware) or program (software) to record each key stoke made on a computer. It records everything, such as emails, instant messages, documents, spreadsheet entries and most importantly, account numbers, PINs, login names and passwords. After gathering the information, the keylogger creates a log file and sends it to a specified recipient, if it is a software program. In the case of hardware, the person who installed the keylogger must retrieve the device in order to access the log file.
As a commercially available device, the keylogger comes in several forms. It can be connector between the computer and the end of the keyboard plug that looks to most users like it is supposed to be there (if they happen to notice). Some can be easily installed inside a standard keyboard. There are also replacement keyboards available with a built-in keylogger.
Keylogger software can be purposefully downloaded or installed inbeknownst to the user via a virus or spyware, which is then executed using a Trojan horse or rootkit. This will usually install two files in the same directory. One is a DLL (dynamic link library) file to perform the keystroke recording. The other is an .EXE (executable) file, which installs and activates the DLL. Such software programs are simple for a hacker to write and insert into an email directing the user to respond, or click on an attachment. Keyloggers also reside on various websites waiting to install themselves on unpatched or unsecured machines which visit their site.
Keylogging also has constructive purposes including software development. The examination of keystrokes will indicate any errors, which developers can easily correct. Some employers use keylogging to determine the productivity of employees, or to ensure work computers are used for business purposes. Law enforcement officials may use keyloggers to circumvent applied security measures and obtain passwords or encryption keys. Concerned parents might use them to monitor their children's online activity.
There are also nefarious reasons behind the practice of keylogging. The paramount purpose is money. Malicious keyloggers want to obtain usernames, passwords, PINs or other information necessary to access bank accounts. This is why keylogging is a legitimate concern. Keylogging is not limited to everyday hackers or 15 year-olds testing their hacking skills. Organized crime is also using coordinated keylogging strategies to obtain sensitive financial information.
It is difficult to totally prevent keylogging at this time. Commonsense measures are the best defense, many of which are described in other courses within this Training, Education, and Awareness Module. Things to consider so you may forestall keyloggers include the following:
These helpful tips are provided by Digital Defense, Inc., a computer security company working with your bank as a responsible member of the community to help insure the privacy and security of our nation's financial information.