VideoIn two years, spyware has gone from mere nuisance to serious concern, catching companies so off guard that many executives today still don't know what exactly spyware is. Think of it as a computer virus that has found a purpose in life. Viruses and worms have long posed a risk to corporate security because of their potential to bring networks down or corrupt important data. Spyware, on the other hand, doesn't just want to ruin your day, it wants to track your every movement, collect data right under your nose, and perhaps transmit sensitive corporate information outside the company. And since spyware is economically motivated (rather than being launched at the whim of bored computer geeks), its perpetrators have ample incentive to concoct new and improved versions that are consistently more difficult to eradicate.
"I've never seen anything evolve so quickly," says Sam Curry, vice president, eTrust Security Management, at Computer Associates (CA). "About 15 months ago, the calls started coming in from our enterprise customers one after another. It's been lurking for a while, but now everyone is worried about it."
Spyware is a catchall term that refers to software applications that reside on desktop machines or laptops and that log and often transmit information about that machine's user back to the creator of the spyware. While it's meant to be invisible, it often gives subtle signs of its presence. Last year, for example, the IT support staff at Miami Children's Hospital noticed something just wasn't right with the desktop machines used by the hospital's 650 physicians and 2,400 employees. "We had machines that experienced freak reactions," says Alex Naveira, the hospital's information security officer. "They were running too slow or they reacted oddly to Websites and pop-ups." After a battery of tests, the diagnosis was clear: an acute case of spyware.
Large Dollars Behind It
Provident Bank has also felt the strangling strain on support-desk resources that spyware brings. "We had a meeting several weeks ago and spyware was all we talked about," says Sean Wasta, senior network engineer at the $6.4 billion commercial bank. "Desktop support is noticing it cropping up on a lot of people's workstations, and it's taking up a lot of their time." The company relies on Microsoft Explorer-based interfaces for many of its internal applications, he says, and the glut of spyware hiding on users' machines often prevents these applications from working properly. Antivirus solutions haven't helped one bit. "Spyware ends up on all our desktops even though we have all the antivirus software applications," says Wasta.
In fact, two-thirds of IT professionals and security administrators say spyware is the top network-security threat of 2005, according to a survey by WatchGuard Technologies. Market research firm IDC predicts that the market for antispyware software will climb from $12 million in 2003 to $305 million in 2008. It also estimates that about two-thirds of the world's computers already have some kind of spyware on them.
Forrester Research predicts that 65 percent of companies will either purchase or upgrade antispyware software this year, making it the number one security technology of 2005. And most think the spyware epidemic is nowhere near peaking. "There are large dollars behind the scenes. The denial-of-service [DOS] craze and superworms never had this much money behind them," says CA's Curry. "Spam was a nuisance. This is a genuine security threat, and it will get worse before it gets better."
Sometimes spyware is simply annoying. It can take the form of applications dubbed "adware" that hide on your PC and then spring pop-up ads in your browser, or it might change your default home page or fiddle with the navigation toolbar of your browser to steer you toward specific Websites.
The developers of these programs embed their spyware on an unsuspecting user's computer in a variety of ways, including legal and technical tricks and promises. One such approach includes presenting a pop-up window that purports to be an end-user license agreement. Most users have become so used to clicking "OK" when such boxes pop up (if only to get rid of them) that they do so automatically, and thus spyware finds a home by being invited in. Sometimes it masquerades as a "browser enhancer" or "download accelerator" to hide its devious intent. Other variants, dubbed "drive-by downloads," are instantly triggered by clicking on banner ads (a technical trick), or by downloading a screen saver. And even if you vow to never click on anything you don't trust, you may still be hit: new versions can load and upgrade without the user doing anything.
Even spyware that aims to do little more than change your default home page or pose some other kind of nuisance can exact a hidden price. As it runs unseen in the background, it can suck up memory and CPU usage, especially when several versions of the spyware are running at the same time. This can often bring a machine to a complete crawl and generate many frantic calls to the help desk. Worse, spyware can be designed to either fix or reinstall itself even as it is being removed, much like DNA's ability to heal itself.
Reader Comments» Post a comment