emPower

Sometimes Hackers Use Hardware

Hackers don’t always try to break into computer systems through the Internet, or by using malicious software (malware) in email attachments. If they can gain physical access to computers, there’s often a simpler way.

Several public libraries in the UK have reported finding keyloggers attached to the back of PCs. These devices, which look a lot like normal USB flash drives, monitor the keystrokes – including usernames and passwords – of all users of the PCs. So, if you used one of these PCs to access your bank account, your Facebook profile, or your email, your identity might have been compromised.

Hardware keyloggers are very small and, unless you look carefully at the back of the computer – and know exactly what you’re looking for – they can be almost impossible to detect. Here’s an example:

As well as being difficult to spot, they’re also relatively cheap (<$100) making them ideal for aspiring criminals.

One of the most dangerous (and unrecognized) aspects of hardware keyloggers is that SSL (Secure Sockets Layer) encryption is bypassed – the keyboard entries are intercepted before they’re encrypted. So looking for the lock icon on your bank website isn’t going to help you.

What does this mean for your security awareness training? Even if your offices are locked down and a hacker couldn’t gain access to install a hardware keylogger, you should still be concerned. If your staff are using the same password for their Hotmail account as for your corporate email system, or if they’re accessing your corporate systems from a public computer, you could be in trouble. This is a topic that you do need to cover – perhaps as one of your monthly security reminder emails.

You can read more in this post on the Sophos blog: Hardware keyloggers discovered at public libraries; and in this report from the Macclesfield Express: Cyber-crime alert after ‘bugs’ found in library computers

Like this post? Subscribe to receive updates directly in your inbox.