Such an innocent looking device! My keyboard. Friend of my fingers, taking my thoughts and making them digital. But in that very act, my thoughts are prey to the silent world of keystroke hackers who can record and steal my keystrokes to gain access to the secret domain of my data. Worse! Do I use my smartphone microphone? Yes, they can listen. So what’s a blogger (or reader) to do? Helpful information is provided by a Malwarebytes article
Are you listening?
One of the big problems of those who log your keystrokes (keyloggers) is that you don’t know they are listening. Or recording your keystrokes. And when you think about the vast array of things you input via keyboard! We are talking passwords, search terms, screen shots, email written, instant messaging sessions, financial information like credit card numbers, PIN codes and bank accounts, sensitive business and personal plans. So in essence, you are putting this information out over the Internet where it is accessible to the listening cyber criminal. Who in turn, sells it to nefarious third parties with criminal designs.
The keylogger, by design, does not want to be known. They are not interested in harming the system or the hardware. They are not seeking to encrypt your files and hold you ransom. They simply want to be left to their devices while they seek out all your information. The big question is, “How can I tell if I have a keylogger on my system?”
Keylogger Software
Like other malware, the keylogger software invades your PC or Mac or Android or iPhone by installing a file when you (the user) click on a file attachment you believe to be safe. Social engineering schemes are well disguised – especially in the realm of social media – to overcome our natural hesitancy. The phishing expedition has presented itself through a text, instant message, social media link, or visit to a normally legitimate website which has been infected with a “drive-by malware download.”
Keylogger Government Operations
The history of keyloggers is one of the earliest means of government clandestine operations, dating back to the 70’s and 80’s. An early example of this type of spying took place when Soviet spies developed a clever keylogger targeting IBM Selectric typewriters in the US Embassy in Moscow. Not tracking digital information, but physical movement of the print head. Ad the print head rotated and moved to type each letter, the device measured the changes in the typewriter’s regional magnetic field. Amazing! From that a list of letters could be formed and information made accessible. The Soviet embassies opted to use manual typewriters, just to be on the safe side, for typing classified information.
What Can Be Done?
Once again we ask the question. What can be done? If this operation is at the highest levels of government activity, what hope is there for all of us common users? “The answer is, ‘It depends!'” Evidently, there is a difference in the quality of the software that makes a difference. If a high-grade commercial software is installed to monitor your keystrokes you will not notice. But if the software is of a poorer quality there may be a slowdown in web browsing performance (don’t we all!). Or there’s a noticeable lag in mouse and keystroke activity, at times so severe that what you type doesn’t show up onscreen. Something just doesn’t seem right.
Of course, the best way to protect yourself and your equipment from falling victim to keyloggers is to scan your system regularly with a quality cybersecurity program. -Malwarebytes
Second Steps
Along with using an anti-malware program like Malwarebytes, you should keep your operating system, applications and web browsers up to date with the latest security patches. Avoid the common mistakes that lead to being infected. Skeptical about any attachment. Especially when unexpected. Use strong, long and complex passwords. Don’t use the same password for multiple access points.
Blogging? That’s what I want everyone to read and have full access to. Personal banking information? Not so much! Basically, it is important to make a distinction between private and public. Keeping control of your computer environment enables you to make that distinction yourself. Not allowing someone else to plow through your information and decide what they want.