Security: Cyber espionage
Spyware is a problem that has become as ubiquitous as the internet itself. The quarantining solutions proffered by some developers could in fact only serve to exacerbate the problem. Frank Coggrave reports
June 09, 2004 at 08:03 PM
6 minute read
In the face of recent viruses, such as Sasser and Netsky, spyware might not seem an important risk to business. But malicious spyware is a serious threat that cannot be ignored. Traditionally, spy-ware surreptitiously and invisibly gathers information on a user and transmits the information back to website operators, who then use the data to present users with targeted adverts. Or they sell their database of internet usage statistics to other organ-isations. But to play down the real threat of spy-ware, and the risk for misuse, would be to vastly underestimate the potential harm it can cause.
Take the example of a big investment house that was recently a victim of hacking and fraud that resulted from a malicious form of spyware. A day trader at the stockbrokers was shocked to dis-cover that he had lost more than $40,000 (£26,000) after installing what he thought was a market analysis program. This later turned out to be a keylogger application that transmitted his account login details and passwords back to a hacker. Thankfully, the hacker has since been tracked down, but the incident cannot have done much good for the company's reputation.
Unfortunately, this example is not an isolated case. Perhaps more troubling is the reality that hackers using spyware can commit not just fraud, but industrial espionage. After all, if spyware can be installed covertly on anyone's PC, determined hackers could target those with access to financial reports, confidential business information or client reports and send these surreptitiously through the firewall without the user even knowing.
The problem for businesses is that spyware is prolific. It is estimated that 90% of PCs with internet access are infected with spyware. Add to this the fact that the average spyware program transmits copious amounts of data – typically 300 items of personal information totalling 1MB of data from each infected machine every day – and it is easy to see why spy-ware is a growing problem for business today.
One major insurance company recently ran reports and found out that it had sent 800,000 out-bound spyware messages in just four days. Likewise, a large consultancy that installed anti-spyware software discovered that it had blocked 1.6 million out-bound spyware messages in less than two months.
Until the widespread emergence of the internet, spyware was not even a problem. Since the internet was first adopted as a useful tool for working and communicating, it has enabled viruses, worms and spyware programs to spread rapidly. Unlike other pieces of malicious code, however, a user might not realise that their IT system has been infected by spyware.
According to Websense's 2004 Web@Work survey, there is a huge discrepancy between employees' knowledge and understanding of spyware and the reality that IT managers discover on corporate workstations. For example, only 6% of employees who access the internet at work claim to have ever visited any websites that contain spyware while at work. Compare this to the 90% of PCs that are affected by spyware. And what's more, IT managers say that spyware is on the rise, with 40% of managers believing the number of spyware-infected workstations at their organisation has increased.
The trouble with spyware is that it often appears after users download software through seemingly legitimate products. These include anything from file-sharing and instant messaging applications, to e-mail customisation (such as hot bars) and click-throughs on online advertisements. Without realising it, users are inadvertently opening the door to spyware – unless they stop to read the small print in the online licence agreement.
One of the most popular examples of spyware infecting computers is via downloading files from Web sites such as Kazaa or Grokster. More covert forms of spyware exploit vulnerabilities in Internet browsers, or can be found in seemingly innocuous software programs, such as parental and employee monitoring tools.
Spyware is also becoming more intelligent. For example, it can download onto a users sound-card, or if there is a microphone on the PC, enable the intruder to potentially listen in on confidential conversations. These surveillance forms of spyware are markedly more dangerous than basic adware that spawns multiple windows featuring advertising information.
From this perspective, spyware represents a breach of company privacy that could open the door for rival businesses to gain access to secret company documents. More pertinently for law firms, it could jeopardise the confidentiality of classified client information. In a worse case scenario, if left unmanaged, this could result in time-consuming lawsuits costing hundreds of thousands of pounds for organisations.
For IT managers, spyware is seen at best as a nuisance eating up bandwidth capacity on the network, or at worst as an expensive threat that destroys entire hard drives (in cases where spyware is so embedded it is impossible to free the machine).
The trouble with spyware is that it is very difficult to locate where it is hidden, especially because spy-ware applications are continually finding new ways to evade detection. However, there are some simple steps that can mitigate a company's risk. Spyware is not obvious, unlike viruses that intend to damage machines and so make their presence felt.
To manage the control of spyware across every aspect of the business, it is paramount to have a company internet-use policy in place so that every user is aware of the dangers. If employees are allowed to download software to their PCs, reading the online licence agreement, however small the print, should be enforced throughout the organisation.
Until recently, spyware was not included in most company's security policies, simply because conventional security products do not protect machines from this type of attack. Spyware programmes are not viruses, so anti-virus software fails to protect a company's IT infrastructure from this threat. Likewise, installing a firewall is also almost useless in the face of spyware, given that many spyware programs communicate through the same internet port as general web traffic.
To make matters worse, some of the anti-spyware software that claims to delete existing spyware files from IT systems and protect the infrastructure from future threats, are alleged to install their own spy-ware programs when downloaded. This is a serious problem and one that legal authorities in the US and Europe are looking at addressing fast.
The only solution for IT managers in a corporate environment is to install anti-spyware products that automatically prevent users from downloading and installing programs that contain spyware. It will also ensure that any spyware application already installed on a user's PC is unable to run and thus stop it from transmitting confidential information.
Given the dangers of spyware, IT managers who have no such solutions in place already should seriously consider investing in these tools as a key part of their IT security portfolio.
Frank Coggrave is the UK regional director for Websense.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
Skadden to Close in Shanghai and Make Cuts to China Corporate Practice
DWF Group's Canadian Firm Set to Add Fourth Office With 16-Lawyer Montreal Team
UK Law Firms Face £75M Money Laundering Investigations Alongside Russia Scrutiny
3 minute readTrending Stories
- 1The Law Firm Disrupted: Playing the Talent Game to Win
- 2A&O Shearman Adopts 3-Level Lockstep Pay Model Amid Shift to All-Equity Partnership
- 3Preparing Your Law Firm for 2025: Smart Ways to Embrace AI & Other Technologies
- 4BD Settles Thousands of Bard Hernia Mesh Lawsuits
- 5A RICO Surge Is Underway: Here's How the Allstate Push Might Play Out
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
