Information safety: watch out for keyloggers

Image of a USB keylogger

Image of a USB keylogger

Nowadays, we’re all more aware of potential security threats, like unattended bags or dangerous behavior, in public places like malls and airports. We also know what to do when we observe a threat: “see something, say something.”  When using public computing facilities, like our Briscoe Library Information Commons, other computer labs and libraries, or open wi-fi networks, it’s just as important for all of us to be aware of information security threats.  One such potential threat is represented by keyloggers, so we want to make sure you know what they are, and how to protect yourself (and others) against the threat.

What is a keylogger, and what does it do?  The Health Science Center’s “Glossary of Information Security-Related Terms” defines a keylogger as a “hardware device or a software application designed to capture user keystrokes. The device or application is usually installed without the user’s knowledge, and is used to capture user information (passwords, credit card information, PINs, etc.). The information is later retrieved by the intruder.”

What does a keylogger look like? As the definition suggests, there are two kinds of keyloggers: hardware devices and software programs.  The hardware devices can be very tiny — often little larger than a quarter — and look a little like a USB flash drive (see picture at right).  They connect to the same USB or PS/2 port where the keyboard would normally connect, between the keyboard cable and the computer itself.  Software keyloggers, on the other hand, can’t be seen — in some cases, they may be detected by antivirus or antimalware tools, but not always.

What’s the risk? If you use a computer with a keylogger installed, every keystroke is recorded — as you log in, your password is recorded; if you access Facebook, that password is recorded; if you use online banking, your password is recorded; if you shop online with your credit card, your card number is recorded — and all of these can then be harvested by the intruder who has installed the keylogger.

How do we protect you at the Libraries? To protect against hardware keyloggers, we are now regularly inspecting our public machines to ensure they are free of unauthorized hardware.  However, we need your help — if you see anything suspicious attached to one of our computers, please let the library staff know immediately.  To protect against software keyloggers, we employ a system at the Libraries that automatically removes all newly-installed software and newly-created documents from the computer each time it is rebooted.  We also need your help, though — don’t allow any software to install on a Library computer unless you are absolutely sure of its source.

How can you protect yourself in public computing environments? Obviously, be aware of the computer environment you’re using.  Check for hardware keyloggers; check that there is anti-malware software installed and that it’s up-to-date; and if you’re not sure, run an anti-malware program on the machine yourself (such as MalwareBytes or SpyBot Search & Destroy).  If your webmail or social networking provider offers a two-factor authentication option, consider enabling this option, so that logins at new computers (like public computers) require you to confirm with a separate code.  If you must enter passwords on a public computer that may not be safe, form filler or password manager programs like KeePass+KeeForm or LastPass may help protect you against many (but not necessarily all) keyloggers.

If you’ve got questions, please contact one of our friendly librarians and we’d be happy to help.  Your safety — and the safety of your private information — is vitally important to us.