Corporate security typically includes strong endpoint protection as part of a data protection security plan. Unfortunately, rarely does the perimeter extend to the keystrokes, where undetected polymorphic keyloggers steal the credentials often leveraged to advance a breach. Polymorphic malware is a type of malicious software that changes its code and appearance to evade detection. Studies show that today, over 90% of malware has polymorphic capabilities. With the rapid growth of open-source AI and its ability for hackers to create polymorphic keyloggers, the perimeter must be expanded again to include the vulnerable area where data is created, at the keystroke level. This protection is now called “Keystroke Transport Layer Security” or KTLS. 

 

Freely available AI like ChatGPT expanded rapidly with 100M customers and 1B site visitors in just the first two months of its launch and has changed the landscape of cybersecurity. AI is an important tool when used by businesses and employees, but it comes with a new risk. It provides hackers the perfect tool to create polymorphic keyloggers and deploy to endpoints at record speed. These keyloggers cannot be detected by anti-virus and they capture all sensitive data before a VPN ever has a chance to protect the data.

 

Keyloggers have become increasingly evasive, as shown in a recent breach of one of the most popular password protection managers, LastPass. This was accomplished by exploiting a vulnerability in a third-party software package and installing a keylogger on one of the four individuals who had access to the secured environment that protected millions of passwords. This keylogger allowed the hacker to bypass the multifactor authentication and all other security systems in place and take control of the decryption keys required to access the protected storage environment.

 

Keystroke Transport layer Security “KTLS” is very different and should not be confused with anti-virus , VPN’s, SSL, TLS Encryption or file and database encryption. Even with all other encryption protocols in place everything the user types is vulnerable to being captured by an undetected keylogger. By adopting the KTLS protocol, you will be utilizing EndpointLock™ Keystroke Encryption Software and encrypt everything typed into the device. This will make the keystrokes unreadable to all undetected keyloggers hiding on a device waiting to steal data as it is being created. Read more on the AI story and the LastPass breach in the links below.
 

Reference: Digital Guardian