Skip the navigation

Spyware sneaks into the desktop

Once viewed as simply a consumer desktop problem, spyware is increasingly viewed as a corporate liability that IT has to address.

May 3, 2004 12:00 PM ET

Computerworld - Bruce Edwards began to understand that spyware was more than a consumer PC problem when his users started complaining loudly about poor performance and an increase in pop-up ads. But it wasn't until after he'd checked all of his organization's PCs that Edwards understood the full scope of the problem.

"My customer workstations were really gummed up," says Edwards, LAN administrator at the Administrative Office of the Courts in Little Rock, Ark. All 200 machines in his offices were running a wide range of spyware, and many were running multiple programs. The programs ran in the background without the users' knowledge, downloading information on Web surfing activities and uploading advertising in the background for use in pop-up ads. As the volume of these hidden programs grew, they began using up system resources and choking off network bandwidth. Annoyed with all the pop-up ads, some users downloaded free pop-up blocker programs that installed even more spyware.

Spyware programs discreetly install themselves on PCs, establish a back channel over which to download information about the user and typically upload advertisements—often over HTTP Port 80. Programs designed specifically to deliver targeted advertising are also called adware. But adware and other types of software that install without the user's explicit consent and establish background communications—including surveillance programs, key loggers, remote control tools and Trojans—are also described as spyware.

Companies have traditionally viewed spyware as a nuisance that's best handled by desktop support groups. But IT organizations are beginning to view it as a security risk as well because spyware is becoming more common and the programs are growing more sophisticated.

Spyware Sneaks Into the Office
Image Credit: David Plunkert

Edwards used PestPatrol, a spyware scanning and removal tool, to clean up the mess. But the big issue for him isn't system performance or productivity-sapping pop-ups—it's the uneasy feeling that these programs have opened an unauthorized communication channel that could put sensitive court documents at risk. He worries that, in addition to downloading data on Web surfing activity, a spyware program may capture user log-in and password information, or that a benign adware program may provide a communications pathway that could be hijacked for uploading more malicious software.
Analysts say that while some adware programs simply monitor Web surfing activity and serve up annoying pop-up ads, others could be stealing e-mail addresses and passwords, allowing background downloads of more malicious software, or sending sensitive data to competitors. "We think the capability to do that is there," says John Pescatore, an analyst at Stamford, Conn.-based Gartner Inc.

Getting In

Spyware applications may install themselves after a user clicks on a pop-up dialog box, opens an e-mail attachment or downloads freeware. In some cases, unpatched Windows machines may be vulnerable to "drive-by" attacks, in which malicious code embedded in a viewed Web site exploits Internet Explorer vulnerabilities and lax security settings to install itself without the user clicking on anything.

Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!