Keystroke Logger Caught

from the getting-all-the-scammers dept

Tue, Mar 23rd 2004 06:44pm - Mike Masnick

Lots of stories popping up this week of people who are getting caught in their various scams. We had the guy who tried to extort Google and the guy who ran a phishing scam. Now, the latest, is that federal prosecutors have charged a California man with placing a keystroke logger on a computer at an insurance company that employed him. He’s been charged with illegal wiretapping and faces five years in prison. The interesting thing, though, is the only way they caught him was because he was fired from the company and asked another employee to remove the keystroke logger. In other words, it wasn’t any real detective work, but him telling someone. This means, if he hadn’t mentioned it, it’s likely this would have continued and no one would have noticed. It seems likely that things like keystroke loggers are becoming increasingly popular for those involved with corporate espionage – but it doesn’t seem like most companies do much to check if their computers are clean from such programs.

Nonesuch (user link)

March 23, 2004 at 11:38 pm

Hardware device?

It’s not entirely clear that the “keystroke logger” was software, and not a physical hardware device installed inline between the keyboard and the PC,

If it was a physical “keycatcher” device, then physical access would normally be necessary to view the logs.

I say “normally” because the fifty buck consumer versions simply dump the log out to the PC when the user-selectable password is typed — there are rumors of higher end products (some embedded in keyboards) with IR/RF/PCS transmission capability…

(P.S. I have no affiliation or affiliate kickback relationship with CyberGuys.)

Matt

March 24, 2004 at 12:18 am

Re: Hardware device?

Reading through this Techdirt entry, it didn’t even cross my mind that it was a software logger until the very end – I had assumed it must have been one of those hardware loggers.

Would make more sense if it were hardware – surely even the sloppiest insurance companies would prevent their employees from installing unauthorised software?

…or maybe not :p

Brian J. (user link)

March 24, 2004 at 6:26 pm

Re: Hardware device?

I’m with you guys. Sounds like hardware.
Especially the bit about the charge being an electronic bugging device.

JonnyRo (user link)

March 24, 2004 at 10:28 pm

Keystroke Loggers

It is a very valid concern from an IT professional’s point of view to be worried about users having keystroke loggers, physical or otherwise, installed on their systems. Many users are non-technical and might operate for years without ever noticing a keystroke logger, heaven forbid they are duped into installing it themselves.

One way to catch such antics in an always networked environment would be to monitor outgoing internet traffic on weekends when no one is in the office to build a list of external sites that are connected to from internal computers to external addresses. As for the hardware loggers there really isnt much of anything that can be done, aside from maintaining a trusted computer behind a locked door that is used for extremely confidential stuff.

The problem with that approach is that you are increasing the effort required to use a resource, thereby reducing it’s utility. If you dont strike the right balance users will simply abandon/ignore secure operating practices.

Anonymous Coward

March 26, 2004 at 9:08 am

Which law?

I’ve read on many occasions that federal bugging laws only apply to voice communications. Hence, hidden cameras that did not record sound were OK, whereas hidden microphones were not. If that’s true, then how do federal bug laws apply to a keyboard logger? Can anyone here tell me exactly which law he is charged with violating?

Sweetsuzee

March 27, 2004 at 11:59 am

Re: Which law?

“Illegal wiretapping” includes any and all violations involving phone wires. The keyboard logger is more akin to wiretap than videography.