Spyware sneaks into the desktop
Once viewed as simply a consumer desktop problem, spyware is increasingly viewed as a corporate liability that IT has to address.
Computerworld - Bruce Edwards began to understand that spyware was more than a consumer PC problem when his users started complaining loudly about poor performance and an increase in pop-up ads. But it wasn't until after he'd checked all of his organization's PCs that Edwards understood the full scope of the problem.
"My customer workstations were really gummed up," says Edwards, LAN administrator at the Administrative Office of the Courts in Little Rock, Ark. All 200 machines in his offices were running a wide range of spyware, and many were running multiple programs. The programs ran in the background without the users' knowledge, downloading information on Web surfing activities and uploading advertising in the background for use in pop-up ads. As the volume of these hidden programs grew, they began using up system resources and choking off network bandwidth. Annoyed with all the pop-up ads, some users downloaded free pop-up blocker programs that installed even more spyware.
Spyware programs discreetly install themselves on PCs, establish a back channel over which to download information about the user and typically upload advertisementsoften over HTTP Port 80. Programs designed specifically to deliver targeted advertising are also called adware. But adware and other types of software that install without the user's explicit consent and establish background communicationsincluding surveillance programs, key loggers, remote control tools and Trojansare also described as spyware.
Companies have traditionally viewed spyware as a nuisance that's best handled by desktop support groups. But IT organizations are beginning to view it as a security risk as well because spyware is becoming more common and the programs are growing more sophisticated.
Image Credit: David Plunkert
Edwards used PestPatrol, a spyware scanning and removal tool, to clean up the mess. But the big issue for him isn't system performance or productivity-sapping pop-upsit's the uneasy feeling that these programs have opened an unauthorized communication channel that could put sensitive court documents at risk. He worries that, in addition to downloading data on Web surfing activity, a spyware program may capture user log-in and password information, or that a benign adware program may provide a communications pathway that could be hijacked for uploading more malicious software.
Analysts say that while some adware programs simply monitor Web surfing activity and serve up annoying pop-up ads, others could be stealing e-mail addresses and passwords, allowing background downloads of more malicious software, or sending sensitive data to competitors. "We think the capability to do that is there," says John Pescatore, an analyst at Stamford, Conn.-based Gartner Inc.
Spyware applications may install themselves after a user clicks on a pop-up dialog box, opens an e-mail attachment or downloads freeware. In some cases, unpatched Windows machines may be vulnerable to "drive-by" attacks, in which malicious code embedded in a viewed Web site exploits Internet Explorer vulnerabilities and lax security settings to install itself without the user clicking on anything.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts