Keylogging: Revealing the hidden threat

BY ANTONY MUTUNGA

As tech evolves, so do hackers and cybercriminals  who find new ways to exploit these new technologies. Increased popularity of cryptocurrencies, for example, has led to the rise of crypto jacking. Most organizations are now focussed on ensuring they are safe from these new cyber risks. Only a few, however, ensure they are fully secure from all cyber-threats. Despite the caution that they need to spend more in terms of cybersecurity, most organizations have failed to do so. In fact, according to International Business Machines Corporation (IBM), only 38% of global organizations claim to have the right security to handle attacks from cyber-criminals. 

Focussing on the new cyber threats, most organizations have engaged multiple security software from different vendors with the notion; the more they have, the more secure they are. Unknown to them, however, this creates greater risks. Earlier types of attacks such as keylogging may be used to steal passwords and, in the end, one’s personal data. Keylogging, formally known as keystroke logging, is a malicious program that tracks and records every keystroke made by a user on his/her computer. Even though it has become more popular in the digital age, it is one of the oldest instruments of surveillance and espionage. Even before personal computers were introduced, keylogging was used in typewriters. The program would be bugged in typewriters, and in turn, transmit the keystrokes using radio frequency. 

As time went by, the use of keystroke logging changed especially with the introduction of personal computers and the increase of technological advancement. What was mostly used by the government before, was now software that anyone could get their hands on. As a result of its characteristics of going unnoticed, cybercriminals and hackers prefer it to other malicious programs. It makes it possible for hackers to get anything one keys in like users’ credentials which in turn, they can use for any purpose including identity theft or fraudulent financial transactions. Apart from being used by cybercriminals, the program, being readily available, has become a popular way for people to spy on others. Parents, for example, are known to look to the program when they want to keep track of what their children are doing on their computers. Additionally, some employers also employ the same to track what their employees are doing on computers. Organizations also use keyloggers to gather behavioral information for market research. Even though this has been good to some extent, it also has its downfall. Most of the parents, employers or individuals who purchase these programs do so from security vendors who mostly are not completely secure. This results in the keylogging records of all the people that had used the program to be in danger as the data can be obtained by cybercriminals and sold off for malicious purposes.  

Additionally, in the event of someone in office being affected, cybercriminals can have access to multitudes of confidential information, which threatens the security of a nation. In 2017, Italy, for instance, faced such a dilemma after identifying that two individuals had created a proprietary keylogger malware named Eye Pyramid in 2012 and were using it to steal passwords and access confidential information. By the time the malware was disarmed, the two had already stolen over 1700 passwords affecting more than 18,000 users among them Italian politicians, Vatican officials, and the European Central Bank. They had managed to get the keylogger in the user’s computers by sending them an email, which when opened would install the software at the same time. Unknowingly to the users, the cybercriminals were able to acquire approximately 87GB of data.

This happened in a developed market whereby security is advanced compared to emerging and frontier markets. It shows how dangerous the malware is and the more damage it can cause in the absence of updated security. In Africa where technology is now at the initial stage, cybersecurity is still not given adequate funding, which puts the continent and a majority of the organizations at risk.

To keep free of keystroke logging, it is crucial to have updated anti-malware security software in place. Most keyloggers are introduced to a computer through malware programs such as viruses or trojans. For instance, a user may click on a malicious link and the keylogger is installed or a user may download a trojan, a malicious piece of software that pretends to be a useful utility, which in turn implants the keylogger in the computer.According to the white-hat hacker, Brian Muuo, keyloggers can enter a computer when one clicks on a pop-up ad or when visiting unsafe websites. 

“The victims usually wander off into unsafe sites while surfing the web, or click on pop-up ads that direct them to other sites without knowing that this opens up their system to this malware that will be able to track and record every keystroke entry made on a computer including passwords,” he says.This is why it is crucial to have updated security software as well as stay off any unsafe websites or downloads from unknown sources. If a user suspects that their computer is already infected with a keylogger, then it is important to get an antivirus software or an anti-keylogger software that can get rid of the malicious program. Signs of keystroke logging include lagging of the mouse and keyboard when typing.

Keylogging has been around for ages and it is here to stay. Individuals need to ensure their software’s are updated and they are careful of the sites they visit and the downloads they make to stay clear of this risk.   

Writer is an inhouse contributor and lead business researcher

Sign Up