HP Laptops Found to Have Hidden Keylogger

An article published on the BBC regarding key logging software installed on 460 models of laptop from 2012 onwards.  Although disabled by default, if activated by an attacker it would record all keyboard inputs.

An organisation will do everything it can to protect itself with Antivirus and Anti-Malware software on endpoints, robust security in the network and strong firewalls.

However, when the security vulnerability is introduced by software and drivers installed to operate something as benign as a mouse touchpad it raises a question, what can you do to be fully protected?

Firstly, no normal network is 100% secure, to operate in a business environment you need to connect and collaborate with others and that introduces risks which need to be managed.

How do you mitigate against this particular problem?

With difficulty.

Using analytical solutions that monitor traffic across your network such as Cisco Steathwatch.  It highlights and blocks any abnormal client behaviour like where a device starts uploading the data captured by the keylogger. The firewall or web proxy services will also alert or block on any issues that traverse them.

The ongoing challenge for organisations

The biggest challenge facing organisations now will be to understand the impact of this particular risk and to remediate.

For those using desktop management platforms such as Microsoft SCCM they will be able to audit the estate for machines with affected software installed and then, once tested, push out the patch to the relevant machines.

For organisations who do not have this capability, now would be a good time to look at investing in this capability.