Sunday, July 12, 2009

Keystroke Loggers: "The NEW Threat"!

We all know that Keystroke Loggers or "Key Loggers" have been around for a long time, and we have seen many cases in which they have been abused. Typically the reason they are discovered is because the person that is installing a Key Stroke Logging Device has to gain physical access to the computer, and their time for doing this is usually very limited. With Key Stroke Logging Software, while physical access to the computer might not be needed (as in they can be installed remotely with such techniques as using an email attachment), this type of Key Stroke Logger might not be as reliable as a Key Stroke Logging Device, their are usually software solutions to help detect them, and getting them past the computer owner is usually pretty dicey.

Enter the "NEW" Key Stroke Loggers. There are two types of Key Stroke Loggers that are being experimented with now. One uses the electrical signals that emanate from the cable from the keyboard to the PC to the ground wire, and from that ground wire to the ground wire used to power the actual PC, none of which are shielded (It Is A TEMPEST Concept). These signals from the keyboard are then picked up and translated to readable format, with software. This method can be implemented from up to 15 feet from the electrical outlet that he PC is plugged into. No longer is it necessary to gain physical access to the computer to install a reliable Key Stroke Logging Device.

The other method uses a laser scope to beam the vibrations that are caused by punching the keys on the keyboard of a laptop. Each vibration that is caused by punching the keys on a laptop is unique, and each unique vibration can be translated into the letter or number that was punched on the keyboard. So, what happens is a laser scope is pointed at a shiny part of the laptop, or even a shiny object that is in close proximity to the laptop, and then the vibrations are beamed back through that laser beam to a receiver that translates the vibrations that are caused by punching the keys on the laptop into readable format, a sound card is used to translate the vibrations from the target punching the keys on the laptop. 

Here is a link with more detailed information on this technology: "The NEW Key Loggers"

Right now, these concepts are fairly new and are in rudimentary form. The concern is that this was all researched, and the concepts were all proofed in less than a week. This was demonstrated at the latest Black Hat Conference. Imagine how far this technology can be extended with a dedicated team of researchers working on it for a few months. 

This is the face of the new threat that we will confront in Data Theft!

Ricky B. Gurley  Best Cyber Investigator