CMMC Keylogger

What are keyloggers and what guidance does the CMMC provide

September 25, 2020
A keylogger is a device or application that is used for keystroke logging. This captures and records a computer users' keystrokes. This includes capturing sensitive passwords. While keylogging is occurring the person using the keyboard is unaware that their actions are being monitored.

Is a keylogger hardware or software?

A keylogger can either be hardware or software. A hardware based keylogger can be implemented via BIOS-level firmware, or alternatively, via a device plugged inline between a keyboard and the computer. They log all keyboard activity to their internal memory. Software-based keyloggers are computer programs designed to work on the target computer's operating system. Software based keyloggers can come in the form of; Hypervisor-based, Kernel-based, API-based, Form grabbing based, Javascript-based, and Memory-injection-based.

When were hardware keyloggers first used?

key logger
Keyloggers first appeared in the 1970’s when the Soviet Union developed and deployed a hardware keylogger targeting typewriters in the US Embassy and Consulate buildings in Moscow.

When were software keyloggers first used?

Software keyloggers first hit the scene in 1983 when an early keylogger was written by Perry Kivolowitz.

Were keyloggers ever used by the FBI?

lifecycle
Yes, in 2000 the FBI used FlashCrest iSpy, a key logging software to obtain the passphrase of Nicodemo Scarfo, Jr., son of mob boss Nicodemo Scarfo. Also in 2000, the FBI lured two suspected Russian cybercriminals to the US in an elaborate ruse. The FBI captured their usernames and passwords with a keylogger that was covertly installed on a machine that they used to access their computers in Russia. The FBI then used these credentials to hack into the suspects computers in Russia to obtain evidence to prosecute them.

What guidance does the CMMC provide regarding keyloggers?

Various CMMC practices if implemented can help your organization avoid the threat of key loggers. Physical access controls can help prevent a malicious person from installing a physical keylogger on your systems. Implementing the principles of least functionality and least privilege can reduce the risk of key logging software being installed on your systems. By installing and properly configuring anti-malware solutions on your systems you can block and detect software keyloggers. By properly configuring your firewall to block unauthorized traffic you can prevent a keylogger from sending any captured keystrokes back to the attacker.
 

Discover Our NIST SP 800-171 Solutions:

 /assets/images/compliance_accelerator_white.png

Compliance Accelerator

For contractors seeking compliance
 /assets/images/quantum_assessor_white.png

Quantum Assessor

For IT service providers
 /assets/images/supply_chain_logo_white.png

Supply Chain Verifier

For contractors seeking to verify partner compliance