Keyloggers, a type of malware that tracks a person’s keystrokes through either hardware or software may be one of the lesser-known IT security threats, but, according to a McAfee white paper, they are very much on the rise – and a booming business for cyber-criminals.
The Internet security company recently released “Identity Theft,” a white paper by McAfee Avert Labs‘ senior virus research engineer Francois Paget, that details how the perpetrators go about obtaining the information. The first key finding relates the fact that, “between January 2004 and May 2006, the number of keyloggers increased by 250 per cent.”
According to McAfee threat researcher Craig Schmugar, the majority of users suffering from keyloggers took an action (i.e. clicked on a link) that resulted in the keylogger infestation, but the most threatening of all keylogger carriers are bots, the “robots” that infiltrate a nearby computer automatically via the Internet, allowing the “commander” to control the now-“zombie-fied” machine.
An employee, for instance, could pick up a bug from their wireless Internet at home, bring the device into the office, and spread the bot to the company’s computers. “Out of the one million bots in the world today,” said Schmugar, “at any one time, more than half carry keyloggers. And that’s just when they get there. (The cyber-criminal) could put one in.”
And you don’t have to be a tech-genius to do so. “The people who have the technical skills have built the programs, and the people without the technical skills buy them. It’s like Malware for Dummies,” according to Schmugar.
No longer just lonely geeks
He said that the Web sites offering keylogger applications are not overly difficult to find, and once there, “you can customize them, enter a field, push a button, and this fairly technically advanced (programming) comes out the other end.” Those with rudimentary programming skills can find keylogger code on the Web and tweak it to perfection. These cyber-criminals aren’t playing around, either, said Schmugar.
“What was once perceived as the high-school kid/geek/loner doing this for kicks is now a slightly older person who is very serious.” He said that cyber-criminals are now often being hired into professional attack groups to write better keylogger code for them.
While many businesses are likely unaware of the growing threat of these legions of keyloggers, they certainly aren’t unaware of other identity theft methods. According to Joe Greene, IDC Canada‘s vice-president of security research, in a recent survey of 500 medium and large businesses, the No. 2 threat was phishing, the practice of using fake e-mails and Web sites to try and elicit information input.
“It’s difficult to gather statistics (on how many businesses have actually been infected) due to brand image and brand damage,” said Greene. But another IDC Canada survey shows that a significant number of businesses aren’t putting their money where their fear is: it found that almost a third of large businesses did not have any anti-spyware programs in place.
Greene said, “They’re still struggling to come to terms with what the threats are, as they change every day, and they have limited resources, and, often, an it-just-won’t-happen-to-me attitude.”