What Is a Keylogger and How Can You Protect Yourself From One?
A keylogger is a device or program that monitors or records every keystroke you make. Think of it as a form of surveillance. Someone has access to each key you tap, and with that data, that third party could know your usernames, passwords, and more.
Experts say keyloggers pose the greatest threat to organisations, especially those that are small and have several employees that work from home.
Let us explain what keystroke loggers are so you can protect your company from this threat.
What is a keystroke logger?
Hackers want to know what you type, so they can gain access to your assets. This impulse isn't new. Keyloggers have been part of the hacker toolkit for decades.
In the 1970s, the Soviet Union deployed the first keyloggers. The tools measured IBM typewriter print heads to uncover what keys the typists were pressing.
Current keyloggers are slightly more sophisticated, and they measure data rather than ink. But the underlying principle is the same. A hacker uses a tool like this to understand what you've typed before you interface with your target destination.
A hacker could accomplish this through:
- Programming. A hacker alters drivers, or some other part of your computer to send a copy of your keystrokes to someone else.
- Hardware. A hacker supplies an infected keyboard or hands out a plug-in device to capture keystrokes.
- Video. Video of your typing hands could give a hacker information about your keystrokes.
It's somewhat easy to get infected with a keylogger. For example, in 2021, hackers set up a decoy website for a popular utility, and users were encouraged to download what seemed like a software update. Once they did, they were infected with keylogger malware.
Other infection methods include:
- Email. Hackers send suspicious files from innocent-seeming addresses. They may contain infected links, attachments, or both.
- Viruses. Another machine on the network infects nearby devices.
- Stored files. A document or photo on the server is infected. Downloading the item infects the computer.
Once you’re infected, the keylogger can begin data collection. Some take information you type into just one website, while others capture every click and tap. Very sophisticated versions can also see what you copy/paste. And some can take over your camera and microphone too.
How are keyloggers harmful?
Imagine reading every letter you type aloud, and think about all of the sensitive information you'd share with everyone in earshot. You've just outlined the risks of keyloggers.
A bad actor could use a keylogger to:
- Research. A student hoping to save a little money downloaded software infected with a keylogger. That decision let hackers inside a biomolecular research institute, where they stole a week’s worth of data.
- Steal. Hackers sent victims infected email messages. Once users deployed the software inside the notes, hackers gained access to bank accounts and all the money inside.
- Ransom. A woman in New Jersey lost contro