Computer Security is something large commercial organisations have long since realised cannot not be ignored. SME's (Small and Medium-sized Enterprises) are not always so diligent, this is often down to the lack of resources or the simple fact that no one in particular has sole responsibility for it. Sure, it should be part of any IT function, but with all the other more pressing day-to-day demands it is also something that sits untouched on a 'to do list', if it even makes it on to the list at all.
Then there's the home and personal users who in most cases just don't understand the dangers. Any thoughts regarding security stop at the purchase of some antivirus software or a possible reluctance to use a credit card online in case it is compromised. The thought of having to stop hacker intrusion of their computer may never have crossed their minds.
Computer security should be a concern for everyone with a personal computer or laptop, from the home user to the world's biggest corporations - they all have good cause for concern. The readily available supply of both hardware and software keyloggers is making it easy for the cyber criminals to gain access to sensitive and potentially harmful personal and corporate data.
I'd just like to make one thing clear. Keystroke recorders, or Keyloggers as they are also known, are legitimate surveillance hardware or software methods which are completely legal. How can that be? I hear some of you say. Well, it is important to distinguish between legitimate and fraudulent / covert use of these devices.
As a legitimate surveillance tool Keyloggers are often used by employers to ensure employees use work computers for business purposes only. Keyloggers can record instant messages, e-mail, and any information an employee types using their keyboard. A log file of keystroke activities is created by the keylogger which can then be sent to a specified receiver for examination. Some keylogger programs can also record any e-mail addresses the employees' use and Web site URLs they visit. All activities are logged into a file, supported with screen snapshots.
In cases of under performance an employer may use this method to check on an employee's activity - it may expose time wasted on web surfing, instant messaging or time spent on social networking sites, time which should be spent working.
Parents worried about the safety of their children when online can use keyloggers to monitor their activity. I know this may raise huge questions about trust, but parents have to balance this against the potential dangers presented by the unscrupulous and devious in our society who try to groom children for unsavoury purposes. It's a hard fact of life but there is a category of low-life who prey on the young and unsuspecting. If using this technology gives a parent peace of mind and ensures their kids stay safe then I regard it as a legitimate use.
Key logging recorders can be small hardware devices - small and usually unnoticed hardware keylogger devices inserted between the keyboard and the system unit can record every single keyboard input. A microcontroller interprets the data, and stores information in memory and just like a USB key drive will retain information even without being connected to a power source. Some of these devices can store up to 12 months of data entry. Every account reference, every password can be recorded. These hardware devices are quick and easy to install, just plug them in. They can also quickly be removed or moved to another computer.
Keyloggers can also be a software program which resides inside your system - a much harder thing to spot. I've seen some software versions advertised as a means to catching a cheating spouse or partner. To some people the suspicion that they are being cheated on can cause great heartache and anxiety which eventually becomes unbearable. In such cases they may invest in a product which may tell them one way or another if their suspicions are valid or not.
There are clearly legitimate reasons why people use keystroke recording methods as part of a security or surveillance activity. However, this also raises the question of what can happen when the criminal element use these methods on the unsuspecting computer user.
A physical security search of all computer hardware to identify the presence of hardware keylogger devices may seem like a tedious task - it is, but then again compare this with the theft of important data and the potential consequences if this found its way into the hands of the criminal fraternity. Perhaps that search wasn't so tedious after all.
If being used covertly hardware keyloggers have to be deliberately connected by someone who has physical access to the computer in question. Software versions do not! It is the software versions which give rise to the greatest concern.
Users may unwittingly download the software version when visiting a website or when they download other legitimate content from the net. The software version can sit undetected hidden somewhere amongst your system files capturing every keystroke you make and relaying them to someone who could be anywhere in the world. That's every password, credit card number, bank details etc. - everything a criminal would need to start spending your hard earned money.
It's the software version which is the real threat to the general personal computer user. The easy target that is unlikely to spot they have become a victim and who won't know how to stop hacker theft of their information. Who has never even heard of Keylogger Removal software or how to use it. These are the easy prey for the professional computer hacker.
For anyone who wants to read more about Keylogger Removal I invite them to check out my Blog on the subject: [http://www.keyloggerremoval.biz]
All the best,
Nigel Ridge
