The increasing use of keyloggers on our cyber front is a concern worth addressing before significant damages can occur. Plain and simple, keylogger software and hardware track the succession of keys struck on a keyboard. Ultimately, this information is recorded to monitor computer activity when the owner is not the only user. This can be accomplished without the knowledge of said user, as the captured data is stored inconspicuously within the computer’s hard drive where only the installer of the keylogging device would be aware.
On its face, the collection of confidential information (without consent) can be viewed negatively, but there are cases where keylogger use is more acceptable. For instance, it may be important for businesses to monitor keywords that could reveal potentially harmful information to their financial wellbeing, if delivered to the wrong hands. Additionally, parents often feel a duty to monitor their children’s online activities with the purpose of maintaining their safety. These cases are just a few of the ways keylogging devices can be used in a more or less appropriate manner. Yet even in these circumstances there lies a fine line between preventative monitoring and blatant intrusion of personal information.
Basic keylogger hardware can be directly installed on the keyboard cable and attaches to the input often found at the rear of the CPU. However, this hardware exists in many forms and is even employed in attempts to acquire financial information from ATM machine users. Keyboard overlays, which are often utilized in ATM skimming operations, provide another example of keylogging hardware. In these cyber schemes, overlays are placed directly on top of the actual PIN console and are created to resemble an authentic keypad. Another device is used to record the physical debit/ATM card info and with that information the fraudster can compromise your financial security.
Although legal, both software and hardware created with the purpose of recording keystrokes are available to the general public and thus, corrupt operators. Exploitation of keylogging programs is commonly perpetrated through use of the internet and victimized email accounts.
As previously mentioned, the data acquired through use of keylogger software is most readily installed and stored on the monitored CPU. However, experienced cyber fraudsters can infect foreign computers with spyware designed to obtain keystroke logs. Remote access software can be developed in the form of a Trojan (horse), which is a malicious program that allows a hacker access to a target computer system. The cyber fraudster will then be able to access your keystrokes (and much more) once this seemingly benign software is downloaded onto the objective unit.
Keep in mind that remote access software is not only characteristic of malicious attacks, but is indeed available with the purchase of select keylogging programs that are legal. It should also be noted that there are other advanced forms of keyloggers available that employ acoustic, optical, and electromagnetic technologies to obtain data. However, these types are not used in great frequency as of this date.
The mere existence of keyloggers has created another cyber-related issue regarding our moral responsibility. Most are under the general understanding that infecting foreign computers with keyloggers is not acceptable. But where should we stand on installing keylogger devices and software in our own or business computers? If the user is aware that his/her keystrokes are being logged many would agree that this use is acceptable. However this is not always the case. Nevertheless, it is ultimately up to you to decide how to utilize information obtained through keystroke logging.