Author: Carina Birarda, Leader of Special Cybersecurity Projects, GCBA Cybersecurity Center.
Cyber criminals are ramping up their efforts for intrusion in line with developments in existing technology. Rather than replacing traditional attack methods such as keystroke logging, they are augmenting them to compromise information security. Malware, Trojans, and social engineering attacks are being used as the attack vector for keyloggers. Keyloggers could be given a similar priority and importance as that of other malware. Having a strong password may or may not be efficient if the digital and physical keyboard itself is compromised. The current manuscript discusses how a keylogger functions across different platforms, devices, and operating systems to capture the firsthand information being typed onto the physical or digital keyboard. This manuscript also provides a sample keylogger in python programming language along with discussing the mitigation steps any cybersecurity engineer could adopt to detect and mitigate threats related to keyloggers.