Keystroke Logger Caught
from the getting-all-the-scammers dept
Lots of stories popping up this week of people who are getting caught in their various scams. We had the guy who tried to extort Google and the guy who ran a phishing scam. Now, the latest, is that federal prosecutors have charged a California man with placing a keystroke logger on a computer at an insurance company that employed him. He's been charged with illegal wiretapping and faces five years in prison. The interesting thing, though, is the only way they caught him was because he was fired from the company and asked another employee to remove the keystroke logger. In other words, it wasn't any real detective work, but him telling someone. This means, if he hadn't mentioned it, it's likely this would have continued and no one would have noticed. It seems likely that things like keystroke loggers are becoming increasingly popular for those involved with corporate espionage - but it doesn't seem like most companies do much to check if their computers are clean from such programs.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Hardware device?
If it was a physical "keycatcher" device, then physical access would normally be necessary to view the logs.
I say "normally" because the fifty buck consumer versions simply dump the log out to the PC when the user-selectable password is typed -- there are rumors of higher end products (some embedded in keyboards) with IR/RF/PCS transmission capability...
N
(P.S. I have no affiliation or affiliate kickback relationship with CyberGuys.)
[ link to this | view in thread ]
Re: Hardware device?
Would make more sense if it were hardware - surely even the sloppiest insurance companies would prevent their employees from installing unauthorised software?
...or maybe not :p
[ link to this | view in thread ]
Re: Hardware device?
Especially the bit about the charge being an electronic bugging device.
[ link to this | view in thread ]
Keystroke Loggers
One way to catch such antics in an always networked environment would be to monitor outgoing internet traffic on weekends when no one is in the office to build a list of external sites that are connected to from internal computers to external addresses. As for the hardware loggers there really isnt much of anything that can be done, aside from maintaining a trusted computer behind a locked door that is used for extremely confidential stuff.
The problem with that approach is that you are increasing the effort required to use a resource, thereby reducing it's utility. If you dont strike the right balance users will simply abandon/ignore secure operating practices.
[ link to this | view in thread ]
Which law?
[ link to this | view in thread ]
Re: Which law?
[ link to this | view in thread ]
qipao, cheongsam, qipao
[ link to this | view in thread ]
qipao, cheongsam, qipao
[ link to this | view in thread ]
qipao, cheongsam, qipao
[ link to this | view in thread ]
qipao, cheongsam, qipao
[ link to this | view in thread ]
qipao, cheongsam, qipao
[ link to this | view in thread ]