Simple tips for defending against keylogger attacks
It took the University of Kansas (KU) over a year to notify staff that a student had been using a keylogger to record faculty login credentials to change his grades in the faculty grading system. Although deceit is nothing new, the tools to cheat are easy to access and they’re cheap. Keyloggers that are directly installed onto a computer by walking up to it don’t require any computer expertise. This low-level form of hacking can be done for less than $20 and takes only seconds. A few simple steps could have prevented this unauthorized access and fraudulent grade change. We’re going to discuss some simple things educators can do to secure faculty computers.
Poor Security Practices
We can use the KU keylogger case as a good example of poor computer security practice. Educators are around hundreds to thousands of people per year, including other staff members, students, and visitors. If educators also use their computers at home or anywhere off campus, the risk of hacking and identity theft is further increased. According to the Department of Education, as of 2014, there are over 100,000 public educational institutions in the United States. Millions of full and part-time faculty teach at these schools and colleges. The sheer number of people involved means there’s a wide variety of possible computer security threats. Similarly, not all employees are internet security experts. There’s a large number of faculty that lack basic software, network, firewall, and antivirus knowledge. This is a complicated issue that likely changes at every educational institution.
The above KU keylogger case is just one example of what someone can do with the information they obtain from unauthorized access. There are many other things people can do with your information: access your bank account, pose as you, open credit, make purchases, talk to your friends, read your email, and much more. We’re just using the KU case as a specific example and to discuss how it could have been prevented.
No doubt, a few students will try to change their grades to something higher, if they could. The primary way they do this is by simply using your username and password to login and change grades. This is particularly hard to detect when you aren’t watching out for it. If you look deep enough, each of these cases likely start with poor security practices, and they are almost always preventable.
Defending Against Keylogger Attacks
A keylogger is either software or a hardware (or both) device that can record keystrokes while the computer is turned on, typically without any obvious sign that it’s occurring. Keyloggers can be installed as software or attached as hardware to the computer’s USB ports (typically). One popular method of attacking someone with a keylogger is to simply walk up to their computer and plugin a simple USB dongle that takes advantage of Window’s Plug-and-Play technology. Other methods include installing add-ons in a browser or other hidden executables that disguise themselves as normal processes. These are impossible for non-experts to detect because they are often running in plain view to the user. Antivirus and firewall use is a must, but they might not catch all instances of a real-time keylogger attack. The best defense is a good security policy to begin with, preventing these scenarios from happening, at least as much as possible.
Consider these simple steps to reduce your risk of a keylogger attack:
- Never leave your computer unattended.
- Always have eyes on your computer to see who comes near it or tries to plug anything into it.
- Always lock your computer up at the end of the day.
- Use complicated, lengthy, mixed (case, number, special character) passwords for all accounts.
- Never login within view of another person. Your keystrokes should not be seen by anyone standing next to you or possibly filming your password with video glasses.
- Inspect your computer for unknown devices plugged into it (regular basis).
Consider these steps as a more complex defending strategy for preventing keylogger attacks:
- Always use custom antivirus and firewall settings on the highest settings. The highest settings may catch real-time processes that request unusual resources or attempt to connect to another IP address.
- High security systems may temporarily disable USB ports or use advanced BIOS features to require authentication before ports or terminals become active.
- Use two-factor authentication for grading systems.
- If you are the IT department head of your school, consider mandatory antivirus and firewall use for all faculty and administrator computers, and provide them with the basic tips above. Good policies prevent most simple hacking attempts.
- Regularly launch process monitors to review suspicious processes and associated trees.
Best Practices
Although the attacker is at primary fault for most hacking cases, we cannot deny that many of them were preventable, especially if the victim had been using better security practices. As you see above, there are multiple things people can do to secure their computers and data. Educators are at higher risk for theft, unauthorized access, viruses, and keyloggers. The same steps discussed above can apply to everyone else. Better data security starts with the individual.
More about author.