What are keyloggers and what guidance does the CMMC provide
September 25, 2020
A keylogger is a device or application that is used for keystroke logging. This captures and records a computer users' keystrokes. This includes capturing sensitive passwords. While keylogging is occurring the person using the keyboard is unaware that their actions are being monitored.
Is a keylogger hardware or software?
When were hardware keyloggers first used?
Keyloggers first appeared in the 1970’s when the Soviet Union developed and deployed a hardware keylogger targeting typewriters in the US Embassy and Consulate buildings in Moscow.
When were software keyloggers first used?
Software keyloggers first hit the scene in 1983 when an early keylogger was written by Perry Kivolowitz.
Were keyloggers ever used by the FBI?
Yes, in 2000 the FBI used FlashCrest iSpy, a key logging software to obtain the passphrase of Nicodemo Scarfo, Jr., son of mob boss Nicodemo Scarfo. Also in 2000, the FBI lured two suspected Russian cybercriminals to the US in an elaborate ruse. The FBI captured their usernames and passwords with a keylogger that was covertly installed on a machine that they used to access their computers in Russia. The FBI then used these credentials to hack into the suspects computers in Russia to obtain evidence to prosecute them.
What guidance does the CMMC provide regarding keyloggers?
Various CMMC practices if implemented can help your organization avoid the threat of key loggers. Physical access controls can help prevent a malicious person from installing a physical keylogger on your systems. Implementing the principles of least functionality and least privilege can reduce the risk of key logging software being installed on your systems. By installing and properly configuring anti-malware solutions on your systems you can block and detect software keyloggers. By properly configuring your firewall to block unauthorized traffic you can prevent a keylogger from sending any captured keystrokes back to the attacker.
Discover Our NIST SP 800-171 Solutions:
For contractors seeking compliance
For IT service providers
Supply Chain Verifier
For contractors seeking to verify partner compliance