Bugged by Spyware?
Do you know what your company’s computers are doing right now? Sure, they’re being used to run your business. But what else are they up to behind your back? Are there any other programs running silently in the background, monitoring employee activity and sending confidential information about your company back to other organisations? Unbelievable though it may sound, there’s a pretty good chance that this is indeed the case in your company.
According to a recent survey conducted by UK-based security consultancy PanSec, more than 90% of all company PCs are infected with so-called “spyware”. This is the term given to software that gets installed without the user’s permission and which covertly gathers and transmits data about the usage of the machine.
A report by IT market analysts The Aberdeen Group claims that there are more than 7,000 spyware programs in existence right now, running on millions of corporate and personal computers.
No computer that’s linked to the Internet is immune. A spyware program isn’t technically a virus so most antivirus scanners don’t attempt to stop it. And spyware doesn’t exploit bugs in Windows, so installing all the latest Microsoft security patches can’t prevent it either.
Spyware gets into a PC by being bundled with legitimate products. If you download and install any of the best-known file sharing applications, for example, you have no choice but to accept the spyware that it also installs and through which the free services are often funded.
Once installed, spyware starts monitoring the way that the computer is used and feeding back the information to the Website operators who sponsored the program’s distribution. The site operators want to understand precisely how a visitor travels through their site, and which menu options he or she clicks on. They want to know which other sites are visited, for how long, at what time of day, and which types of adverts get clicked. They want to know which applications are installed on the victim’s computer, and where he or she is based (which can be gathered from the user’s email address or the phone number programmed into the modem).
The spyware distributors then use all this information to present your staff with adverts for products that they hope you’re most likely to buy. And the database of usage statistics also gets sold to other marketing companies and spammers.
But does spyware really matter? What does it matter if everyone knows the intimate details of your staff’s surfing or shopping habits? Not only is it an invasion of privacy, it can also be a security risk. Do you really want a collection of large marketing organisations to know everything your employees use the Internet for? For example, if staff are researching new products or sending emails to potential clients, is it really acceptable for details of such activity to be disclosed to all and sundry?
Poorly written spyware programs can, and often do, cause PC crashes and network slowdowns. Sending all this data back to the database also takes time and consumes network bandwidth, thus slowing down your Web surfing and emailing (and costing you money, if you’re paying for network bandwidth according to total or peak usage).
And some spyware is particularly malicious. For example a web site called Lover Spy will, for $89, send email to 5 of your current or former partners inviting them to click on a Web page to read an online message about how much you still miss them. When the recipient installs the free program necessary to display the card, it also plants spyware which records all their keystrokes and passwords and emails them to you. It even installs a remote control application allowing you full access to their computer via the Internet.
Spyware can cost you serious money, too. In the US recently, an investment broker lost $40,000 after installing what he thought was a market analysis program but which turned out to be a transmitting his account login details to hackers.
Spyware is already a big problem around the world. In Europe, 1 in 3 companies has detected spyware on its network. And the typical spyware program is prolific, typically transmitting 300 items of personal information, totalling some 1 MB of data, from each infected machine every day.
So which software includes spyware? Among the most prolific offenders are the file sharing and swapping sites such as Kazaa, which are used by millions of Internet users to exchange files such as music and videos. The Kazaa software also includes a number of spyware programs which monitor your use of the system and help the company present you with targeted advertising in order to finance the free service.
At present, the legal situation regarding installing spyware without the computer user’s permission is a grey area. There is, though, a move afoot in the US to force software authors to declare up-front if installing their program will also install spyware. Many programs do already do this, but the details are buried in the small print of a long, complicated online licence agreement that most people agree to with a single click and without bothering to read.
If you’re worried about spyware on your PCs, here are our top tips for dealing with the problem.
1. Software authors often go to considerable lengths to hide the fact that their products include spyware, so it may not be immediately obvious whether there’s any on your PC. Check the small print of the licence agreement before installing any freeware or shareware.
2. Get into the habit of uninstalling any software that you don’t regularly use.
3. Some of the most common spyware applications include Gator (also known as GAIN), BonziBUDDY and Comet Cursor, each of which is included with many freeware and shareware products. If these products are mentioned within any of the programs you use, your computer is probably infected with at least one spyware tool.
4. Spyware programs aren’t viruses, so installing antivirus software doesn’t fully protect you from spyware.
5. Many spyware programs communicate through the same Internet port (80) as general Web traffic, thus making it very difficult to block data transmission using a firewall.
7. If you are responsible for IT in a corporate environment, seriously consider the use of products such as Websense Enterprise which automatically prevents users from downloading and installing programs which contain spyware. It will also ensure that any spyware application already installed on the user’s PC is unable to run, and thus stops it from transmitting confidential information.
Websense Inc. (NASDAQ: WBSN) is the world’s leading provider of employee Internet management solutions. Websense Enterprise software enables organisations to manage how employees use their computing resources, including Internet access, desktop applications and network bandwidth. These solutions help improve productivity and security, conserve information technology resources, and mitigate legal liability for our customers. Websense serves approximately 20,000 customers worldwide, including many of the world’s largest corporations. For more information, visit Websense Enterprise.