Educause Security Discussion mailing list archives
Re: USB Keyloggers
From: "Behun, Michael" <behun () BUFFALO EDU>
Date: Thu, 12 Jul 2018 17:06:55 +0000
keylogger incidents: USB keyloggers are put in series with USB keyboard 1. Detection: a. Physical – look to see b. USB keyloggers were passive pass-through - nothing at all in system log if machine is off 2. Attempts a. Yes 3. Discover a. Complaint from individual b. Investigation of unauthorized access to system c. Security Camera footage d. Tracking unauthorized login with compromised credentials Hopefully, you will get compromised account and other account from same IP. 4. Remediation a. Criminal complaint / charges b. Administrative Staff – use two Factor Reviewing: 1. physical security changes 2. Faculty 2 factor authentication for systems involving grades. Comments: 1. Physical security is difficult. After reviewing several implementations, teaching stations and cabinets are designed to keep equipment from being stolen not prevent USB port access. 2. We have not seen an incident with the USB wifi keylogger, yet. Mike Michael Behun, CISSP HCISPP Computer Discipline Officer CIT HIPAA Compliance Officer VP CIO HIPAA Security and Privacy Official University at Buffalo 1 716-645-7739 behun () buffalo edu<mailto:behun () buffalo edu> From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Hiram Wong Sent: Thursday, July 12, 2018 12:04 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] USB Keyloggers Hi Everyone, I was wondering if any of you have any experience with USB keyloggers and detection of them? Have you had attempts from students, employees, etc to gain access to usernames and passwords via a keylogger? How did you discover it and what was the remediation for the event? Thank you in advance! Hiram -- [eSig Logo] Hiram Wong, CISA Information Security 2411 West 14th Street, Tempe AZ 85281 phone | 480-784-0519 email | @domail.maricopa.edu<mailto:@domail.maricopa.edu> website | https://www.maricopa.edu<https://www.maricopa.edu/> [eSig facebook]<https://www.facebook.com/maricopa.edu>[eSig twitter]<https://twitter.com/mcccd>[eSig linkedin]<https://www.linkedin.com/company/maricopa-community-colleges>[eSig youtube]<https://www.youtube.com/user/themcccdEDU>[eSig instagram]<https://instagram.com/maricopacc/> [facebook]<http://www.facebook.com/maricopa.edu>
Current thread:
- USB Keyloggers Hiram Wong (Jul 12)
- Re: USB Keyloggers Doty, Timothy T. (Jul 12)
- Re: USB Keyloggers Behun, Michael (Jul 12)